Making Information Security Fun

2,668 views

Published on

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,668
On SlideShare
0
From Embeds
0
Number of Embeds
441
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Per the MarkMonitor Brandjacking Index for Spring 2009:Phish attacks targeting social networks have grown 241 percent from Q1 2008 to Q1 2009 and have grown 1,500-fold since we first started tracking the category in 2007.
  • University of North Carolina exposed ssn for about 114,000-180,000 women that was part of a multi-year medical research study. The server with this data stored on it was not located behind a firewall, a minimal security precaution. Fingers were pointed back and forth between the researcher and the IT dept. managing the servers.
  • Making Information Security Fun

    1. 1. Making Information Security FunBen WoelkPolicy and Awareness AnalystInformation Security OfficeRochester Institute of Technology585.475.4122Ben.woelk@rit.edu
    2. 2. Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
    3. 3. Avert Labs Malware Research 3Retrieved July 24, 2009 from:http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
    4. 4. Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
    5. 5. Solution •We needed a plan – Systematic repeatable – Goals – Proactive
    6. 6. Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
    7. 7. What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
    8. 8. RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
    9. 9. Branding Consistency
    10. 10. Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
    11. 11. Social Media • Meet students where they are • Post directly from Facebook to Twitter
    12. 12. Private Information Management
    13. 13. Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
    14. 14. Orientation
    15. 15. Faculty • Participate in faculty events • Hit hot topics
    16. 16. Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16

    ×