SlideShare a Scribd company logo

Cybersecurity Health Checks: An SEO-Optimized Approach

Download as PPTX, PDF
LinkedIn Learning Solutions
LinkedIn Learning Solutions

1) Cybersecurity health checks provide a new approach to assessing cybersecurity that is more affordable and manageable than traditional information security standards. They aim to evaluate an organization's basic security posture and operational defenses through checkups, health tests, and examinations. 2) Cyber Essentials is a certification program that focuses on baseline security and acts as a type of cybersecurity health check. It evaluates security controls like boundary protection, secure configuration, user access control, malware protection, and patching to prevent common technical attacks. 3) The Australian Securities and Investments Commission's Report 429 also adopted aspects of a cybersecurity health check approach. It includes 26 prompts across governance and the five areas of the US Cybersecurity Framework to

Technology
1 of 38
1 Cybersecurity Health Checks: Safeguarding Your Organisation Dr. Malcolm Shore
2 Quick Facts about Lynda.com Government • Major government agencies • Branches of military Corporations • More than half of the Fortune 50 across all key industry sectors Education • 60% of all US colleges and universities 40% of Australian universities 4M+ Members …with 350k paying out of pocket 20 Years Lynda.com was founded in 1995 12,000+ Enterprise Clients …located across 52 countries 6,000+ Courses …available in 5 languages (German, Spanish, French, Japanese) The Global Leader in Online Skills Instruction INTRODUCTION
3 Dr. Malcolm Shore Lynda.com author Technical Director, BAE Systems Applied Intelligence, Australia INTRODUCTION
4 • 1983 - US DoD rainbow series • 1993 – UK PD0003 • 1998 – BS 7799……ISO 27000 • 2005 – NIST Special Publication 800-53 • … but too difficult and costly Information Security Standards BACKGROUND Cybersecurity Health Checks
5 • From Bulletin Boards to the Web • Ubiquitous connectivity across the globe • Clouds aren’t just in the sky… • From email to social media… • From telephone to smartphone • Cyber kill chain … the world has changed Information Security Standards BACKGROUND Cybersecurity Health Checks
6 • Evolution of information security standards lagging • Information security policies ineffective* New Approach BACKGROUND Cybersecurity Health Checks *Doherty, NF and Fulford H. Do Information Security Policies Reduce the Incidence of Security Breaches? 2005
7 • UK Cybersecurity Strategy • Cyber Governance Health Check • top 350 listed companies • only15% of Boards manage cyber risk • only 30% use threat intelligence • Majority of attacks exploit basic weaknesses Information Security Policies BACKGROUND Cybersecurity Health Checks
8 • Term used in audit community • Now used in cybersecurity consulting • Various interpretations … is simply cyber fitness Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
9 • Check-up – unauthorised users, malware • Health test - check network traffic for infections • Full examination - rules, patches, access and privileges - operational defences • Fitness test - external penetration exercise • Cyber insurance Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
10 • Baseline security • Operational focus • Affordable, manageable Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
11 CYBER ESSENTIALS Cybersecurity Health Checks
12 • Prevents low grade technical attacks on • desktop PCs, laptops • tablets, smartphones • email • web applications Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
13 • Boundary devices • Secure configuration • User access control • Malware protection • Patch management Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
14 Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
15 • administrative password must be changed • documented and authorised rules • obsolete rules removed • unnecessary services blocked • administrative interface accessible only internally Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
16 Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks
17 • Issues: • easy to install • no security configured • default administrator accounts and passwords Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks
18 Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks • remove unnecessary default accounts • change default passwords • remove or disable unnecessary applications and services • install personal firewalls on all PCs
19 Cybersecurity Health Checks
20 Cybersecurity Health Checks
21 • Issues: • legacy access • excess privileges User Access Control CYBER ESSENTIALS Cybersecurity health Checks
22 User Access Control CYBER ESSENTIALS Cybersecurity health Checks • minimum privileges • userid and strong passwords • ensure privileged accounts are not used for internet activity • disable or remove accounts when no longer required
23 User Access Control CYBER ESSENTIALS Cybersecurity health Checks
24 • Install anti-virus software • up to date signatures • Use real-time protection • Scan the filebase • Blacklisting known malicious sites Malware Protection CYBER ESSENTIALS Cybersecurity Health Checks
25 • Flaws found by developers, researchers, hackers • Often exploited within 24 hours • Timely patching • Licenced software Patching CYBER ESSENTIALS Cybersecurity Health Checks
26 • Good routine check-up and examination • Does not propose a full cyber fitness test Cyber Essentials – Health Check? CYBER ESSENTIALS Cybersecurity Health Checks
27 • Published March 2015 • Improve cyber resilience • Cyber defence posture • Incident management ASIC Report 429 ASIC REPORT 429 Cybersecurity Health Checks
28 • Adopted in ASIC Report 429 • 26 prompts • 2 governance • 24 across the five Framework areas US Cybersecurity Framework ASIC REPORT 429 Cybersecurity Health Checks
29 • Board and Executive awareness of cyber risk • Assessment against the Cybersecurity Framework Governance ASIC REPORT 429 Cybersecurity Health Checks
30 • What are the essential information and assets? • What are the cyber risks? • Are third party risks considered? • Does enterprise risk management include cyber risks? • Are staff aware of cyber risks? Identify ASIC REPORT 429 Cybersecurity Health Checks
31 • Are security policies and standards up to date? • Have IT systems and processes been tested? • Are there sufficient resources in place? Protect ASIC REPORT 429 Cybersecurity Health Checks
32 • Monitoring for cyber attacks • External engagement Detect ASIC REPORT 429 Cybersecurity Health Checks
33 • Is response planning adequate? • Notifying law enforcement of an attack • Notifying customers of a breach Respond ASIC REPORT 429 Cybersecurity Health Checks
34 • Does the organisation have a recovery plan? Recover ASIC REPORT 429 Cybersecurity Health Checks
35 • Full set of controls • Cyber health checks lost in the noise • A through life fitness programme ASIC Report 429 – Cyber Health Check? ASIC REPORT 429 Cybersecurity Health Checks
36 • Security standards are evolving • Traditional approach is having limited success • Cyber health checks are a more manageable approach • Cyber Essentials provides a health check Conclusion CONCLUSION Cybersecurity Health Checks
37 Resources CONCLUSION Cybersecurity Health Checks
38 Q&A CONCLUSION Cybersecurity Health Checks

Recommended

Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingTonex
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesPECB
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 

Recommended

Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingTonex
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesPECB
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGArul Nambi
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsBen Pournader
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 ImplementationPECB
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45
 
Deep secure holistic protection for ICS
Deep secure holistic protection for ICSDeep secure holistic protection for ICS
Deep secure holistic protection for ICSjohnsdeepsecure
 
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementationhimalya sharma
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
It security iso 27001
It security iso 27001It security iso 27001
It security iso 27001Iris Maaß
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.IGN MANTRA
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedJisc
 
3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee Engagement3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee EngagementLinkedIn Learning Solutions
 
Case Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web PresenceCase Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web PresenceDave Olsen
 

More Related Content

What's hot

All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGArul Nambi
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsBen Pournader
 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 ImplementationPECB
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45
 
Deep secure holistic protection for ICS
Deep secure holistic protection for ICSDeep secure holistic protection for ICS
Deep secure holistic protection for ICSjohnsdeepsecure
 
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementationhimalya sharma
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
It security iso 27001
It security iso 27001It security iso 27001
It security iso 27001Iris Maaß
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.IGN MANTRA
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedJisc
 

What's hot (20)

All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTING
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 steps
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Study
 
Deep secure holistic protection for ICS
Deep secure holistic protection for ICSDeep secure holistic protection for ICS
Deep secure holistic protection for ICS
 
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
It security iso 27001
It security iso 27001It security iso 27001
It security iso 27001
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
ISO 27001 Awareness IGN Mantra 2nd Day, 2nd Session.
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learned
 

Viewers also liked

3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee Engagement3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee EngagementLinkedIn Learning Solutions
 
Case Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web PresenceCase Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web PresenceDave Olsen
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedMike Chapple
 
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...Jim Loter
 
Openness in HE: Choosing our paths
Openness in HE: Choosing our pathsOpenness in HE: Choosing our paths
Openness in HE: Choosing our pathsCatherine Cronin
 
#SXSWedu Quotes: Creating Opportunities
#SXSWedu Quotes: Creating Opportunities#SXSWedu Quotes: Creating Opportunities
#SXSWedu Quotes: Creating OpportunitiesHaiku Deck
 
The 'Knowledge Turn' in the UK National Curriculum
The 'Knowledge Turn' in the UK National CurriculumThe 'Knowledge Turn' in the UK National Curriculum
The 'Knowledge Turn' in the UK National CurriculumMr Cornish
 
ImobSync - Seja um executivo - Maio 2014
ImobSync - Seja um executivo - Maio 2014ImobSync - Seja um executivo - Maio 2014
ImobSync - Seja um executivo - Maio 2014Victor Imobsync
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterPhil Agcaoili
 
Return of Video eLearning as DIY (Do It Yourself)
Return of Video eLearning as DIY (Do It Yourself)Return of Video eLearning as DIY (Do It Yourself)
Return of Video eLearning as DIY (Do It Yourself)Upside Learning Solutions
 
Collateral damage in cyberwarfare
Collateral damage in cyberwarfareCollateral damage in cyberwarfare
Collateral damage in cyberwarfareMike Chapple
 
Top 13 Qualities of an Ideal Instructional Designer
Top 13 Qualities of an Ideal Instructional DesignerTop 13 Qualities of an Ideal Instructional Designer
Top 13 Qualities of an Ideal Instructional DesignerUpside Learning Solutions
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoMike Chapple
 
Pedagogy and School Leadership
Pedagogy and School LeadershipPedagogy and School Leadership
Pedagogy and School LeadershipJudy O'Connell
 

Viewers also liked (20)

3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee Engagement3 Ways Online Learning Boosts Employee Engagement
3 Ways Online Learning Boosts Employee Engagement
 
Case Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web PresenceCase Study: Rebuilding an Admissions Web Presence
Case Study: Rebuilding an Admissions Web Presence
 
Develop Better People Managers
Develop Better People ManagersDevelop Better People Managers
Develop Better People Managers
 
How to Use Photography for Great Presentations
How to Use Photography for Great PresentationsHow to Use Photography for Great Presentations
How to Use Photography for Great Presentations
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability Explained
 
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...
Libraries and Privacy: PechaKucha Seattle: Watch Me Now, Notes on a Surveilla...
 
Openness in HE: Choosing our paths
Openness in HE: Choosing our pathsOpenness in HE: Choosing our paths
Openness in HE: Choosing our paths
 
Dynamics Of Gdp
Dynamics Of GdpDynamics Of Gdp
Dynamics Of Gdp
 
#SXSWedu Quotes: Creating Opportunities
#SXSWedu Quotes: Creating Opportunities#SXSWedu Quotes: Creating Opportunities
#SXSWedu Quotes: Creating Opportunities
 
The 'Knowledge Turn' in the UK National Curriculum
The 'Knowledge Turn' in the UK National CurriculumThe 'Knowledge Turn' in the UK National Curriculum
The 'Knowledge Turn' in the UK National Curriculum
 
ImobSync - Seja um executivo - Maio 2014
ImobSync - Seja um executivo - Maio 2014ImobSync - Seja um executivo - Maio 2014
ImobSync - Seja um executivo - Maio 2014
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
 
Return of Video eLearning as DIY (Do It Yourself)
Return of Video eLearning as DIY (Do It Yourself)Return of Video eLearning as DIY (Do It Yourself)
Return of Video eLearning as DIY (Do It Yourself)
 
Collateral damage in cyberwarfare
Collateral damage in cyberwarfareCollateral damage in cyberwarfare
Collateral damage in cyberwarfare
 
Top 13 Qualities of an Ideal Instructional Designer
Top 13 Qualities of an Ideal Instructional DesignerTop 13 Qualities of an Ideal Instructional Designer
Top 13 Qualities of an Ideal Instructional Designer
 
Venezuela Technology Integration 2015
Venezuela Technology Integration 2015Venezuela Technology Integration 2015
Venezuela Technology Integration 2015
 
The Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and CaretoThe Other Advanced Attacks: DNS/NTP Amplification and Careto
The Other Advanced Attacks: DNS/NTP Amplification and Careto
 
MOOCs: still a viable business model?
MOOCs: still a viable business model?MOOCs: still a viable business model?
MOOCs: still a viable business model?
 
Pedagogy and School Leadership
Pedagogy and School LeadershipPedagogy and School Leadership
Pedagogy and School Leadership
 

Similar to Cybersecurity Health Checks: An SEO-Optimized Approach

The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber SecurityMisha Hanin
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxAkramAlqadasi1
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2Lisa Niles
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiFeisal Nanji
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information TechnologyKathirvel Ayyaswamy
 
5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell YouHelpSystems
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurAlan Yau Ti Dun
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsPrecisely
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Precisely
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of VulnerabilitySkybox Security
 
SurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
 

Similar to Cybersecurity Health Checks: An SEO-Optimized Approach (20)

Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber Security
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
 
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #2
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Info.ppt
Info.pptInfo.ppt
Info.ppt
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanji
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology
 
5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
 
Accelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i SystemsAccelerating Regulatory Compliance for IBM i Systems
Accelerating Regulatory Compliance for IBM i Systems
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
 
SurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution Demo
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
 

More from LinkedIn Learning Solutions

Mobile devices: the new learning platform for Higher Education
Mobile devices: the new learning platform for Higher EducationMobile devices: the new learning platform for Higher Education
Mobile devices: the new learning platform for Higher EducationLinkedIn Learning Solutions
 
Fostering innovation to achieve mission critical goals
Fostering innovation to achieve mission critical goalsFostering innovation to achieve mission critical goals
Fostering innovation to achieve mission critical goalsLinkedIn Learning Solutions
 
LinkedIn Learning | What We're Learning About Learning
LinkedIn Learning | What We're Learning About LearningLinkedIn Learning | What We're Learning About Learning
LinkedIn Learning | What We're Learning About LearningLinkedIn Learning Solutions
 
Project-Based Instruction and the Importance of Self-Directed Learning
Project-Based Instruction and the Importance of Self-Directed LearningProject-Based Instruction and the Importance of Self-Directed Learning
Project-Based Instruction and the Importance of Self-Directed LearningLinkedIn Learning Solutions
 
9 Learning Strategies from Knowledge to Know-How
9 Learning Strategies from Knowledge to Know-How9 Learning Strategies from Knowledge to Know-How
9 Learning Strategies from Knowledge to Know-HowLinkedIn Learning Solutions
 
Online Video: How It Changes & Enhances The Way We Learn
Online Video: How It Changes & Enhances The Way We LearnOnline Video: How It Changes & Enhances The Way We Learn
Online Video: How It Changes & Enhances The Way We LearnLinkedIn Learning Solutions
 

More from LinkedIn Learning Solutions (20)

Mobile devices: the new learning platform for Higher Education
Mobile devices: the new learning platform for Higher EducationMobile devices: the new learning platform for Higher Education
Mobile devices: the new learning platform for Higher Education
 
Fostering innovation to achieve mission critical goals
Fostering innovation to achieve mission critical goalsFostering innovation to achieve mission critical goals
Fostering innovation to achieve mission critical goals
 
Insights from our Workplace Learning Report
Insights from our Workplace Learning Report Insights from our Workplace Learning Report
Insights from our Workplace Learning Report
 
LinkedIn Learning | What We're Learning About Learning
LinkedIn Learning | What We're Learning About LearningLinkedIn Learning | What We're Learning About Learning
LinkedIn Learning | What We're Learning About Learning
 
Creating a Culture of Learning in the New Year
Creating a Culture of Learning in the New YearCreating a Culture of Learning in the New Year
Creating a Culture of Learning in the New Year
 
A New Year, New Look for Lynda.com
A New Year, New Look for Lynda.comA New Year, New Look for Lynda.com
A New Year, New Look for Lynda.com
 
Project-Based Instruction and the Importance of Self-Directed Learning
Project-Based Instruction and the Importance of Self-Directed LearningProject-Based Instruction and the Importance of Self-Directed Learning
Project-Based Instruction and the Importance of Self-Directed Learning
 
9 Learning Strategies from Knowledge to Know-How
9 Learning Strategies from Knowledge to Know-How9 Learning Strategies from Knowledge to Know-How
9 Learning Strategies from Knowledge to Know-How
 
Online Video: How It Changes & Enhances The Way We Learn
Online Video: How It Changes & Enhances The Way We LearnOnline Video: How It Changes & Enhances The Way We Learn
Online Video: How It Changes & Enhances The Way We Learn
 
8 Key Ways to Rock SEO
8 Key Ways to Rock SEO8 Key Ways to Rock SEO
8 Key Ways to Rock SEO
 
Top 5 Skills for Project Managers
Top 5 Skills for Project ManagersTop 5 Skills for Project Managers
Top 5 Skills for Project Managers
 
Creating a Culture of Learning in 6 Steps
Creating a Culture of Learning in 6 StepsCreating a Culture of Learning in 6 Steps
Creating a Culture of Learning in 6 Steps
 
Fred Kofman on Managing Conflict
Fred Kofman on Managing ConflictFred Kofman on Managing Conflict
Fred Kofman on Managing Conflict
 
Ten Tips to Make You More Productive in Excel
Ten Tips to Make You More Productive in ExcelTen Tips to Make You More Productive in Excel
Ten Tips to Make You More Productive in Excel
 
What's New in Office 2016
What's New in Office 2016What's New in Office 2016
What's New in Office 2016
 
Evolution of the iPhone Camera
Evolution of the iPhone CameraEvolution of the iPhone Camera
Evolution of the iPhone Camera
 
Demonstrating Positive Elearning ROI
Demonstrating Positive Elearning ROI Demonstrating Positive Elearning ROI
Demonstrating Positive Elearning ROI
 
A Look Back Through Windows
A Look Back Through WindowsA Look Back Through Windows
A Look Back Through Windows
 
Happiness at Work
Happiness at WorkHappiness at Work
Happiness at Work
 
Mastering Excel Formulas and Functions
Mastering Excel Formulas and FunctionsMastering Excel Formulas and Functions
Mastering Excel Formulas and Functions
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Cybersecurity Health Checks: An SEO-Optimized Approach

  • 1. 1 Cybersecurity Health Checks: Safeguarding Your Organisation Dr. Malcolm Shore
  • 2. 2 Quick Facts about Lynda.com Government • Major government agencies • Branches of military Corporations • More than half of the Fortune 50 across all key industry sectors Education • 60% of all US colleges and universities 40% of Australian universities 4M+ Members …with 350k paying out of pocket 20 Years Lynda.com was founded in 1995 12,000+ Enterprise Clients …located across 52 countries 6,000+ Courses …available in 5 languages (German, Spanish, French, Japanese) The Global Leader in Online Skills Instruction INTRODUCTION
  • 3. 3 Dr. Malcolm Shore Lynda.com author Technical Director, BAE Systems Applied Intelligence, Australia INTRODUCTION
  • 4. 4 • 1983 - US DoD rainbow series • 1993 – UK PD0003 • 1998 – BS 7799……ISO 27000 • 2005 – NIST Special Publication 800-53 • … but too difficult and costly Information Security Standards BACKGROUND Cybersecurity Health Checks
  • 5. 5 • From Bulletin Boards to the Web • Ubiquitous connectivity across the globe • Clouds aren’t just in the sky… • From email to social media… • From telephone to smartphone • Cyber kill chain … the world has changed Information Security Standards BACKGROUND Cybersecurity Health Checks
  • 6. 6 • Evolution of information security standards lagging • Information security policies ineffective* New Approach BACKGROUND Cybersecurity Health Checks *Doherty, NF and Fulford H. Do Information Security Policies Reduce the Incidence of Security Breaches? 2005
  • 7. 7 • UK Cybersecurity Strategy • Cyber Governance Health Check • top 350 listed companies • only15% of Boards manage cyber risk • only 30% use threat intelligence • Majority of attacks exploit basic weaknesses Information Security Policies BACKGROUND Cybersecurity Health Checks
  • 8. 8 • Term used in audit community • Now used in cybersecurity consulting • Various interpretations … is simply cyber fitness Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
  • 9. 9 • Check-up – unauthorised users, malware • Health test - check network traffic for infections • Full examination - rules, patches, access and privileges - operational defences • Fitness test - external penetration exercise • Cyber insurance Cybersecurity Health Check DEFINITION Cybersecurity Health Checks
  • 10. 10 • Baseline security • Operational focus • Affordable, manageable Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  • 12. 12 • Prevents low grade technical attacks on • desktop PCs, laptops • tablets, smartphones • email • web applications Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  • 13. 13 • Boundary devices • Secure configuration • User access control • Malware protection • Patch management Cyber Essentials CYBER ESSENTIALS Cybersecurity Health Checks
  • 14. 14 Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
  • 15. 15 • administrative password must be changed • documented and authorised rules • obsolete rules removed • unnecessary services blocked • administrative interface accessible only internally Boundary Firewalls and Internet Gateways CYBER ESSENTIALS Cybersecurity health Checks
  • 17. 17 • Issues: • easy to install • no security configured • default administrator accounts and passwords Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks
  • 18. 18 Secure Configuration CYBER ESSENTIALS Cybersecurity health Checks • remove unnecessary default accounts • change default passwords • remove or disable unnecessary applications and services • install personal firewalls on all PCs
  • 21. 21 • Issues: • legacy access • excess privileges User Access Control CYBER ESSENTIALS Cybersecurity health Checks
  • 22. 22 User Access Control CYBER ESSENTIALS Cybersecurity health Checks • minimum privileges • userid and strong passwords • ensure privileged accounts are not used for internet activity • disable or remove accounts when no longer required
  • 23. 23 User Access Control CYBER ESSENTIALS Cybersecurity health Checks
  • 24. 24 • Install anti-virus software • up to date signatures • Use real-time protection • Scan the filebase • Blacklisting known malicious sites Malware Protection CYBER ESSENTIALS Cybersecurity Health Checks
  • 25. 25 • Flaws found by developers, researchers, hackers • Often exploited within 24 hours • Timely patching • Licenced software Patching CYBER ESSENTIALS Cybersecurity Health Checks
  • 26. 26 • Good routine check-up and examination • Does not propose a full cyber fitness test Cyber Essentials – Health Check? CYBER ESSENTIALS Cybersecurity Health Checks
  • 27. 27 • Published March 2015 • Improve cyber resilience • Cyber defence posture • Incident management ASIC Report 429 ASIC REPORT 429 Cybersecurity Health Checks
  • 28. 28 • Adopted in ASIC Report 429 • 26 prompts • 2 governance • 24 across the five Framework areas US Cybersecurity Framework ASIC REPORT 429 Cybersecurity Health Checks
  • 29. 29 • Board and Executive awareness of cyber risk • Assessment against the Cybersecurity Framework Governance ASIC REPORT 429 Cybersecurity Health Checks
  • 30. 30 • What are the essential information and assets? • What are the cyber risks? • Are third party risks considered? • Does enterprise risk management include cyber risks? • Are staff aware of cyber risks? Identify ASIC REPORT 429 Cybersecurity Health Checks
  • 31. 31 • Are security policies and standards up to date? • Have IT systems and processes been tested? • Are there sufficient resources in place? Protect ASIC REPORT 429 Cybersecurity Health Checks
  • 32. 32 • Monitoring for cyber attacks • External engagement Detect ASIC REPORT 429 Cybersecurity Health Checks
  • 33. 33 • Is response planning adequate? • Notifying law enforcement of an attack • Notifying customers of a breach Respond ASIC REPORT 429 Cybersecurity Health Checks
  • 34. 34 • Does the organisation have a recovery plan? Recover ASIC REPORT 429 Cybersecurity Health Checks
  • 35. 35 • Full set of controls • Cyber health checks lost in the noise • A through life fitness programme ASIC Report 429 – Cyber Health Check? ASIC REPORT 429 Cybersecurity Health Checks
  • 36. 36 • Security standards are evolving • Traditional approach is having limited success • Cyber health checks are a more manageable approach • Cyber Essentials provides a health check Conclusion CONCLUSION Cybersecurity Health Checks

Editor's Notes

  1. Item number:459514297
  2. Item number:486763822
  3. Item number:486763822
  4. Item number:486763822
  5. Item number:458040107
  6. Item number:458040107
  7. Item number:458040107