This document provides information about an e-learning cyber security induction course for Axiata employees. The course aims to promote information security awareness around topics like introduction to security, social engineering, malware, mobile security, and responsible browsing. It serves as an induction for new employees and a refresher for existing employees. The course objectives are to understand information security and how to protect it, recognize social engineering techniques, be aware of malware types and prevention methods, understand mobile security risks and defenses, and learn responsible browsing practices. The course content will cover these topics through modules on introduction to security, social engineering, mobile security and social media, responsible browsing, and malware. Upon completing the course, participants will understand these cyber security concepts and
This is a presentation that I shared with a group of College students on Cyber Security.
This was part of the Cyber Safe Tamil Nadu 2009 program organized jointly by NASSCOM, DSCI and the Tamil Nadu police.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
A single email can cause a multi-million dollar breach if opened by an end-user with no security awareness, they may not even be aware of their mistake. The problem lies in the fact that only a few end-users are aware of the dangers of social engineering, much less how to detect it. It is a major issue in the business world today.
This document seeks to address the most common threats that can be posed to an entity and also recommend security measures that can be implemented to avoid such attacks.
Learn more at https://www.multinationalnetworks.com
This is a presentation that I shared with a group of College students on Cyber Security.
This was part of the Cyber Safe Tamil Nadu 2009 program organized jointly by NASSCOM, DSCI and the Tamil Nadu police.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
A single email can cause a multi-million dollar breach if opened by an end-user with no security awareness, they may not even be aware of their mistake. The problem lies in the fact that only a few end-users are aware of the dangers of social engineering, much less how to detect it. It is a major issue in the business world today.
This document seeks to address the most common threats that can be posed to an entity and also recommend security measures that can be implemented to avoid such attacks.
Learn more at https://www.multinationalnetworks.com
Infections cost organizations billions of dollars in lost time and productivity, as well as ransom payments and other indirect costs, like damage to a business’s reputation.
End-users will learn about password management, multi-factor authentication and how to secure their laptops and desktops while working remotely.
This session will teach professionals how to avoid becoming a statistic.
Agenda: Foundations of security awareness | Common threats | Three ways to secure your work environment | Best practices for users | The work from home checklist
You've seen the headlines. You're beginning to understand the importance of cybersecurity. Where do you begin? It's important to understand the common methods of attack and ways you can begin to protect your organization today. For more information on our cybersecurity education please visit FPOV.com/edu.
Building An Information Security Awareness ProgramBill Gardner
Most organization’s Security Awareness Programs suck. They involved ‘canned’ video presentations or someone is HR explaining computer use policies. Others are extremely expensive and beyond the reach of the budgets of smaller organizations. This talk will show you how to build a Security Awareness Program from scratch for little or no money, and how to engage your users so that they get the most out of the program.
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
In a world so connected, cyber security awareness is key to a safe online experience, because the weakest information security link to any organisation is the users of technology. This presentation speaks to basic cyber security awareness for everyday internet users
Webinar_Cybersecurity is a shared responsibility presentation211 Check
Webinar_Cybersecurity is a shared responsibility presentation by Charles Chol, a cybersecurity analyst and tech entrepreneur in Juba, South Sudan.
He presented in a session organised by Defyhatenow with support from the International Fact-checking Network (IFCN)
This is a summary of what cyber crime is all about, the history of cyber crime; motivation behind cyber attack as well as the various techniques used in committing those crimes; Cybercrime groups starting to operate like the Mafia; how cyber crimes exploits Web2.0 opportunites and Top Computer Secuity Actions.
Propelled Technologies is proud to present our comprehensive Cybersecurity Awareness E-book, a valuable resource for individuals and organizations looking to protect themselves from cyber threats. This e-book covers a range of topics, including online privacy, data protection, internet safety, and cybercrime prevention. Whether you're a tech-savvy professional looking to stay informed about the latest threats, or a concerned individual looking to protect yourself and your loved ones online, this e-book has something for you. Download now and start building your cybersecurity knowledge today!
Infections cost organizations billions of dollars in lost time and productivity, as well as ransom payments and other indirect costs, like damage to a business’s reputation.
End-users will learn about password management, multi-factor authentication and how to secure their laptops and desktops while working remotely.
This session will teach professionals how to avoid becoming a statistic.
Agenda: Foundations of security awareness | Common threats | Three ways to secure your work environment | Best practices for users | The work from home checklist
You've seen the headlines. You're beginning to understand the importance of cybersecurity. Where do you begin? It's important to understand the common methods of attack and ways you can begin to protect your organization today. For more information on our cybersecurity education please visit FPOV.com/edu.
Building An Information Security Awareness ProgramBill Gardner
Most organization’s Security Awareness Programs suck. They involved ‘canned’ video presentations or someone is HR explaining computer use policies. Others are extremely expensive and beyond the reach of the budgets of smaller organizations. This talk will show you how to build a Security Awareness Program from scratch for little or no money, and how to engage your users so that they get the most out of the program.
14 tips to increase cybersecurity awarenessMichel Bitter
We used this presentation within our company to increase the cybersecurity awareness of our employees. These 14 tips should help everybody to protect themselves against the most obvious cyber attacks.
In a world so connected, cyber security awareness is key to a safe online experience, because the weakest information security link to any organisation is the users of technology. This presentation speaks to basic cyber security awareness for everyday internet users
Webinar_Cybersecurity is a shared responsibility presentation211 Check
Webinar_Cybersecurity is a shared responsibility presentation by Charles Chol, a cybersecurity analyst and tech entrepreneur in Juba, South Sudan.
He presented in a session organised by Defyhatenow with support from the International Fact-checking Network (IFCN)
This is a summary of what cyber crime is all about, the history of cyber crime; motivation behind cyber attack as well as the various techniques used in committing those crimes; Cybercrime groups starting to operate like the Mafia; how cyber crimes exploits Web2.0 opportunites and Top Computer Secuity Actions.
Propelled Technologies is proud to present our comprehensive Cybersecurity Awareness E-book, a valuable resource for individuals and organizations looking to protect themselves from cyber threats. This e-book covers a range of topics, including online privacy, data protection, internet safety, and cybercrime prevention. Whether you're a tech-savvy professional looking to stay informed about the latest threats, or a concerned individual looking to protect yourself and your loved ones online, this e-book has something for you. Download now and start building your cybersecurity knowledge today!
Guarding the Digital Fortress Unmasking 10 Common Types of Cybersecurity Thre...Mverve1
To guard our digital assets and ourselves from cyber threats, it’s crucial to be vigilant and proactive. Understanding common varieties of threats is essential, but enforcing preventive measures is likewise important. In the present-day virtual age, cybersecurity is a shared obligation. Adopting sturdy password practices, staying vigilant against phishing attempts, and keeping software programs up-to-date can lessen publicity to threats. https://mverve.com/
To know how we can protect the data, firstly we need to know how someone can steal it. And in this blog, we will address the 10 common cyber security threats that are most prevalent and also the preventive measures that we can take to control them.
https://mverve.com/
Effective security awareness training with basic needs for the organization and its employees. It should also be engaging and interactive, using a variety of formats such as videos, quizzes, simulations, and case studies.
We are a new generation IT Software Company, helping our customers to optimize their IT investments, while preparing them for the best-in-class operating model, for delivering that “competitive edge” in their marketplace.
Cybersecurity awareness is the understanding of the importance of protecting data and information from malicious activities.
It involves understanding the risks associated with digital communication, online activities, and technology in general.
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling
Enterprise Information Security Architecture, Vulnerability
Assessment and Penetration Testing
Types of Social Engineering, Insider Attack, Preventing Insider
Threats, Social Engineering Targets and Defence Strategies
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
Cyber security positions have considerably taken the top list in the job market. Candidates vying for elite positions in the field of cyber security certainly need a clear-cut and detailed guide to channeling their preparation for smooth career growth, beginning with getting a job. We have curated the top cyber security interview questions that will help candidates focus on the key areas. We have classified the regularly asked cyber security interview questions here, in this article into different levels starting from basic general questions to advanced technical ones.
Before we move on to the top cyber security interview questions, it is critical to reflect on the vitality of cyber security in our modern times and how cyber security professionals are catering to the needs of securing a safe cyber ecosystem.
The times we live in is defined by the digital transition, in which the internet, electronic devices, and computers have become an integral part of our daily life. Institutions that serve our daily needs, such as banks and hospitals, now rely on internet-connected equipment to give the best possible service. A portion of their data, such as financial and personal information, has become vulnerable to illegal access, posing serious risks. Intruders utilize this information to carry out immoral and criminal goals.
Cyber-attacks have jeopardized the computer system and its arrangements, which has now become a global concern. To safeguard data from security breaches, a comprehensive cyber security policy is needed now more than ever. The rising frequency of cyber-attacks has compelled corporations and organizations working with national security and sensitive data to implement stringent security procedures and restrictions.
Computers, mobile devices, servers, data, electronic systems, networks, and other systems connected to the internet must be protected from harmful attacks. Cybersecurity, which is a combination of the words "cyber" and "security," provides this protection. 'Cyber' imbibes the vast-ranging technology with systems, networks, programs, and data in the aforementioned procedure. The phrase "security" refers to the process of protecting data, networks, applications, and systems. In a nutshell,
cyber security is a combination of principles and approaches that assist prevent unwanted access to data, networks, programs, and devices by meeting the security needs of technological resources (computer-based) and online databases.
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
In essence, computer security is the safeguarding of data and computer systems against loss, theft, and unauthorized access. It involves keeping an eye out for and stopping illegal use of your computer system.
A variety of computer security techniques are frequently employed to safeguard the critical data held by an organization cyber security.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
2. E – Learning Course Information
1. To promote information security awareness in the area of:
i. Introduction to information security;
ii. Social engineering;
iii. Malware;
iv. Mobile security & social media; and
v. Responsible browsing.
2. To serve as an induction course for new Axiata employees.
3. To serve as a refresher course for existing Axiata employees.
OBJECTIVES
3. OBJECTIVES
1. Understand information security, its importance and the role you have to
play to protect our information security.
2. Recognise the many forms of social engineering, its potential impacts and
how to stay vigilant against it.
3. Be aware of the different types of malware and signs of malware infection,
and ways to prevent exposing your device to malware.
4. Understand mobile security, identify common mobile devices and mobile
security attacks, and ways to reduce risk of mobile security attacks.
5. Recognise the importance of responsible browsing, understand safe
browsing practices and practise safe sharing on social media.
Why Is This Course Important?
Upon completion of this course, participants will be able to:
Let’s begin.
6. PEOPLE.
Our people working across the Axiata Group.
Even with the absence of malicious intent, often times, information security is
compromised due to employees’ lack of understanding on how to work in a secure
manner.
But where does our biggest threat come from?
Why Do We Care?
Estimates upwards of 250 billion dollars of loss associated with Cyber Crime!
Every year, the Director of National Intelligence publishes an unclassified “Worldwide
Threat Assessment.” The year 2018 report was published listing “Cyber” is the first (and
greatest) threat listed.
Information Security
What is it?
All the processes and practices we implement to protect networks, computers,
applications and data from attacks on the C-I-A triad (Confidentiality, Integrity, and
Availability).
7. You can ensure you play your part in protecting our information by:
Keeping to our values.
Keeping vigilant and diligent.
Keeping hold of our valuables.
Keeping it confidential.
Keeping us all safe.
How Do I Play My Part and How Will I Help?
You will be helping Axiata to:
Protect information from a range of threats.
Ensure business continuity.
Minimise potential financial loss.
Optimise return on investments.
Increase business opportunities.
8. Always logoff or lock your
system even if you leave for a
short time.
Keep systems patched and up
to date.
Use strong passwords and
protect your passwords.
Encrypt sensitive files to ensure
confidentiality of data.
Watch what you share and be
cautious of what information
you put out there.
Never let someone have
access to your system with
your credentials.
Be wary of individuals looking
for information or access to the
building.
Disable unsecured
mechanisms.
If something feels wrong or
uncomfortable, trust your
instinct and ask for help.
Report any potential breach to
your security team.
Good Information Security Practices
1
2
3
4
5
6
7
8
9
10
10. • Social engineering is the act of manipulating people into disclosing private
information and sometimes it involves breaking normal security procedures.
• It relies heavily on manipulating human emotions, such as guilt and fear.
• It exploits our natural tendency to trust others.
• It is very common because it is much easier to trick a person into disclosing
his or her credentials than hacking into his or her account.
Social Engineering?
11. Common Social Engineering Attacks
Phishing
Phishing is a technique of fraudulently obtaining private information.
Phishing refers to the use of emails that appear to originate from a trusted source to
trick a user into entering his or her login credentials, ATM card’s PIN number or credit card
number at a fake website.
Phishing emails typically look very convincing and contains a link to fake web pages with
seemingly legitimate company logos and addresses.
While spear phishing and phishing are similar in the sense that both attacks involve
sending emails to trick users into providing information, the key difference is that spear
phishing involves sending highly customised emails to a few specific users whereas
phishing involves sending generic emails to a broad number of users.
This means that spear phishing email is more strategic and specific with its choice of
targets. Hence, spear phishing attacks are known to have higher rate of success than
phishing attacks.
Spear Phishing
12. Common Social Engineering Attacks
Vishing, otherwise known as voice phishing, is the practice of using the telephone to
impersonate a known individual to gain access to sensitive information.
Typically, the victim receives a call with a voice message disguised as a communication from
a financial institute or government agency.
3. Vishing
4. Tailgating
Tailgating is the practice of following someone through a security controlled door
without showing or using the required ID pass.
A tailgater may request the target to hold the door, stating that he or she forgot to bring his
or her ID along.
The target typically complies to the tailgater’s request out of good faith and common courtesy
without verifying if the tailgater is allowed on premises. z
13. Limit what you share online
• Without prior information,
social engineers are unable
to establish a solid pretext
to trick you.
• Set your social media
accounts private
• Accept friend requests from
people you know in real life
• Refrain from posting
sensitive information online.
Think before you click
Do not click, forward or respond to phishing
emails.
Challenge tailgaters
Politely reject requests from tailgaters to hold the
door and direct them to register at the reception
counter instead.
Think before you speak
Do not disclose your personal information to
unknown caller.
Be aware, connect with care
Do not connect unfamiliar physical media to the
organisation’s network.
Defending Against Social Engineering Attacks
14. Practise laptop security
• Secure your laptop to your workstation with a cable lock.
• Never leave your laptop in your vehicle.
• Press “Ctrl” and “L” to lock your laptop screen when it is not in use.
Follow Axiata Policy and Procedures
Read, understand and follow Axiata’s policy and procedures.
When in doubt, report to IT helpdesk!
Keep your software up-to-date
Software updates involves security patches that fixes security vulnerabilities.
Defending Against Social Engineering Attacks
16. What is Malware?
Malicious software.
Executes without your permission.
Tricks you into thinking it’s something else.
Works to remain unnoticed.
Compromise computer functions.
Steal data.
Bypass access controls.
Harms the host computer.
17. Stealing data, monitoring user activity, modifying files - these are one of the few
things a malware can do.
Being aware of their tactics is the first line of defense! The list below depicts
some of the common malwares.
Trojan
Bot
RAT
Common Malwares
Bots are software programs created to automatically perform specific
operations such as video gaming, internet auctions and online contests.
A Trojan disguises itself as a normal file or program to trick users into
downloading and installing malware. It is typically bundled with games.
RAT (short for remote access Trojan) is a malware program that
includes a back door for administrative control over the target
computer.
18. Pop-ups that asks you to download antivirus software or offer freebies.
Antivirus software and firewalls have been disabled without your consent.
Computer is running slower than usual.
Emails/messages being sent automatically without user’s knowledge.
Computer has been crashing or freezing lately.
Detecting Malwares
Detecting malware is not an easy task. Anti-virus software are rarely 100%
accurate at detecting malware because malwares are designed to self-update and
continually hides its presence whenever they start getting detected.
If your computer is acting “funny”, it may be infected with malware.
The most common indicators of a malware attack include:
19. Preventing Malwares
Prevention is better than cure. As malwares are getting harder to detect and new
threats are seen on a regular basis, you must be extra cautious in reducing the risk
of getting malware attacks on your computer.
Listed below are a few key recommendations to prevent malwares.
Installing protection
software
Update your
operating system
Securing your
network
• Important updates
for your system are
packed with bug
fixes, virus
protection, and lots
of other important
things to keep your
device clean.
• Ensure your
network needs a
strong password to
connect.
• Do not broadcast
your network name.
• Provide a separate
network for guests.
When you suspect a malware infection, report to your IT security team
immediately before the problem gets worst!
• This protection is a
must-have first step
in keeping your
computer virus free.
• Ensure that you
keep your software
up to date too.
21. What is Mobile Security?
Also known as wireless security.
Serves as a protection of smartphones,
tablets, laptops and other portable
computing devices and the networks
they connect to from threats and
vulnerabilities.
A means by which a mobile device can
authenticate users and protect or restrict
access to data stored on the device.
Common Mobile Devices
in the Workplace
Laptops
Bluetooth devices
Smartphone
BYOD (Bring Your
Own Device)
Tablets
22. Common Attacks
Theft / Gaining Physical Access
Data Interception
Insider Threats
Malware
Eavesdropping
23. Ways to reduce the risk of mobile security attacks
What can
we do?
Use Strong
Passwords.
Enable remote wipe function and
consider the “Find Your Device
Option”.
Backup and protect
your data.
Don’t connect to a work system
or the network unless you have
permission to do so.
Download only secure
applications.
Be cautious about what you share
– text is not inherently secure.
Don’t ‘jailbreak’ or
‘root’ your device.
Report anything suspicious to the
security team.
25. What is Responsible Browsing?
Browsing habits that protect your personal information and online
activity from cyber criminals, while being accountable for the impacts of
your browsing habits towards Axiata's information security.
What are Safe Browsing Practices?
• All information shared on the internet are easily accessed by the public within
a single click, which makes the internet a risky place.
• Cyber criminals often lurk behind the scenes while internet users browse
online, prying to steal sensitive information and execute other malicious
activities.
• Hence, it is important to understand and follow certain safeguards in order to
defend ourselves from the schemes of cyber criminals.
• These safeguards are known as safe browsing practices, which are simple
tips you can take to keep your online activity safe from cyber criminals.
• The next few pages show some examples of safe browsing practices.
26. Create Secure & Unique Passwords.
• Creating strong passwords make it difficult for cyber criminals to crack
the password. A strong password should have a mix of the following:
• Upper case;
• Lower case;
• Number; and
• Special character.
• Example of a weak password versus a strong password is as below:
Weak Password Strong Password
• ThisPasswordIsStrong Th1sPa55wordisStr0ng
27. Staying Safe while using Public Wi-Fi
• Verify your connection.
• Be sure to ask the employee what the actual public Wi-Fi is to avoid
connecting to a bogus network.
• Avoid checking sensitive data.
• Hold off on login to your social media, email and especially your financial
accounts while on public Wi-Fi.
• Turn off sharing.
• Be sure to turn off sharing while you are on public Wi-Fi. If you leave it on
while in a public place, cyber criminals can easily gain access to sensitive
personal information and fields.
• Use a VPN.
• If you need to check sensitive data like your banking account while on public
Wi-Fi, use a virtual private network or a VPN. Even if a cyber criminal
positions himself in the middle of your connection, your data will be strongly
encrypted.
• Turn your Wi-Fi off when you’re done.
• Even if you haven't actively connected to your network, the Wi-Fi hardware
and your computer can still be transmitting data with any network in range. If
you are through using the internet, ensure that your Wi-Fi is turned off.
28. Avoid Unsecured Websites
• Websites with secured connection will have URLs that start with
“https.” instead of “http://”.
• The “s” suffix indicate that the website information is secured and encrypted.
This security is provided by a SSL certificate, which certifies that sensitive
information entered into that site is secured.
• Without a SSL certificate, that information is highly vulnerable to be exposed
and easily accessible by cybercriminals.
• Identify a padlock symbol in the browser window frame, which appears
when you attempt to log in to your existing accounts or register new
accounts. You can click on the padlock icon to verify that your connection is
secure.
29. Keep Browser Up-to-date
• Most updates will include security patches. New patches are often released
to fix existing vulnerabilities in browser software, so having the most up-to-
date versions is critical.
• If you're not installing those updates, you may leave yourself and Axiata
vulnerable to new threats that pop up constantly.
• Therefore, always make it a point to update your browser and leave no room
for any form of security vulnerabilities.
30. Importance of Responsible Browsing
• Browsing without caution can put Axiata at risk of all sorts of
dangers, which includes identity theft, data theft and even computer
damage.
• Sensitive information (e.g. credit card
number, bank accounts, IC number &
mobile number) could be stolen & used
for malicious purposes.
• It can be used to make fraudulent
purchases, sign up new credit cards,
and even apply for government
benefits.
IDENTITY THEFT
• Files from your computer such as
photographs, videos and documents
are stolen & then sold for illicit
purposes.
DATA THEFT
• Viruses are sent to computers to
cause damage and make them
inoperable.
COMPUTER DAMAGE
• Experiencing data breach will not only give us a bad reputation and affect our
business operations, it will also compromise our customer’s trust towards us.
• Losing our customer’s trust is the last thing we want to see happening, which
is why everyone in Axiata play an essential role in practicing browsing habits
that will improve the security of your online activities.