This document discusses the importance of cyber security, especially regarding mobile devices. It begins by defining cyber security and explaining how the increased use of technology and mobile devices has led to greater cyber threats. Individuals and businesses now rely heavily on digital information and devices, exposing them to privacy and security risks. There is also a lack of cyber security awareness and training. The document then explains why mobile devices pose unique risks as they contain sensitive information but have less security than laptops. It concludes by providing tips for how businesses can better protect information assets, such as encrypting data, using firewalls, and training employees on cyber security best practices.

1. Cyber Security
Mobile Devices and On-line Threats
Cyber Security
Mobile Devices and On-line Threats
Presented by: Umer
Saeed

3. What is Cyber security
• The term Cyber dates back to the 40’s and 50’s and originates
from the word Cybernetics, which dealt with rise of Control
systems and human interaction with it.
• In simple terms, today the word Cyber indicates Internet or
having to do with computers e.g. Cyber fraud, Cyber security.
• Since its widespread acceptance, Internet has become home of
virtually every activity and huge amount of valuable data.
• Some of that data is extremely valuable and pertinent to
corporate and national security which naturally attracts bad
actors resulting in Cyber Crime and espionage
• Cyber Security deals with the defensive operations carried out
to defend valuable data on computers and especially on Smart
phones against threats like virus, malware, ransomware,
hacking, phishing and various other malicious attacks.

4. Why is Cyber Security more important than ever
• Exponential growth in use of technology and mobile devices to
process data

Massive use by corporations and people
 Governments, businesses and people, rely very heavily on various forms of
information
 Information, big-data, market statistics are now the key business success factors
 Impacts rich and poor, young and adults, men and women
 Exposes digital devices users to risks, regardless of gender, age, status
 Because these devices play an Irreplaceable role in our daily lives
 Abundance of technology and big-data has attractions for cyber criminals

5. Why is Cyber Security more important than ever
• Growing possibility of threats to our privacy and security
 HOW - Prejudice about security products/practices due to

Lack of awareness or availability of cheap security solutions

Unavailability of trained security professionals
 WHERE - Lack of understanding of magnitude of risks posed to our integrity

Governments, enterprises, businesses and common people fail to realize the
impact of security incidents
 WHY - Little awareness by relevant authorities, media and education institutes

The laws on Cyber crime, data leakage, defamation are in their early stages
and provide little deterrence
 WHEN – High probability of risks due to

always on, always present mobile/storage devices (e.g. USB sticks, Memory
Cards. Smart phones)

6. Why is Cyber Security more important than ever
• Lack of training and education at grass root level
 Lack of awareness of Cyber crime laws, basics of frauds and prevention
 Uncontrolled access to harmful mobile apps and websites before proper training
 Easy access given to toddlers, teenagers without proper training
 Ignoring recommended privacy settings for social media (Facebook, Whatsapp)
• Non-negotiable for business sustenance and growth
 Every business needs to operate On-line safely to stay relevant and in touch
with market and its growing consumer base
 A requirement for reaching emerging and developed markets
 Rapidly rising on-line market as compared to traditional businesses
 In most cases, the damages of Cyber crime are irrecoverable

7. Why worry about Mobile devices?
• Mobile devices have largest market share for Internet access
 More smart phones sold than Personal Computers and Laptops combined
 Easier to carry and operate in contrast to laptops
 Offers similar and in some cases, better computing and storage
• Hides in plain sight
 Exposed to more threats than a larger device e.g. Laptop
 Easy to steal, snatch, abuse data and in some cases leaking corporate resources
 Use in public places, large gathering exposing to Fake Wifi and MITM attacks
• Used for same tasks as we perform on Laptops/PCs
 Storing and processing Corporate information on the go
 Storing confidential files, sensitive and exploitable information

Little or no security for Photos, Online copies of Financial and bank records etc

Hardly any mobile has anti-virus or firewall

8. How Businesses can protect against Mobile Device threats
• Know what needs protection
●
Know what information assets are important for your business to operate effectively

Ensure strictly devised data classification policy exists and is adhered to for all data

Provide training to users to process data diligently according to classification
●
more you invest to train your business/family people​, less are the chances of security incidents

Evaluate the cost of data leakage and protect information assets accordingly
●
Cost of data leakage is the cost need to gather same data and same reputation. Two very
different things and yet crucial for business survival.

If you don't get involved, don't expect anyone else to be. Security is a Senior management
responsibility.

9. How Businesses can protect against Mobile Device threats
Protection of Information Assets

Never use pirated PC/Software to process data that is valuable to you, your family or business

Use strong encryption to protect data during operations (i.e. storage, processing, transmission)

Use Firewall, Intrusion Prevention, VLAN, DMZ, honeypots to protect sensitive data

Maintain regular off-line backup of valuable data. Test backups for possible recovery scenario

Avoid using USB sticks to store UN-encrypted data, at all costs

Avoid using Open WiFi and hot-spots in Coffee shops, airport and bus terminals. Use Mobile data.

Use strong passwords. Use pass phrases if possible.

Do NOT share sensitive information over social media

If costs are concern, use Open Source software. There’s an open source software for every need.

Hire only trained professionals to be custodians of information assets.

10. Three basic rules of protection
Protect
Business data
• Train staff and show your
involvement
• Classify Data and employ
controls matching data
sensitivity
• Genuine skills, software and
technology
Protect
Personal data
• Education about abuse of
personal data and misuse of
Social Media
• Use built-in cloud/App-lock
features to prevent device
misuse
• Encrypt valuable data, if you
have to keep on mobile.

11. About Presenter
• 20+ years in Systems and Networks Management, Security
• Held roles with prestigious organizations like British Council,
Arabian Co, ISACA
• Avid supporter of grass-root level, easily available security
education, awareness and training for youth
• Believes in adapting Linux in home as well as corporate
environments to end piracy and security issues
• Trainer for CISA, CISM
fb.me/FutureNOW