SlideShare a Scribd company logo

CyberSecurity Cyber24x7.pdf

Varinder K
Varinder K

Cyber24x7 Cybersecurity awareness slides to make users aware of company policies , information security issues , phishing emails etc. Well explained crisp information security slides covering 27001 awareness.

Technology
1 of 17
Download to read offline
Importance of Cybersecurity  The internet allows an attacker to work from anywhere on the planet.  Risks caused by poor security knowledge and practice:  R & D , Patents, Intellectual Property Theft  Identity Theft  Monetary Theft  Legal Ramifications (for yourself and your organization)  Sanctions or termination if policies are not followed  According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  Mobiles  Chat clients  Web Applications  Excessive User Rights
Cybersecurity is Safety • Information Security: We must protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology • Resilience : We must ensure resilience in our systems to survive against any attacks.
What is Information Security? • Ensure the confidentiality, integrity, and availability of information through safeguards (Information Security) • Ensure that the information will not be disclosed to unauthorized individuals or processes (Confidentiality) • Ensure that the condition of information has not been altered or destroyed in an unauthorized manner, and data is accurately transferred from one system to another (Integrity) • Ensure that information is accessible and useable upon demand by an authorized person (Availability)
Leading Threats • Viruses • Worms - WannaCry • Trojan Horses / Logic Bombs • Social Engineering • Rootkits • Botnets / Zombies • Hackers
Social Engineering • Social engineering is a technique to manipulate people into performing actions or divulging confidential information. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or access computer systems. Phone Call: Phone Call: Phone Call: This is John, the System Administrator. What is your password? Email: Email: Email: ABC Bank has noticed a problem with your account… In Person: In Person: In Person: What city you are from ? Your mother’s maiden name? and have some lovely software patches! I have come to repair your machine…
Phishing: Counterfeit Email • Phishing: A seemingly trustworthy entity asks for sensitive information such as SSN, credit card numbers, login IDs or passwords via e-mail
Phishing: Counterfeit Email
Phishing: Counterfeit Email
Physical Access Controls • All employees need to wear their ID cards while entering the premises. • Do not let anyone tail-gate while you enter critical areas like Data center or Server room or UPS room etc. • You are required to cooperate with the guards during frisking to ensure our own security. • Employees should inform all visitors not to carry any weapon or tobacco products while entering the premises of the company during visits/meetings. • Wipe of the boards while meeting is over before you vacate the meeting rooms. • Ensure mobile devices are protected and note left unattended while you are travelling or visiting company areas which are not under CCTV monitoring. • Ensure that you are aware if fire safety norms, usage of fire extinguishers and emergency numbers.
Security Etiquette • Good Security Standards follow the “80 / 20” Rule: • 20% of security safeguards are technical • 80% of security safeguards rely on the computer user (“YOU”) to adhere to good computing practices • Example: The lock on the door is the 20% control. Your responsibility is 80% which includes tasks such as remembering to lock, checking to see if it is properly locked, ensuring others do not prop the door open, keeping control of keys. 20% security by lock is worthless without YOU! • “A study reveals that the vast majority of security breaches are the result of a human error rather than technology flaws.” Best of technology fails if users do not adopt good security practices/procedures. See report from Verizon : https://www.verizon.com/business/resources/reports/dbir/
E-mail Usage • Sending mails to public accounts such as gmail, yahoo etc is prohibited unless approved by HOD. • All emails going out of the company are scanned and tracked using state of the security technology • Employees should not forward sensitive or confidential information via e- mail without authorization. • Employees are prohibited from sending/storing unofficial files using e- mails. • Employees should not write abusive, racist or otherwise inappropriate comments in e-mails. • Don’t forward chain mails with jokes, multimedia file and other non- productive content. • Report spam/unsolicited messages to
Internet Usage • Use internet for business purpose only • Chatting, accessing job sites, YouTube, Social Media, checking movie clips is prohibited • Do Not access sites that may be considered to be obscene, racist, sexist, or otherwise offensive • Accessing unofficial mail sites (Yahoo, Hotmail, Rediff, or others) and online chat sites is prohibited • Do not upload or send confidential company information (e.g. credit cards, ATMs, or e-funds transfer information ) through the Internet • Do Not download or use copyright, trademark or patent protected information • Do Not post personal opinion or sensitive information to chat rooms, bulletin boards, or forums • Do not subscribe to unofficial sites without approval from your HOD. • Access to Internet Is Monitored and Logged Regularly. Your systems can be audited any time by IT /IT Security team.
Desktop/Laptop Data Security • Do not share your Login ID’s such as system login, Server login or Network login IDs • Do not use other’s ID, Access company resources with your own ID only. • Do not fiddle with security settings of your systems • Do not use corporate hardware for personal use • Do not use personal storage devices/USB’s on corporate network/hardware • Store confidential data in the file servers with access controls • Follow clear desk and clear screen guidelines to protect information • Lock you desktop/laptop while you leave your workspace for a break • Periodic Audits Are Done to Ensure Compliance With All These Policies
Software Compliance • Do not download or install any software on your computer without a clearance from the IT support teams • Installation of unauthorized Software (e.g. Yahoo messenger, Skype, Mobile PC suites, games, MP3 files, etc) is strictly prohibited as per the company policy and can result in disciplinary action. • In case you observe any such software on your system, please inform your manager & the Information security team immediately.
Password Security • Set minimum eight character password with a combination of upper case, lower case, numbers, and special characters like @, %, ^, &, and *. • Do not use your name, surname, city etc in the password • Do not share a password with anyone • Do not write your password or store critical passwords in the browsers. • Change your password on a regular basis as per security policy of the company. • Use a separate password for your work and personal accounts
CyberSecurity Cyber24x7.pdf

Recommended

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxMeesanRaza
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Information security
Information securityInformation security
Information securityShanthamallachar D B
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfMansoorAhmed57263
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 

Recommended

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxMeesanRaza
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Information security
Information securityInformation security
Information securityShanthamallachar D B
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfMansoorAhmed57263
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat ModelsGeoffrey Vaughan
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeNet at Work
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Mujeeb Riaz
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cyber security
Cyber security Cyber security
Cyber security ZwebaButt
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxKevinRiley83
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxvasidharta
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security PracticeBrian Pichman
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxsantosh26kumar2003
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation dhirujapla
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityAdeel Younas
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 

More Related Content

Similar to CyberSecurity Cyber24x7.pdf

Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeNet at Work
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Mujeeb Riaz
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cyber security
Cyber security Cyber security
Cyber security ZwebaButt
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxKevinRiley83
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxvasidharta
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security PracticeBrian Pichman
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation dhirujapla
 

Similar to CyberSecurity Cyber24x7.pdf (20)

Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity Challenge
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cyber security
Cyber security Cyber security
Cyber security
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptx
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security Practice
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygiene
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

CyberSecurity Cyber24x7.pdf

  • 1.
  • 2. Importance of Cybersecurity  The internet allows an attacker to work from anywhere on the planet.  Risks caused by poor security knowledge and practice:  R & D , Patents, Intellectual Property Theft  Identity Theft  Monetary Theft  Legal Ramifications (for yourself and your organization)  Sanctions or termination if policies are not followed  According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  Mobiles  Chat clients  Web Applications  Excessive User Rights
  • 3. Cybersecurity is Safety • Information Security: We must protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology • Resilience : We must ensure resilience in our systems to survive against any attacks.
  • 4. What is Information Security? • Ensure the confidentiality, integrity, and availability of information through safeguards (Information Security) • Ensure that the information will not be disclosed to unauthorized individuals or processes (Confidentiality) • Ensure that the condition of information has not been altered or destroyed in an unauthorized manner, and data is accurately transferred from one system to another (Integrity) • Ensure that information is accessible and useable upon demand by an authorized person (Availability)
  • 5. Leading Threats • Viruses • Worms - WannaCry • Trojan Horses / Logic Bombs • Social Engineering • Rootkits • Botnets / Zombies • Hackers
  • 6. Social Engineering • Social engineering is a technique to manipulate people into performing actions or divulging confidential information. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or access computer systems. Phone Call: Phone Call: Phone Call: This is John, the System Administrator. What is your password? Email: Email: Email: ABC Bank has noticed a problem with your account… In Person: In Person: In Person: What city you are from ? Your mother’s maiden name? and have some lovely software patches! I have come to repair your machine…
  • 7. Phishing: Counterfeit Email • Phishing: A seemingly trustworthy entity asks for sensitive information such as SSN, credit card numbers, login IDs or passwords via e-mail
  • 10. Physical Access Controls • All employees need to wear their ID cards while entering the premises. • Do not let anyone tail-gate while you enter critical areas like Data center or Server room or UPS room etc. • You are required to cooperate with the guards during frisking to ensure our own security. • Employees should inform all visitors not to carry any weapon or tobacco products while entering the premises of the company during visits/meetings. • Wipe of the boards while meeting is over before you vacate the meeting rooms. • Ensure mobile devices are protected and note left unattended while you are travelling or visiting company areas which are not under CCTV monitoring. • Ensure that you are aware if fire safety norms, usage of fire extinguishers and emergency numbers.
  • 11. Security Etiquette • Good Security Standards follow the “80 / 20” Rule: • 20% of security safeguards are technical • 80% of security safeguards rely on the computer user (“YOU”) to adhere to good computing practices • Example: The lock on the door is the 20% control. Your responsibility is 80% which includes tasks such as remembering to lock, checking to see if it is properly locked, ensuring others do not prop the door open, keeping control of keys. 20% security by lock is worthless without YOU! • “A study reveals that the vast majority of security breaches are the result of a human error rather than technology flaws.” Best of technology fails if users do not adopt good security practices/procedures. See report from Verizon : https://www.verizon.com/business/resources/reports/dbir/
  • 12. E-mail Usage • Sending mails to public accounts such as gmail, yahoo etc is prohibited unless approved by HOD. • All emails going out of the company are scanned and tracked using state of the security technology • Employees should not forward sensitive or confidential information via e- mail without authorization. • Employees are prohibited from sending/storing unofficial files using e- mails. • Employees should not write abusive, racist or otherwise inappropriate comments in e-mails. • Don’t forward chain mails with jokes, multimedia file and other non- productive content. • Report spam/unsolicited messages to
  • 13. Internet Usage • Use internet for business purpose only • Chatting, accessing job sites, YouTube, Social Media, checking movie clips is prohibited • Do Not access sites that may be considered to be obscene, racist, sexist, or otherwise offensive • Accessing unofficial mail sites (Yahoo, Hotmail, Rediff, or others) and online chat sites is prohibited • Do not upload or send confidential company information (e.g. credit cards, ATMs, or e-funds transfer information ) through the Internet • Do Not download or use copyright, trademark or patent protected information • Do Not post personal opinion or sensitive information to chat rooms, bulletin boards, or forums • Do not subscribe to unofficial sites without approval from your HOD. • Access to Internet Is Monitored and Logged Regularly. Your systems can be audited any time by IT /IT Security team.
  • 14. Desktop/Laptop Data Security • Do not share your Login ID’s such as system login, Server login or Network login IDs • Do not use other’s ID, Access company resources with your own ID only. • Do not fiddle with security settings of your systems • Do not use corporate hardware for personal use • Do not use personal storage devices/USB’s on corporate network/hardware • Store confidential data in the file servers with access controls • Follow clear desk and clear screen guidelines to protect information • Lock you desktop/laptop while you leave your workspace for a break • Periodic Audits Are Done to Ensure Compliance With All These Policies
  • 15. Software Compliance • Do not download or install any software on your computer without a clearance from the IT support teams • Installation of unauthorized Software (e.g. Yahoo messenger, Skype, Mobile PC suites, games, MP3 files, etc) is strictly prohibited as per the company policy and can result in disciplinary action. • In case you observe any such software on your system, please inform your manager & the Information security team immediately.
  • 16. Password Security • Set minimum eight character password with a combination of upper case, lower case, numbers, and special characters like @, %, ^, &, and *. • Do not use your name, surname, city etc in the password • Do not share a password with anyone • Do not write your password or store critical passwords in the browsers. • Change your password on a regular basis as per security policy of the company. • Use a separate password for your work and personal accounts