SlideShare a Scribd company logo
1 of 79
The Role of the "Human Factor" in Protecting
Information
Jack Pringle
Adams and Reese LLP
(803) 343-1270
jack.pringle@arlaw.com
@jjpringlesc
https://www.linkedin.com/in/jack-pringle-5834554
http://www.slideshare.net/jjpringle317
A Word on Redaction
Setting the Context
• Putting technology TOOLS in context
• Why You Employ the Tools: Proper
Management of Confidential and Sensitive
Information
• Security is Not the Default Setting in a
Connected World
Overview
• Skeptical is Not the Default Setting for Humans,
Particularly Now
• Trust, belief, impatience/urgency, greed, (and
lust) are the Default Settings for Humans
• Machines accelerate and encourage those
Defaults
• Changing those defaults and creating aware
people are a crucial part of any security program
Introduction- Technology as a Tool
• "Technology is a very human activity, and
so is the history of technology." - Melvin
Kranzberg
• "If you think security is a technology
problem, then you don't understand the
problem, and you don't understand
security."-Bruce Schneier
Crucial Security Points
• Security is NOT the Default in a Connected
World
• Security is a Process, Not a Product
(Security is not “Done”)
• Tension between security and human
defaults
Unique Challenges of a
Connected World
• Computer networks default to open
• Access to many more powerful machines
• On the Internet, No One Knows You Are a
Dog.
What We Do
Ethical Obligations
• Provide competent representation (1.1)
• Keep information confidential (1.6)
• Keep property safe (1.15)
• Manage and supervise (5.1 and 5.3)
Legal Obligations
• SC Breach Notification Law
• HIPAA
• GLBA
• Confidentiality Agreements and Protective
Orders
Why Protect It?
• What is confidential?
• What is sensitive?
• Why does it matter?
Thought Experiment
That Era’s Con Man
So What Has Changed?
Bits, Not Atoms
The Network Has Extended
Tools More Powerful
Networks Have Blurred
The Dogs Have Access to Your Networks
Not Much Time to Adapt to These Tools
Don’t Blink
Changing Our Practices
Our New Defaults . . .
Human Defaults Have Not Changed
Why is This Our Default?
The Con Sits in Your Office, and
Plays on Your Default
“Everything that I did is so much
simpler now.”- Frank Abdingdale
The Consequences of the Default
More …
Tools To Reset the Defaults
Processes to Change the Defaults
Change to the Human Default
Access Control- Change the Default
from “Everyone Welcome”
Manage Insider Threats
• Access Control
• Dual Control
• Segment
Layered Security
No Technology Tool Can
Keep All the Bad Stuff Out
of Your Inbox
Why is the Human Layer So Important?
Because Everybody Clicks By Default
Pausing Through the Default
Avoiding Wire Transfer Fraud
Wire Transfer Fraud
• Fraudster sends an email that appears
to be from a legitimate source
(jack.pringle@arlav.com)
• Informs the recipient of a change in
wiring instructions
• Recipient wires funds to the fraudster’s
bank
Ransomware: The Wages of Clicking
Malware that encrypts (locks up) files so you
can’t use them (and then demands a ransom).
Not a Drive-By Download
Don’t Get Excited About Getting Paid
Verify Authority
Hover (Without Clicking)
Jack.pringle@arlaw.com
Jack.pringle@arlaw.com
Jack.pringle@arlav.com
No Person’s-Land
Is this Backup?
Encourage Rapid Reporting
Takeaways
• Don’t Click on attachments and links in
emails from senders you don’t recognize;
• Verify (in person or on the phone) messages
from people you THINK you know
BEFORE YOU CLICK;
• Pause and don’t get conned.
• Don’t store documents on your work station
Manage and Train
More Questions
• Your Service Providers (What
Are They Handling?)
• Security Breaches (Got a Plan?)
• Disaster Recovery? (Got a Plan?)
Conclusion (Part One)
Conclusion (Part Two)
Resources
SANS, Securing the Human https://www.sans.org/security-awareness-training
SEC Report of Cyber-Related Frauds, SECURITIES EXCHANGE ACT OF 1934 Release No. 84429 /
October 16, 2018 https://www.sec.gov/litigation/investreport/34-84429.pdf
American Bar Association, Formal Opinion 483, “Lawyers’ Obligations After an Electronic Data Breach
or Cyberattack,” Issued October 17, 2018
https://www.americanbar.org/content/dam/aba/administrative/professional_responsibility/aba_formal_op
_483.pdf
ALTA Title Insurance and Settlement Company Best Practices
https://www.alta.org/bestpractices/start.cfm
Ransomware Victims Urged to Report Infections to Federal Law Enforcement
https://www.ic3.gov/media/2016/160915.aspx
“BofA Denies Liability for Wire Transfer After Law Firm ‘Took the Bait’ in Phishing Scam”
https://www.law.com/thelegalintelligencer/2018/06/29/bofa-denies-liability-for-wire-transfer-after-law-
firm-took-the-bait-in-phishing-scam/
More Resources
Cybersecurity for Small Business
https://www.ftc.gov/tips-advice/business-
center/small-businesses/cybersecurity
NIST Small Business Corner
https://www.nist.gov/programs-projects/small-
business-corner-sbc

More Related Content

What's hot

Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Infosecurity2010
 
29386971 hacking
29386971 hacking29386971 hacking
29386971 hacking
joeymar143
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_Tyco
Matt Frowert
 

What's hot (20)

Hackers
HackersHackers
Hackers
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINT
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
 
The Most Common Failure With Today's Defences
The Most Common Failure With Today's DefencesThe Most Common Failure With Today's Defences
The Most Common Failure With Today's Defences
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To Prepare
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
 
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test CampaignInfographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
 
10 things you should know about cybersecurity
10 things you should know about cybersecurity10 things you should know about cybersecurity
10 things you should know about cybersecurity
 
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thCYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To Basics
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Do it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 PresentationDo it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 Presentation
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Insider threat
Insider threatInsider threat
Insider threat
 
29386971 hacking
29386971 hacking29386971 hacking
29386971 hacking
 
Управление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзииУправление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзии
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_Tyco
 

Similar to "We Have Met the Enemy and He Is Us": The Role of the Human Factor in Protecting Information

itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
North Texas Chapter of the ISSA
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
NTEN
 

Similar to "We Have Met the Enemy and He Is Us": The Role of the Human Factor in Protecting Information (20)

02-overview.pptx
02-overview.pptx02-overview.pptx
02-overview.pptx
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
 
Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Cloud Security - Idealware
Cloud Security - IdealwareCloud Security - Idealware
Cloud Security - Idealware
 
How to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingHow to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's Clothing
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
 
Physician Office Presentation
Physician Office PresentationPhysician Office Presentation
Physician Office Presentation
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secure
 
Top 12 Threats to Enterprise
Top 12 Threats to EnterpriseTop 12 Threats to Enterprise
Top 12 Threats to Enterprise
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Dr. Alan Shark
Dr. Alan SharkDr. Alan Shark
Dr. Alan Shark
 
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 

More from Jack Pringle

Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
Jack Pringle
 

More from Jack Pringle (20)

2024-02-16 Building Soul Force- Changing to Stay Stable in Challenging Times.pdf
2024-02-16 Building Soul Force- Changing to Stay Stable in Challenging Times.pdf2024-02-16 Building Soul Force- Changing to Stay Stable in Challenging Times.pdf
2024-02-16 Building Soul Force- Changing to Stay Stable in Challenging Times.pdf
 
Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
Consider Your Own Black Box: Evaluating Human Intelligence Alongside Artifici...
 
People, Processes, AND Technology: Use All Three to Avoid Missing a Filing De...
People, Processes, AND Technology: Use All Three to Avoid Missing a Filing De...People, Processes, AND Technology: Use All Three to Avoid Missing a Filing De...
People, Processes, AND Technology: Use All Three to Avoid Missing a Filing De...
 
2022 Resources to Create Space and Build Resilience
2022 Resources to Create Space and Build Resilience2022 Resources to Create Space and Build Resilience
2022 Resources to Create Space and Build Resilience
 
Effects of Recent U.S. Supreme Court Decisions on Arbitrations and Class Acti...
Effects of Recent U.S. Supreme Court Decisions on Arbitrations and Class Acti...Effects of Recent U.S. Supreme Court Decisions on Arbitrations and Class Acti...
Effects of Recent U.S. Supreme Court Decisions on Arbitrations and Class Acti...
 
From Breaking Down Doors to Building Back Doors
From Breaking Down Doors to Building Back DoorsFrom Breaking Down Doors to Building Back Doors
From Breaking Down Doors to Building Back Doors
 
Make Sure the Tool Isn't You
Make Sure the Tool Isn't YouMake Sure the Tool Isn't You
Make Sure the Tool Isn't You
 
Because It's Like That ... and That's The Way It Is
Because It's Like That ... and That's The Way It IsBecause It's Like That ... and That's The Way It Is
Because It's Like That ... and That's The Way It Is
 
Check your head
Check your headCheck your head
Check your head
 
Summon Your Dayman (or Daywoman): Seven Ways to Use Technology to Become a Ma...
Summon Your Dayman (or Daywoman): Seven Ways to Use Technology to Become a Ma...Summon Your Dayman (or Daywoman): Seven Ways to Use Technology to Become a Ma...
Summon Your Dayman (or Daywoman): Seven Ways to Use Technology to Become a Ma...
 
Grace and Gratitude: Arthur Morehead and Living Well
Grace and Gratitude: Arthur Morehead and Living WellGrace and Gratitude: Arthur Morehead and Living Well
Grace and Gratitude: Arthur Morehead and Living Well
 
We Have Met the Enemy, and He is Us: The Role of the "Human Factor" in Protec...
We Have Met the Enemy, and He is Us: The Role of the "Human Factor" in Protec...We Have Met the Enemy, and He is Us: The Role of the "Human Factor" in Protec...
We Have Met the Enemy, and He is Us: The Role of the "Human Factor" in Protec...
 
Resources for Lawyers to Help Create Space
Resources for Lawyers to Help Create SpaceResources for Lawyers to Help Create Space
Resources for Lawyers to Help Create Space
 
When Thinking Like a Lawyer Gets You Stuck: Practical Tools for Creating Spac...
When Thinking Like a Lawyer Gets You Stuck: Practical Tools for Creating Spac...When Thinking Like a Lawyer Gets You Stuck: Practical Tools for Creating Spac...
When Thinking Like a Lawyer Gets You Stuck: Practical Tools for Creating Spac...
 
Yes, We're Talking About Process: Blockchains and How Lawyers Might Use Them
Yes, We're Talking About Process: Blockchains and How Lawyers Might Use ThemYes, We're Talking About Process: Blockchains and How Lawyers Might Use Them
Yes, We're Talking About Process: Blockchains and How Lawyers Might Use Them
 
Courage, Curiosity, and Connection: Practical Tools for Keeping Your Head Whi...
Courage, Curiosity, and Connection: Practical Tools for Keeping Your Head Whi...Courage, Curiosity, and Connection: Practical Tools for Keeping Your Head Whi...
Courage, Curiosity, and Connection: Practical Tools for Keeping Your Head Whi...
 
Using Social Media Ethically
Using Social Media EthicallyUsing Social Media Ethically
Using Social Media Ethically
 
Courage, Curiosity, and Connection
Courage, Curiosity, and ConnectionCourage, Curiosity, and Connection
Courage, Curiosity, and Connection
 
Creating Space
Creating SpaceCreating Space
Creating Space
 
Making Sure the Tool Isn't You: Train Your Brain to Use Technology (So That N...
Making Sure the Tool Isn't You: Train Your Brain to Use Technology (So That N...Making Sure the Tool Isn't You: Train Your Brain to Use Technology (So That N...
Making Sure the Tool Isn't You: Train Your Brain to Use Technology (So That N...
 

Recently uploaded

一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
F La
 
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
F La
 
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
doypbe
 
Katarungang pambarangay forms-uses and applications
Katarungang pambarangay forms-uses and applicationsKatarungang pambarangay forms-uses and applications
Katarungang pambarangay forms-uses and applications
judeplata
 
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
mefyqyn
 
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
trryfxkn
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
F La
 

Recently uploaded (20)

Embed-2-2.pdf[[app[r[prf[-rk;lme;[ed[prp[
Embed-2-2.pdf[[app[r[prf[-rk;lme;[ed[prp[Embed-2-2.pdf[[app[r[prf[-rk;lme;[ed[prp[
Embed-2-2.pdf[[app[r[prf[-rk;lme;[ed[prp[
 
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
 
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
 
Petitioner Moot Memorial including Charges and Argument Advanced.docx
Petitioner Moot Memorial including Charges and Argument Advanced.docxPetitioner Moot Memorial including Charges and Argument Advanced.docx
Petitioner Moot Memorial including Charges and Argument Advanced.docx
 
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy NovicesIt’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science  in LawElective Course on Forensic Science  in Law
Elective Course on Forensic Science in Law
 
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
一比一原版(OSU毕业证书)俄亥俄州立大学哥伦布分校毕业证原件一模一样
 
ORane M Cornish affidavit statement for New Britain court proving Wentworth'...
ORane M Cornish affidavit statement  for New Britain court proving Wentworth'...ORane M Cornish affidavit statement  for New Britain court proving Wentworth'...
ORane M Cornish affidavit statement for New Britain court proving Wentworth'...
 
Common Legal Risks in Hiring and Firing Practices.pdf
Common Legal Risks in Hiring and Firing Practices.pdfCommon Legal Risks in Hiring and Firing Practices.pdf
Common Legal Risks in Hiring and Firing Practices.pdf
 
The Main Procedures for a Divorce in Greece
The Main Procedures for a Divorce in GreeceThe Main Procedures for a Divorce in Greece
The Main Procedures for a Divorce in Greece
 
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxCASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
 
Embed-1-1.pdfohediooieoiehohoiefoloeohefoi
Embed-1-1.pdfohediooieoiehohoiefoloeohefoiEmbed-1-1.pdfohediooieoiehohoiefoloeohefoi
Embed-1-1.pdfohediooieoiehohoiefoloeohefoi
 
Jim Eiberger Rental Agreement Redacted Former Lease.docx
Jim Eiberger Rental Agreement Redacted Former Lease.docxJim Eiberger Rental Agreement Redacted Former Lease.docx
Jim Eiberger Rental Agreement Redacted Former Lease.docx
 
Katarungang pambarangay forms-uses and applications
Katarungang pambarangay forms-uses and applicationsKatarungang pambarangay forms-uses and applications
Katarungang pambarangay forms-uses and applications
 
From Scratch to Strong: Introduction to Drafting of Criminal Cases and Applic...
From Scratch to Strong: Introduction to Drafting of Criminal Cases and Applic...From Scratch to Strong: Introduction to Drafting of Criminal Cases and Applic...
From Scratch to Strong: Introduction to Drafting of Criminal Cases and Applic...
 
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
一比一原版(Indiana State毕业证书)印第安纳州立大学毕业证成绩单原件一模一样
 
posts-harmful-to-secular-structure-of-the-country-539103-1.pdf
posts-harmful-to-secular-structure-of-the-country-539103-1.pdfposts-harmful-to-secular-structure-of-the-country-539103-1.pdf
posts-harmful-to-secular-structure-of-the-country-539103-1.pdf
 
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
一比一原版(McMaster毕业证书)麦克马斯特大学毕业证学历认证可查认证
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
 
5-6-24 David Kennedy Article Law 360.pdf
5-6-24 David Kennedy Article Law 360.pdf5-6-24 David Kennedy Article Law 360.pdf
5-6-24 David Kennedy Article Law 360.pdf
 

"We Have Met the Enemy and He Is Us": The Role of the Human Factor in Protecting Information

Editor's Notes

  1. “If you think security is a technology problem, then you don’t understand the problem, and you don’t understand technology.” Tension Between Security and Convenience (and Collaboration)
  2. Our Extended Mind- Information outside your head, between and among people but also between ideas, news, types of data, So much, so fast, to so many Which is smarter, the lawyer or the computer. Neither. It’s the two together, working side by side. Security is that way, electronic discovery is that way.
  3. Confidence Game:  Creates trust; plays on greed, lust, impatience, inattention.   This is universal. This has taken place forever.  Do you think you have gotten smarter?
  4. https://www.sec.gov/litigation/investreport/34-84429.pdf As noted above, these frauds were not sophisticated in design or the use of technology; instead, they relied on technology to search for both weaknesses in policies and procedures and human vulnerabilities that rendered the control environment ineffective. Having internal accounting control systems that factor in such cyber-related threats, and related human vulnerabilities, may be vital to maintaining a sufficient accounting control environment and safeguarding assets.
  5. https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-exceed-8-billion-in-2018/
  6. Principle of Least Privilege
  7. The firm has very sophisticated tolls to detect and block bad stuff. But no tool is perfect, because the bad actors are always evolving. So all of us, the human layer of security, play a very important role in our security program. And that means pausing before you click.
  8. (Why Launch a Missile When the Screen Door is Left Open)
  9. Out-of-band about not sending financial information via unsecure email. Looking at email addresses.
  10. Out-of-band about not sending financial information via unsecure email. Looking at email addresses.
  11. Example. Very profitable.
  12. You are Going to Get paid
  13. Doing something for your boss
  14. Review their privacy and information security procedures to detect the potential for improper disclosure of confidential information. Audit and Oversight Post your privacy and information security program on your website or provide program information directly to customers. Inform customers and law enforcement as required by law.