This presentation is primarily for small businesses interested in having their employees work from home. It provides do's and don'ts as well as short-term and long-term goals business leadership should strongly consider to better protect business data/systems. This presentation also provides home users tips they can use to help secure their home environment such as seeing what's on their network. Our team originally presented this material on a Zoom webinar on April 23rd, 2020 in conjunction with multiple business organizations. The version below is a recorded, webinar presentation without audience questions throughout.
Video presentation
https://www.treetopsecurity.com/7-cybersecurity-sins-when-working-from-home
Need help securing your business data? Please keep TreeTop Security and the Peak platform in mind for a better approach to small business cybersecurity.
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
This cybersecurity awareness training is meant to be used by organizations and end users to educate them on ways to avoid scams/attacks. This slide deck is based on version 1.1 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We also have a downloadable 'certificate of completion' for this training; this allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
This is a basic presentation about cybersecurity to share awareness about various security threats and how you can protect yourself from them. In the preview window the formatting is off, but when downloaded it can be viewed with no problems. This is for my Info Security Policy Management class at Governors State University.
This month, Community IT presents basic IT security training for end users. Learn about common threats and the best techniques for dealing with them. This webinar is intended for a broad audience of both technical and non-technical staff.
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
This cybersecurity awareness training is meant to be used by organizations and end users to educate them on ways to avoid scams/attacks. This slide deck is based on version 1.1 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We also have a downloadable 'certificate of completion' for this training; this allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
This is a basic presentation about cybersecurity to share awareness about various security threats and how you can protect yourself from them. In the preview window the formatting is off, but when downloaded it can be viewed with no problems. This is for my Info Security Policy Management class at Governors State University.
This month, Community IT presents basic IT security training for end users. Learn about common threats and the best techniques for dealing with them. This webinar is intended for a broad audience of both technical and non-technical staff.
A Webinar on cyber Security Awareness and Digital Safety is hosted on the 7th of June, 2020. Sthir Yuwa in association with Information Security Response Team Nepal and Center For Cyber Security Research and Innovation conducted successfully. There were almost 70 participants on this webinar.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Cybersecurity Awareness Training Presentation v1.3DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to educate them on ways to avoid scams and attacks and become more security aware. This slide deck is based on version 1.3 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have worksheets free and downloadable worksheets referenced in the training. We have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
A single email can cause a multi-million dollar breach if opened by an end-user with no security awareness, they may not even be aware of their mistake. The problem lies in the fact that only a few end-users are aware of the dangers of social engineering, much less how to detect it. It is a major issue in the business world today.
This document seeks to address the most common threats that can be posed to an entity and also recommend security measures that can be implemented to avoid such attacks.
Learn more at https://www.multinationalnetworks.com
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
Main points covered:
• Understanding the inverted economics of cyber security, the incentives for cyber crime and its effect on the growing threat
• Inefficiencies with the traditional approaches to cyber risk assessment and why we are not making more progress in enhancing cyber defenses
• Resetting roles and responsibilities regarding cyber security within organizations
• Developing empirical, cost-effective cyber risk assessments to meet the evolving threat
Our presenter for this webinar is Larry Clinton, the president of the Internet Security Alliance (ISA), a multi-sector association focused on Cybersecurity thought leadership, policy advocacy, and best practices. Mr. Clinton advises both industry and governments around the world. He has twice been listed on the Corporate 100 list of the most influential people in corporate governance. He is the author of The Cyber Risk Handbook for Corporate Boards. PWC has found the use of this Handbook improves cyber budgeting, cyber risk management and helps create a culture of security. The Handbook has been published in the US, Germany, the UK and Latin America. He is currently working on a version for the European Conference of Directors Associations as well as versions for Japan and India. Mr. Clinton also leads ISA, public policy work built around their publication “The Cyber Security Social Contract” which the NATO Center of Cyber Excellence in Estonia asked for a briefing on.
Recorded Webinar: https://www.youtube.com/watch?v=8qVtoqi37X8
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
Based on 6 years of creating zero trust networks at Google, the BeyondCorp framework has led to the popularization of a new network security model within enterprises, called the software-defined perimeter.
Building An Information Security Awareness ProgramBill Gardner
Most organization’s Security Awareness Programs suck. They involved ‘canned’ video presentations or someone is HR explaining computer use policies. Others are extremely expensive and beyond the reach of the budgets of smaller organizations. This talk will show you how to build a Security Awareness Program from scratch for little or no money, and how to engage your users so that they get the most out of the program.
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
Note: There is an updated version of this slide deck available on SlideShare at
https://www.slideshare.net/DallasHaselhorst/cybersecurity-awareness-training-presentation-v11
--
Do you want an cybersecurity awareness training you can present at *your* business or in *your* community? Awesome!
We spent months putting together this training presentation on cybersecurity awareness. We then presented it multiple times and continued modifying the presentation based on feedback from attendees as well as feedback from those in the information security community. We are now releasing this in the hope it is a call to action for others in their communities.
The slides are available for download on our website. Download it and please present it in your own communities, e.g. at your local library, business events, co-working spaces, schools, etc. We also have a free cybersecurity quiz available on the site that is also based on the material.
Download the latest version as a Microsoft PowerPoint presentation (.pptx) or 'Make a Copy' in Google Slides.
https://www.treetopsecurity.com/slides
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Cybersecurity Awareness Training Presentation v1.3DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to educate them on ways to avoid scams and attacks and become more security aware. This slide deck is based on version 1.3 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, it was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have worksheets free and downloadable worksheets referenced in the training. We have a free cybersecurity quiz that is based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
We also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Want to take this content and present it in your own community? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or using ‘Make a Copy’ in Google Slides.
https://www.treetopsecurity.com/slides
A single email can cause a multi-million dollar breach if opened by an end-user with no security awareness, they may not even be aware of their mistake. The problem lies in the fact that only a few end-users are aware of the dangers of social engineering, much less how to detect it. It is a major issue in the business world today.
This document seeks to address the most common threats that can be posed to an entity and also recommend security measures that can be implemented to avoid such attacks.
Learn more at https://www.multinationalnetworks.com
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
Main points covered:
• Understanding the inverted economics of cyber security, the incentives for cyber crime and its effect on the growing threat
• Inefficiencies with the traditional approaches to cyber risk assessment and why we are not making more progress in enhancing cyber defenses
• Resetting roles and responsibilities regarding cyber security within organizations
• Developing empirical, cost-effective cyber risk assessments to meet the evolving threat
Our presenter for this webinar is Larry Clinton, the president of the Internet Security Alliance (ISA), a multi-sector association focused on Cybersecurity thought leadership, policy advocacy, and best practices. Mr. Clinton advises both industry and governments around the world. He has twice been listed on the Corporate 100 list of the most influential people in corporate governance. He is the author of The Cyber Risk Handbook for Corporate Boards. PWC has found the use of this Handbook improves cyber budgeting, cyber risk management and helps create a culture of security. The Handbook has been published in the US, Germany, the UK and Latin America. He is currently working on a version for the European Conference of Directors Associations as well as versions for Japan and India. Mr. Clinton also leads ISA, public policy work built around their publication “The Cyber Security Social Contract” which the NATO Center of Cyber Excellence in Estonia asked for a briefing on.
Recorded Webinar: https://www.youtube.com/watch?v=8qVtoqi37X8
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
Based on 6 years of creating zero trust networks at Google, the BeyondCorp framework has led to the popularization of a new network security model within enterprises, called the software-defined perimeter.
Building An Information Security Awareness ProgramBill Gardner
Most organization’s Security Awareness Programs suck. They involved ‘canned’ video presentations or someone is HR explaining computer use policies. Others are extremely expensive and beyond the reach of the budgets of smaller organizations. This talk will show you how to build a Security Awareness Program from scratch for little or no money, and how to engage your users so that they get the most out of the program.
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
Note: There is an updated version of this slide deck available on SlideShare at
https://www.slideshare.net/DallasHaselhorst/cybersecurity-awareness-training-presentation-v11
--
Do you want an cybersecurity awareness training you can present at *your* business or in *your* community? Awesome!
We spent months putting together this training presentation on cybersecurity awareness. We then presented it multiple times and continued modifying the presentation based on feedback from attendees as well as feedback from those in the information security community. We are now releasing this in the hope it is a call to action for others in their communities.
The slides are available for download on our website. Download it and please present it in your own communities, e.g. at your local library, business events, co-working spaces, schools, etc. We also have a free cybersecurity quiz available on the site that is also based on the material.
Download the latest version as a Microsoft PowerPoint presentation (.pptx) or 'Make a Copy' in Google Slides.
https://www.treetopsecurity.com/slides
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
We are surrounding with technology. The more we surround and integrate with technology the more we will be in risk our privacy data/online/internet/cyber. Not only you are in risk, your family and friend alos in risk. If we think I am not important person then that would be your great mistake. You are important to someone in somewhere in this world.
Mind it your daily life is watched by someone. So be conscious… remember Prevention is Better than cure.
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2024.03 of our wildly popular materials we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries! Since then, it has been downloaded hundreds of thousands of times and it is downloaded or viewed over 10,000 per month... And those are just the views we can count!
On our website, you will also find several other related, free goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You can download this slide deck as editable content right from our website. Once again, completely free and with no sign-ups! This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
Carol Schlein Presentation Leveraging Technology in your new law practicecschlein
Presented by Carol Schlein, Esq. for the Basic Skills CLE series for the New Jersey State Bar Association on November 17, 2010. Carol is President of Law Office Systems, Inc., Montclair NJ and a founding member of Lawtopia LLC
This presentation is given as a 30-minute intro to information security and cybersecurity for organizations that are interested in quick wins to improve their security posture.
Baking Security into the Company Culture (2017) Mike Kleviansky
Securing company assets is a shared responsibility. It requires People, Process and Technology to be effective.
This non-technical slide deck is compulsory viewing for all company staff. It is designed to educate staff about security risks, building an in-house security culture, and explains how humans are the weakest link in the security chain.
While the slides are self explanatory, detailed slide notes to significantly enhance the presentation, are available on request.
To receive your complimentary slide notes, please email mikek@m-net.com.au with title "Baking Security - Notes".
Alternatively, if you would like this session professionally presented to your organisation please email:
mikek@m-net.com.au with title "Baking Security - Presentation".
MT50 Data is the new currency: Protect it!Dell EMC World
Data is meant to roam, and contrary to popular opinion, better security is better business. But endpoints and users remain the key vulnerability to even the most robust security programs. In fact, 95% of all breaches occur at the endpoint, and organizations can still be susceptible to the latest viruses and malware. In this session you will learn how to protect your data on digital and physical workstations throughout the organization, wherever employees use it – at home, on the road, collaborating with partners, and more.
Learn more at Dell.com/datasecurity
Explore Sarasota Collection's exquisite and long-lasting dining table sets and chairs in Sarasota. Elevate your dining experience with our high-quality collection!
Textile Chemical Brochure - Tradeasia (1).pdfjeffmilton96
Explore Tradeasia’s brochure for eco-friendly textile chemicals. Enhance your textile production with high-quality, sustainable solutions for superior fabric quality.
What You're Going to Learn
- How These 4 Leaks Force You To Work Longer And Harder in order to grow your income… improve just one of these and the impact could be life changing.
- How to SHUT DOWN the revolving door of Income Stagnation… you know, where new sales come into your magazine while at the same time existing sponsors exit.
- How to transform your magazine business by fixing the 4 “DON’Ts”...
#1 LEADS Don’t Book
#2 PROSPECTS Don’t Show
#3 PROSPECTS Don’t Buy
#4 CLIENTS Don’t Stay
- How to identify which leak to fix first so you get the biggest bang for your income.
- Get actionable strategies you can use right away to improve your bookings, sales and retention.
How to Build a Diversified Investment Portfolio.pdfTrims Creators
Building a diversified investment portfolio is a fundamental strategy to manage risk and optimize returns. For both novice and experienced investors, diversification offers a pathway to a more stable and resilient financial future. Here’s an in-depth guide on how to create and maintain a well-diversified investment portfolio.
Best Crypto Marketing Ideas to Lead Your Project to SuccessIntelisync
In this comprehensive slideshow presentation, we delve into the intricacies of crypto marketing, offering invaluable insights and strategies to propel your project to success in the dynamic cryptocurrency landscape. From understanding market trends to building a robust brand identity, engaging with influencers, and analyzing performance metrics, we cover all aspects essential for effective marketing in the crypto space.
Also Intelisync, our cutting-edge service designed to streamline and optimize your marketing efforts, leveraging data-driven insights and innovative strategies to drive growth and visibility for your project.
With a data-driven approach, transparent communication, and a commitment to excellence, InteliSync is your trusted partner for driving meaningful impact in the fast-paced world of Web3. Contact us today to learn more and embark on a journey to crypto marketing mastery!
Ready to elevate your Web3 project to new heights? Contact InteliSync now and unleash the full potential of your crypto venture!
When listening about building new Ventures, Marketplaces ideas are something very frequent. On this session we will discuss reasons why you should stay away from it :P , by sharing real stories and misconceptions around them. If you still insist to go for it however, you will at least get an idea of the important and critical strategies to optimize for success like Product, Business Development & Marketing, Operations :)
Reflect Festival Limassol May 2024.
Michael Economou is an Entrepreneur, with Business & Technology foundations and a passion for Innovation. He is working with his team to launch a new venture – Exyde, an AI powered booking platform for Activities & Experiences, aspiring to revolutionize the way we travel and experience the world. Michael has extensive entrepreneurial experience as the co-founder of Ideas2life, AtYourService as well as Foody, an online delivery platform and one of the most prominent ventures in Cyprus’ digital landscape, acquired by Delivery Hero group in 2019. This journey & experience marks a vast expertise in building and scaling marketplaces, enhancing everyday life through technology and making meaningful impact on local communities, which is what Michael and his team are pursuing doing once more with Exyde www.goExyde.com
Salma Karina Hayat is Conscious Digital Transformation Leader at Kudos | Empowering SMEs via CRM & Digital Automation | Award-Winning Entrepreneur & Philanthropist | Education & Homelessness Advocate
1. 7 cybersecurity
Sins when Working
From Home
DALLAS HASELHORST
Founder & Principal Consultant, TreeTop Security
www.treetopsecurity.com
From the makers of Peak, the only affordable and
comprehensive small business cybersecurity solution
2. 2info@treetopsecurity.com | @oneoffdallas
# whoami
● 20+ years of IT & cybersecurity experience
● Consulted for companies all over the US
● Multiple computer-related degrees from FHSU
● Master’s degree in Information Security Engineering
from the SANS Technology Institute
● Alphabet soup of security-related certifications
○ CISSP, GSEC, GCIH, GCCC, GCPM, GPEN, GMON,
GCIA, GWAPT, GDSA, GSE #231
● Co-organizer of BSidesKC conference
● Founded an IT company in 2003, acquired in 2016
● Lead design of the Peak platform > 3 years
5. 5info@treetopsecurity.com | @oneoffdallas
43% of all cyber
attacks target
small businesses
“No one wants OUR data”
Unprepared Small Businesses
Large Businesses and Government
“Prepared” Small Businesses
Verizon 2019 DBIR - https://enterprise.verizon.com/resources/2019-data-breach-investigations-report.pdf
https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html
6. 6info@treetopsecurity.com | @oneoffdallas
Targeted or untargeted?
•Works equally well on 1 or 1,000
•Ransomware
• Locks you out of your data
• Monetary ransom gets it back
•Cryptominers/botnets
• Uses your system resources
• To “mine” cryptocurrency
• To hack or harass others
•Nation-states
•Organized crime
8. 8info@treetopsecurity.com | @oneoffdallas
Home network
•One compromised device on the same
network can compromise your device too
•Who has access?
• Kids
• Neighbor kids
• Everyone?
•What devices have access?
• Gaming computers
• “Knock-off” products
• Internet of things (IoT) - Alexa,
Google Home, doorbells, Xbox,
refrigerators, camera systems, etc.
9. 9info@treetopsecurity.com | @oneoffdallas
Fing app
•Free, easy to use
•Available for Apple/Android
•Scan your network
•Find other devices
•Staying at a B&B???
•Restaurant guest wifi
• Printers
• Speakers
• Servers <----
• POS <--------
PCI compliance? Access to credit card info!
10. 10info@treetopsecurity.com | @oneoffdallas
Wireless/firewall
•Default username/password?
•Use WPA2 (AES) encryption setting
•Disable WPS <- “button to connect”
•Wireless key/password
• When was it last changed?
• Using your phone number?
• Hacked in under 10 mins
• More than 20 characters
• Use passphrases!!!
• Stayoffmywifi@homeplease (24)
https://linuxincluded.com/why-phone-numbers-make-horrible-wifi-passwords/
13. 13info@treetopsecurity.com | @oneoffdallas
Prying eyes
•Password on computer
• Passphrases!
• >16 characters
• Length is better than complexity
• Lock when away
• Auto-lock after inactivity
• Windows = Windows key + L
• Mac = Control-Shift-Power
• Alternative - biometrics
•PIN/biometrics on portable devices
•Keep kids away
• “Grandkids were here this weekend”
14. 14info@treetopsecurity.com | @oneoffdallas
WFH setups
•Don’t overshare!
•High resolution images
•Accidental disclosure
• Zoom meeting IDs
• What you are working on
• Client names / file names
• Applications you use (open or closed)
• Passwords on sticky notes <- NOOO!
•Hide all icons
•Don’t show toolbars/taskbars
•Resize pictures?
What could an attacker or
competitor gain?
15. 15info@treetopsecurity.com | @oneoffdallas
Staying up-to-date
•New security issues found every day
•Operating system updates
• Windows, Apple, Linux
• Still using Windows 7 - end of life
•3rd party updates
• Microsoft Office
• Browser - Chrome, Safari, Firefox
• Adobe Reader
• Zoom - new version 2 days ago
• Click profile -> check for updates
•Anti-virus - definition updates
•Mobile devices
18. 18info@treetopsecurity.com | @oneoffdallas
Scattershot storage & technology
•Unprepared for WFH?
•Then prepare for shadow IT
• Find alternatives to get things done
•Data/info coming from new sources
• No server or centralized storage
• Dropbox, OneDrive, Google Drive
• Email, Slack, Microsoft Teams
•Regulated industries - PII, PHI, etc.
• Many regulations laxed... For now
• “Left over data”
• After 6 months?
• After 2 years?
Maintain order now,
Thank me later
19. 19info@treetopsecurity.com | @oneoffdallas
Data protection
•Alexa, Google Home -> always listening
•Backups - even more important
• Hardware failure
• Accidental deletion
• Ransomware - no protection is perfect!
•Full-disk encryption (FDE)
• Lost or stolen? Only out cost of device
• Recommended for PII/PHI everything
• Windows - Bitlocker
• Apple MacOS - FileVault
• Mobile devices - tablets & phones
• PIN/passcode on boot
• Decryption often tied to PIN/passcode
20. 20info@treetopsecurity.com | @oneoffdallas
Secure communications
Example: Healthcare
Industry/regulatory approved?
Business Associate Agreement (BAA)
Video conferencing
Zoom or Zoom Business? No
Zoom for Healthcare? Yes
Free vs minimum of $200/month
Document storage/sharing
Google Drive? No
G Suite by Google? Yes
Free vs $6/month per user -------------------(additional services)
23. 23info@treetopsecurity.com | @oneoffdallas
Criminal activity - domain registrations
https://www.markmonitor.com/mmblog/covid-19-domains-whats-going-on/
New domains
registered related
to corona, COVID,
vaccine, etc.
Example:
id-covid19[dot]com
DON’T GO THERE
29. 29info@treetopsecurity.com | @oneoffdallas
Shared and recommended
at the RSA conference
Feb 2020
Downloaded in over
150 countries in < 1 year
Sept 2019 - March 2020
Slides available at
https://www.treetopsecurity.com/CAT
Awareness slide deck
30. 30info@treetopsecurity.com | @oneoffdallas
Also available at
https://www.treetopsecurity.com/CAT
Free video + other goodies
•New slide deck
• Version 1.1
• Released March 2020
•Video presentation
• Released March 2020
•Awareness quiz
•Certificate of completion
•Sign-up for our newsletter