SlideShare a Scribd company logo
Cyber
Security Awareness
Program -ISMO
SECURITY BEST PRACTICES…….
STANDARD….. NON STANDARD
Basic InfoSec……..?
 Introduction…? My Self …… Yourselves……
 Let us stop fussing…….! And see $whoami C:>whoami
 Safety is not a slogan, it’s a way of life
 Start with YOU and ends with YOU.
 Skip these intros and lets see WhatsApp ? What's up in InfoSec World..
 Current ongoing in Cyber/Information Security Arena …..!
 Look for Threat post , the hacker news….
 Still need explanation…… think…..Back to Basics….
 Normal User ……. Get more on google..
 Information Security Standards (ISO/IEC 27001-2013 ISMS)
 11 Domains, 30 Control Objectives, 130 + controls to adopt an international Standard and certification of ISO/IEC-
27001-2013
 Center for Internet Security- Benchmarking for security of the various IT System..
 How to harden OS/Server/Firewall/Router/Switches.
InfoSec/Cyber Security. Start/End….
You/Me/We…!
 Basic Practices of System (PC/Laptop/Desktop) handling …..
 Start at ….? End up with……? Observe….Cautiously….!
 Windows user Task Manager/Even Viewer…. Need more… !
 https://docs.microsoft.com/en-us/sysinternals/downloads/
 Linux user much more to look @ ps aux/ufw /netstat/system monitor.
 End of the working day …..Disconnect (Physically)
The Threat Post
The Hacker News
Types of organizations…..
THERE ARE ONLY TWO TYPES OF ORGANIZATIONS
Those that have been hacked,
And those that will be.
Cyber Security Threat Landscape..
 92% of the Indians/ youth was found to have shared private information online
despite being aware that this is risky.
 53% of youngsters trust the virtual world and interact with strangers.
 51% of those polled didn’t care about their online privacy at all.
Lime Lights of Today may can be….
Password Security
USB Device Security
Data Protection and Destruction
Email Security & Phishing Awareness
Protecting Against Ransom Virus
URL and Safer Web Browsing
Safe Social Networking
Mobile Device Security
Threats identification…..Trailing ….
 Does your screen name identify you as your actual name…? Administrator…?
 Have you ever posted any personal information of yours or anyone else without explicit consent?
 Have you ever uploaded your picture of sensitive area of organization, wihtout prior consent of
management.
 Have you ever filled out online forms, questionnaires, profile pages considering your official profile ?
 Have you ever purchased anything online while sharing your credit /debit cards number insecurely?
 Have you ever shared your passwords with someone other ?
 Have you ever downloaded and installed software without consulting your team mate.
 Have you opened emails from total strangers?
 Have you ever agreed to meet in person someone you have only met online?
 Have you ever been involved in chat sessions with people using vulgar expressions or sexually explicit
language?
Code Red Worm (Year 2001)
IIS
Information Hacking History
 The first recorded cyber crime was recorded in the year 1820.(France) Loom
Device.
 The first spam email took place in year 1978 when it was sent over the Arpanet.
 The first Virus was installed on an Apple Computer in year 1982.
(Rich Skrenta wrote first Elk Cloner virus)
(On every 50th boot the Elk Cloner virus would display a short poem)
Cyber Crime Includes…..
 Illegal Access/ interceptions.
 System/Data Interference,
 Misuse of Device,
 Hacking.
 Denial of Services.
 Virus Dissemination.
 Cyber Terrorism.
 Software Piracy.
Hacker & Types of Hackers….
1) White Hat – Good guys. Report hacks/vulnerabilities to appropriate people.
2) Black Hat – Only interested in personal goals, regardless of impact.
3) Gray Hat – Somewhere in between.
Script Kiddies
 Someone that calls themselves a ‘hacker’ but really isn’t
Ethical Hacker
 Someone hired to hack a system to find vulnerabilities and report on them.
 Also called a ‘sneaker’
Security…. Password…
Why would someone wants to steal your password ?
Passwords are the only keys that prevent unauthorized
entry to many systems.
Password Security Preventions –
1. It should be separate for diff-2 email accounts.
2. Don’t ever reveal your passwords to anyone.
3. Write down in a secure location.
4. Change your passwords if compromised suspected.
5. Add Complexity to passwords .
6. Last but not least for Banking related…Forgot the Password…only if….?
How to Make password more Secure…
 Choose at least 8 characters, including:
- Uppercase
- Lowercase
- Numbers
- Symbols such as @#$%^&*()!~’”
 Avoid simple words
 Don’t pick names or nicknames of people….Notice……!
 Don’t include repeated characters
 Avoid your special person’s like BF/GF name 
EXAMPLE: 0mBhUrBhur@v3Sw@h
Note: for Organizations pls always refer a password policy for life cycle of Information
system.
Cyber Security Awareness Program.pptx
Security…… USB Devices….
USB flash drives are hard to track physically, being stored in bags,
backpacks, laptop cases, jackets or left at unattended workstations.
 STUXNET (Siemens ICS-SCADA, Programmable Logic Controller)
A survey shows end users most frequently copy:
- Customer Data (25%)
- Financial Information (25%)
- Business Plans (15%)
- Employee Data (13%)
- Source Code (6%)
Securing USB Drives…….
- Manually save files with a password.
- Avoid Direct Plug-Ins. (Hold a Shift key and then attach)
- Lock your flash drive with USB Safeguard.
- Encrypting the drive with third party tools like True Crypt.
- Ensure that all USB devices are checked for malware before
they are connected to the network.
Cyber Security Awareness Program.pptx
Data Protection….
Computer data security is the process of preventing and detecting unauthorized
use of your computer data.
It is concerned with 4 main areas – (CIA)
 Confidentiality
 Integrity
 Availability
 Authentication
System Security Tools/ Websites
Tool - FileAnalyzer
Tool - ComboFix
Tool - Comodo Firewall
Tool - Process Explorer
Tool - Sandboxie
Website - Virustotal.com
Website - Nosharescanner.com
•Linux was originally built by Linus Torvalds
at the University of Helsinki in 1991.
•Linux is a Unix-like, Kernel-based OS.
•Flavors – Redhat, Fedora, Ubuntu,
Backtrack, Debian, BSD, Suse, Slackware.
Windows/Linux…
First version of Windows – Windows 3.1 released in 1992 by Microsoft.
Windows is a GUI based operating system
Flavors – Windows 95, 98, ME, NT, XP, 2000, 2003, Vista, 7, 8, 8.1, 10. expecting 11
Virus Attack…. Symptoms….
 Processes take more resources and time.
 Computer beeps with no display.
 Drive label changes.
 Unable to load OS.
 Computer slows down when program starts.
 Anti-virus alerts.
 Computer freezes frequently or encounters error.
 Files & Folders are missing.
 Hard Drive is not accessible.
 Browser window freezes.
Security … Email…. Why….?
Email is important because it creates a fast, reliable form of communication that
is free and easily accessible.
Basic Reasons of attacks on Email Accounts –
- When one discloses his or her password to other person.
- Forgetting to logout from public computers.
- Lack of awareness about legal remedies to sue a bad man.
Securing….Email…….
To scan email headers – http://cyberforensics.in
For Latest Email Scams – http://hoax-slayer.com
Tips:
 Use a wacky email address
 Don’t recycle your password
 Know how to catch a phish
 Don’t use free Wi-Fi
 Never open any Spam/Junk Email
Ransomware….. What……?
 A Ransomware is a type of malware that locks your files, data or the PC itself and
extorts money from you in order to provide access.
 Ransomware is considered “scare virus” as it forces users to pay a fee (or ransom)
by scaring or threatening them.
Example: cyberware, wannacry, petya
For more info, www.yeahhub.com
Securing …. Ransomware……
 Backup your data.
 Show hidden file extensions.
 Filter EXEs in email.
 Disable file running from AppData/LocalAppData Folders.
 Disable RDP (Remote Desktop Protocol).
 Patch or Update your software.
 Disconnect your Wi-Fi or unplug.
 Use System Restore to get back to a known clean state.
 Set the BIOS clock back.
 Google the leaked private key.
Cyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptx
Safe Surfing of Internet…. Browsing
Secure web browsing is a game of changing tactics. Just when you think you’ve
made your computer as safe to use as possible, the landscape changes.
Always use HTTPS for banking
transactions.
Builtwith.com, who.is, centralops.net
Safe Browsing ..to do…Please
 Don’t download free media.
 Don’t store your payment information online.
 Don’t over share personal information on social media accounts.
 Change passwords regularly.
 Keep your browser software up-to-date.
 Run Anti-Virus software.
 Scan downloaded files before executing.
 Watch out for phishing.
 Don’t Reuse Passwords.
 Use HTTPS for banking transactions.
 Read Privacy Policies.
 Avoid Public or Free Wi-Fi.
 Disable Stored Passwords.
Social Networking….. Glance…
 Today’s world is a global village. Everyone is connected to one another in this vast network
generated by network.
 Till date, the world’s largest social networking company, Facebook has 340 million active
users in INDIA (2.85 billion world wide), and the no. of users are increasing every year.
70% - Ages 18-29 Years
77% -Ages 30-49 Years
73% - Ages 50-64 Years
50% -Ages 65+ Year
Total of 77% Women verses 61% Men
Securing Social Networking..
Lets not do it…….!
 Never post illegal activities.
 Avoid Bullying others.
 Don’t trash your Seniors/mentors/ Colleges.. And more…..
 Don’t post objectionable content from organizational networks.
 Don’t post confidential information.
 Don’t overlay specific location check-ins.
 Never rely on privacy settings 100%.
Facebook Security….
 Koobface (2009) – A Must see viral video
 Zeus – Botnet
 LikeJacking – Fake Likes
 Facebook Black – JS Malware
 Who Viewed Your profile? – Browser Hijacking
Security –
1. For Account Recovering - https://facebook.com/hacked
2. To Report anything - https://www.facebook.com/help/contact/
485974059259751
3. About Safety Check - https://www.facebook.com/about/safetycheck/
Security…Mobile Device(Android)
1) Do not save all of your passwords
2) Use Android in-built security
3) Lock your apps (Ex. App Lock)
4) Importance of App Permissions
5) Securing your network (Ex. Hideninja VPN, Wi-Fi Protector)
6) Use Mobile Security App
7) Create Multiple User Account to protect privacy
8) Prepare a Backup of your data
9) Enable Remote Wipe (Ex. 3cx Mobile Device Manager)
10) Track your lost device (Ex. Where’s My Droid, Plan B, SeekDroid Lite,
AntiDroidTheft, Prey AntiTheft)
Security Best Practices….
1) Use antivirus software (AVAST, AVG…..)
2) Insert firewalls , pop up blocker (Windows, Comodo)
3) Uninstall unnecessary software (Adwares)
4) Maintain backup (Weekly/Monthly)
5) Check security settings (Netstat)
6) Use secure connection (HTTPS)
7) Open attachments carefully
8) Use strong passwords , don’t give personal identifiable
information (PII) unless required.
Some Promises to keep while…. On
internet….
1) I will make my organization secure while using given resources securely
2) I will not submit any of my organization information in public forum.
3) I will segregate my duty and social life on internet.
4) If anyone endorsing me to spread information, please don’t forward it without
verification or trust.
5) I will change password of my sensitive information (personal/official) on
domain of internet/Intranet.
6) I will put my system offline (disconnect form network) if I am not using it..
7) I will contact ISMO/ISO if I found something malacious to IT system of My
organization.
Thanks….. But No thanks….
The only system which is truly secure is one which is switched off and
unplugged ,when it is not in use. But otherwise to be safe is Pay
attention and Act smart.
{ Any Enquiry keep in touch with ISMO/ISO }
https://haryanaismo.gov.in
Information Security Management Office, Haryana

More Related Content

What's hot

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
Community IT Innovators
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
Ahmed Musaad
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
Atlantic Training, LLC.
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
AbdalrhmanTHassan
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
Cristian Mihai
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
Animesh Roy
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Sharath Raj
 

What's hot (20)

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Cyber security
Cyber securityCyber security
Cyber security
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 

Similar to Cyber Security Awareness Program.pptx

cyber ethics
 cyber ethics cyber ethics
cyber ethics
Alomgir Hossain
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
LucaMartins7
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptx
UmaraZahidLecturer
 
E security and payment 2013-1
E security  and payment 2013-1E security  and payment 2013-1
E security and payment 2013-1
Abdelfatah hegazy
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
Abdul Manaf Vellakodath
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
Mustafa Amiri
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Salma Zafar
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Adeel Younas
 
Computer virus
Computer virusComputer virus
Computer virus
vazhichal12
 
Information security a new era technology_
Information security a new era technology_Information security a new era technology_
Information security a new era technology_
Tahmid Munaz
 
Information Security - A Discussion
Information Security  - A DiscussionInformation Security  - A Discussion
Information Security - A Discussion
Kaushik Patra
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
gracestearns
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
gracestearns
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
MuhammadRobeel3
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
peterhitch
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
Ashley Zimmerman
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
Asif Raza
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
Travis Good
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
SoniaTaryal
 

Similar to Cyber Security Awareness Program.pptx (20)

cyber ethics
 cyber ethics cyber ethics
cyber ethics
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptx
 
E security and payment 2013-1
E security  and payment 2013-1E security  and payment 2013-1
E security and payment 2013-1
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Computer virus
Computer virusComputer virus
Computer virus
 
Information security a new era technology_
Information security a new era technology_Information security a new era technology_
Information security a new era technology_
 
Information Security - A Discussion
Information Security  - A DiscussionInformation Security  - A Discussion
Information Security - A Discussion
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 

Recently uploaded

AWS Networking Basic , tanapat limsaiprom
AWS Networking Basic , tanapat limsaipromAWS Networking Basic , tanapat limsaiprom
AWS Networking Basic , tanapat limsaiprom
ธนาพัฒน์ ลิ้มสายพรหม
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
elbertablack
 
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor TerpercayaMegalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99
 
Book dating , international dating phgra
Book dating , international dating phgraBook dating , international dating phgra
Book dating , international dating phgra
thomaskurtha9
 
workbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdfworkbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdf
anya2024forgya
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
DEWANSTUDIO.COM
 
2023. Archive - Gigabajtos selfpublisher homepage
2023. Archive - Gigabajtos selfpublisher homepage2023. Archive - Gigabajtos selfpublisher homepage
2023. Archive - Gigabajtos selfpublisher homepage
Zsolt Nemeth
 
Effective Tips for Creating the Best Rich Media Ads .pptx
Effective Tips for Creating the Best Rich Media Ads .pptxEffective Tips for Creating the Best Rich Media Ads .pptx
Effective Tips for Creating the Best Rich Media Ads .pptx
AirtoryInc
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
Edward Blurock
 
Trading Strategy for London silver bullet
Trading Strategy for London silver bulletTrading Strategy for London silver bullet
Trading Strategy for London silver bullet
OkgatoSemadi1
 
How Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital TransformationHow Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital Transformation
Sweet Potato Tec
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
ssuser2f6682
 
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
paridubey2024#G05
 
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in CityGirls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
dilbaagsingh0898
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
exgf28
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
cenocb
 
Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)
Kashyap J
 
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptxIot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
DeepakKumar862274
 
6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App
VPN Server
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
mahigarg2024#G05
 

Recently uploaded (20)

AWS Networking Basic , tanapat limsaiprom
AWS Networking Basic , tanapat limsaipromAWS Networking Basic , tanapat limsaiprom
AWS Networking Basic , tanapat limsaiprom
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
 
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor TerpercayaMegalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor Terpercaya
 
Book dating , international dating phgra
Book dating , international dating phgraBook dating , international dating phgra
Book dating , international dating phgra
 
workbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdfworkbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdf
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
 
2023. Archive - Gigabajtos selfpublisher homepage
2023. Archive - Gigabajtos selfpublisher homepage2023. Archive - Gigabajtos selfpublisher homepage
2023. Archive - Gigabajtos selfpublisher homepage
 
Effective Tips for Creating the Best Rich Media Ads .pptx
Effective Tips for Creating the Best Rich Media Ads .pptxEffective Tips for Creating the Best Rich Media Ads .pptx
Effective Tips for Creating the Best Rich Media Ads .pptx
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
 
Trading Strategy for London silver bullet
Trading Strategy for London silver bulletTrading Strategy for London silver bullet
Trading Strategy for London silver bullet
 
How Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital TransformationHow Salesforce Development in the UK is Driving Digital Transformation
How Salesforce Development in the UK is Driving Digital Transformation
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
 
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
Kolkata @Girls @Call WhatsApp Numbers 🫦0000XX0000🫦 List For Friendship Girls ...
 
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in CityGirls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
Girls Call Shimla 000XX00000 Provide Best And Top Girl Service And No1 in City
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
 
Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)
 
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptxIot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
Iot-Internet-of-Things_Industrial revolution 4.0-ppt.pptx
 
6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
 

Cyber Security Awareness Program.pptx

  • 1. Cyber Security Awareness Program -ISMO SECURITY BEST PRACTICES……. STANDARD….. NON STANDARD
  • 2. Basic InfoSec……..?  Introduction…? My Self …… Yourselves……  Let us stop fussing…….! And see $whoami C:>whoami  Safety is not a slogan, it’s a way of life  Start with YOU and ends with YOU.  Skip these intros and lets see WhatsApp ? What's up in InfoSec World..  Current ongoing in Cyber/Information Security Arena …..!  Look for Threat post , the hacker news….  Still need explanation…… think…..Back to Basics….  Normal User ……. Get more on google..  Information Security Standards (ISO/IEC 27001-2013 ISMS)  11 Domains, 30 Control Objectives, 130 + controls to adopt an international Standard and certification of ISO/IEC- 27001-2013  Center for Internet Security- Benchmarking for security of the various IT System..  How to harden OS/Server/Firewall/Router/Switches.
  • 3. InfoSec/Cyber Security. Start/End…. You/Me/We…!  Basic Practices of System (PC/Laptop/Desktop) handling …..  Start at ….? End up with……? Observe….Cautiously….!  Windows user Task Manager/Even Viewer…. Need more… !  https://docs.microsoft.com/en-us/sysinternals/downloads/  Linux user much more to look @ ps aux/ufw /netstat/system monitor.  End of the working day …..Disconnect (Physically)
  • 6. Types of organizations….. THERE ARE ONLY TWO TYPES OF ORGANIZATIONS Those that have been hacked, And those that will be.
  • 7. Cyber Security Threat Landscape..  92% of the Indians/ youth was found to have shared private information online despite being aware that this is risky.  53% of youngsters trust the virtual world and interact with strangers.  51% of those polled didn’t care about their online privacy at all.
  • 8. Lime Lights of Today may can be…. Password Security USB Device Security Data Protection and Destruction Email Security & Phishing Awareness Protecting Against Ransom Virus URL and Safer Web Browsing Safe Social Networking Mobile Device Security
  • 9. Threats identification…..Trailing ….  Does your screen name identify you as your actual name…? Administrator…?  Have you ever posted any personal information of yours or anyone else without explicit consent?  Have you ever uploaded your picture of sensitive area of organization, wihtout prior consent of management.  Have you ever filled out online forms, questionnaires, profile pages considering your official profile ?  Have you ever purchased anything online while sharing your credit /debit cards number insecurely?  Have you ever shared your passwords with someone other ?  Have you ever downloaded and installed software without consulting your team mate.  Have you opened emails from total strangers?  Have you ever agreed to meet in person someone you have only met online?  Have you ever been involved in chat sessions with people using vulgar expressions or sexually explicit language?
  • 10. Code Red Worm (Year 2001) IIS
  • 11. Information Hacking History  The first recorded cyber crime was recorded in the year 1820.(France) Loom Device.  The first spam email took place in year 1978 when it was sent over the Arpanet.  The first Virus was installed on an Apple Computer in year 1982. (Rich Skrenta wrote first Elk Cloner virus) (On every 50th boot the Elk Cloner virus would display a short poem)
  • 12. Cyber Crime Includes…..  Illegal Access/ interceptions.  System/Data Interference,  Misuse of Device,  Hacking.  Denial of Services.  Virus Dissemination.  Cyber Terrorism.  Software Piracy.
  • 13. Hacker & Types of Hackers…. 1) White Hat – Good guys. Report hacks/vulnerabilities to appropriate people. 2) Black Hat – Only interested in personal goals, regardless of impact. 3) Gray Hat – Somewhere in between. Script Kiddies  Someone that calls themselves a ‘hacker’ but really isn’t Ethical Hacker  Someone hired to hack a system to find vulnerabilities and report on them.  Also called a ‘sneaker’
  • 14. Security…. Password… Why would someone wants to steal your password ? Passwords are the only keys that prevent unauthorized entry to many systems. Password Security Preventions – 1. It should be separate for diff-2 email accounts. 2. Don’t ever reveal your passwords to anyone. 3. Write down in a secure location. 4. Change your passwords if compromised suspected. 5. Add Complexity to passwords . 6. Last but not least for Banking related…Forgot the Password…only if….?
  • 15. How to Make password more Secure…  Choose at least 8 characters, including: - Uppercase - Lowercase - Numbers - Symbols such as @#$%^&*()!~’”  Avoid simple words  Don’t pick names or nicknames of people….Notice……!  Don’t include repeated characters  Avoid your special person’s like BF/GF name  EXAMPLE: 0mBhUrBhur@v3Sw@h Note: for Organizations pls always refer a password policy for life cycle of Information system.
  • 17. Security…… USB Devices…. USB flash drives are hard to track physically, being stored in bags, backpacks, laptop cases, jackets or left at unattended workstations.  STUXNET (Siemens ICS-SCADA, Programmable Logic Controller) A survey shows end users most frequently copy: - Customer Data (25%) - Financial Information (25%) - Business Plans (15%) - Employee Data (13%) - Source Code (6%)
  • 18. Securing USB Drives……. - Manually save files with a password. - Avoid Direct Plug-Ins. (Hold a Shift key and then attach) - Lock your flash drive with USB Safeguard. - Encrypting the drive with third party tools like True Crypt. - Ensure that all USB devices are checked for malware before they are connected to the network.
  • 20. Data Protection…. Computer data security is the process of preventing and detecting unauthorized use of your computer data. It is concerned with 4 main areas – (CIA)  Confidentiality  Integrity  Availability  Authentication
  • 21. System Security Tools/ Websites Tool - FileAnalyzer Tool - ComboFix Tool - Comodo Firewall Tool - Process Explorer Tool - Sandboxie Website - Virustotal.com Website - Nosharescanner.com
  • 22. •Linux was originally built by Linus Torvalds at the University of Helsinki in 1991. •Linux is a Unix-like, Kernel-based OS. •Flavors – Redhat, Fedora, Ubuntu, Backtrack, Debian, BSD, Suse, Slackware. Windows/Linux… First version of Windows – Windows 3.1 released in 1992 by Microsoft. Windows is a GUI based operating system Flavors – Windows 95, 98, ME, NT, XP, 2000, 2003, Vista, 7, 8, 8.1, 10. expecting 11
  • 23. Virus Attack…. Symptoms….  Processes take more resources and time.  Computer beeps with no display.  Drive label changes.  Unable to load OS.  Computer slows down when program starts.  Anti-virus alerts.  Computer freezes frequently or encounters error.  Files & Folders are missing.  Hard Drive is not accessible.  Browser window freezes.
  • 24. Security … Email…. Why….? Email is important because it creates a fast, reliable form of communication that is free and easily accessible. Basic Reasons of attacks on Email Accounts – - When one discloses his or her password to other person. - Forgetting to logout from public computers. - Lack of awareness about legal remedies to sue a bad man.
  • 25. Securing….Email……. To scan email headers – http://cyberforensics.in For Latest Email Scams – http://hoax-slayer.com Tips:  Use a wacky email address  Don’t recycle your password  Know how to catch a phish  Don’t use free Wi-Fi  Never open any Spam/Junk Email
  • 26. Ransomware….. What……?  A Ransomware is a type of malware that locks your files, data or the PC itself and extorts money from you in order to provide access.  Ransomware is considered “scare virus” as it forces users to pay a fee (or ransom) by scaring or threatening them. Example: cyberware, wannacry, petya For more info, www.yeahhub.com
  • 27. Securing …. Ransomware……  Backup your data.  Show hidden file extensions.  Filter EXEs in email.  Disable file running from AppData/LocalAppData Folders.  Disable RDP (Remote Desktop Protocol).  Patch or Update your software.  Disconnect your Wi-Fi or unplug.  Use System Restore to get back to a known clean state.  Set the BIOS clock back.  Google the leaked private key.
  • 30. Safe Surfing of Internet…. Browsing Secure web browsing is a game of changing tactics. Just when you think you’ve made your computer as safe to use as possible, the landscape changes. Always use HTTPS for banking transactions. Builtwith.com, who.is, centralops.net
  • 31. Safe Browsing ..to do…Please  Don’t download free media.  Don’t store your payment information online.  Don’t over share personal information on social media accounts.  Change passwords regularly.  Keep your browser software up-to-date.  Run Anti-Virus software.  Scan downloaded files before executing.  Watch out for phishing.  Don’t Reuse Passwords.  Use HTTPS for banking transactions.  Read Privacy Policies.  Avoid Public or Free Wi-Fi.  Disable Stored Passwords.
  • 32. Social Networking….. Glance…  Today’s world is a global village. Everyone is connected to one another in this vast network generated by network.  Till date, the world’s largest social networking company, Facebook has 340 million active users in INDIA (2.85 billion world wide), and the no. of users are increasing every year. 70% - Ages 18-29 Years 77% -Ages 30-49 Years 73% - Ages 50-64 Years 50% -Ages 65+ Year Total of 77% Women verses 61% Men
  • 33. Securing Social Networking.. Lets not do it…….!  Never post illegal activities.  Avoid Bullying others.  Don’t trash your Seniors/mentors/ Colleges.. And more…..  Don’t post objectionable content from organizational networks.  Don’t post confidential information.  Don’t overlay specific location check-ins.  Never rely on privacy settings 100%.
  • 34. Facebook Security….  Koobface (2009) – A Must see viral video  Zeus – Botnet  LikeJacking – Fake Likes  Facebook Black – JS Malware  Who Viewed Your profile? – Browser Hijacking Security – 1. For Account Recovering - https://facebook.com/hacked 2. To Report anything - https://www.facebook.com/help/contact/ 485974059259751 3. About Safety Check - https://www.facebook.com/about/safetycheck/
  • 35. Security…Mobile Device(Android) 1) Do not save all of your passwords 2) Use Android in-built security 3) Lock your apps (Ex. App Lock) 4) Importance of App Permissions 5) Securing your network (Ex. Hideninja VPN, Wi-Fi Protector) 6) Use Mobile Security App 7) Create Multiple User Account to protect privacy 8) Prepare a Backup of your data 9) Enable Remote Wipe (Ex. 3cx Mobile Device Manager) 10) Track your lost device (Ex. Where’s My Droid, Plan B, SeekDroid Lite, AntiDroidTheft, Prey AntiTheft)
  • 36. Security Best Practices…. 1) Use antivirus software (AVAST, AVG…..) 2) Insert firewalls , pop up blocker (Windows, Comodo) 3) Uninstall unnecessary software (Adwares) 4) Maintain backup (Weekly/Monthly) 5) Check security settings (Netstat) 6) Use secure connection (HTTPS) 7) Open attachments carefully 8) Use strong passwords , don’t give personal identifiable information (PII) unless required.
  • 37. Some Promises to keep while…. On internet…. 1) I will make my organization secure while using given resources securely 2) I will not submit any of my organization information in public forum. 3) I will segregate my duty and social life on internet. 4) If anyone endorsing me to spread information, please don’t forward it without verification or trust. 5) I will change password of my sensitive information (personal/official) on domain of internet/Intranet. 6) I will put my system offline (disconnect form network) if I am not using it.. 7) I will contact ISMO/ISO if I found something malacious to IT system of My organization.
  • 38. Thanks….. But No thanks…. The only system which is truly secure is one which is switched off and unplugged ,when it is not in use. But otherwise to be safe is Pay attention and Act smart. { Any Enquiry keep in touch with ISMO/ISO } https://haryanaismo.gov.in Information Security Management Office, Haryana