SlideShare a Scribd company logo

Cyber Security Awareness Program.pptx

Download as PPTX, PDF
D
Dinesh582831

This document provides an overview of cyber security topics and best practices. It discusses basics of information security, standards like ISO 27001, and how to harden operating systems. It covers password security, securing USB devices, email security, ransomware prevention, safe browsing, social media security, and mobile device security. Key advice includes using strong and unique passwords, encrypting USB drives, backing up data, updating software, and avoiding public Wi-Fi. The document also discusses cyber threats, types of hackers, and security incidents from the past as examples.

1 of 38
Cyber Security Awareness Program -ISMO SECURITY BEST PRACTICES……. STANDARD….. NON STANDARD
Basic InfoSec……..?  Introduction…? My Self …… Yourselves……  Let us stop fussing…….! And see $whoami C:>whoami  Safety is not a slogan, it’s a way of life  Start with YOU and ends with YOU.  Skip these intros and lets see WhatsApp ? What's up in InfoSec World..  Current ongoing in Cyber/Information Security Arena …..!  Look for Threat post , the hacker news….  Still need explanation…… think…..Back to Basics….  Normal User ……. Get more on google..  Information Security Standards (ISO/IEC 27001-2013 ISMS)  11 Domains, 30 Control Objectives, 130 + controls to adopt an international Standard and certification of ISO/IEC- 27001-2013  Center for Internet Security- Benchmarking for security of the various IT System..  How to harden OS/Server/Firewall/Router/Switches.
InfoSec/Cyber Security. Start/End…. You/Me/We…!  Basic Practices of System (PC/Laptop/Desktop) handling …..  Start at ….? End up with……? Observe….Cautiously….!  Windows user Task Manager/Even Viewer…. Need more… !  https://docs.microsoft.com/en-us/sysinternals/downloads/  Linux user much more to look @ ps aux/ufw /netstat/system monitor.  End of the working day …..Disconnect (Physically)
The Threat Post
The Hacker News
Types of organizations….. THERE ARE ONLY TWO TYPES OF ORGANIZATIONS Those that have been hacked, And those that will be.
Cyber Security Threat Landscape..  92% of the Indians/ youth was found to have shared private information online despite being aware that this is risky.  53% of youngsters trust the virtual world and interact with strangers.  51% of those polled didn’t care about their online privacy at all.
Lime Lights of Today may can be…. Password Security USB Device Security Data Protection and Destruction Email Security & Phishing Awareness Protecting Against Ransom Virus URL and Safer Web Browsing Safe Social Networking Mobile Device Security
Threats identification…..Trailing ….  Does your screen name identify you as your actual name…? Administrator…?  Have you ever posted any personal information of yours or anyone else without explicit consent?  Have you ever uploaded your picture of sensitive area of organization, wihtout prior consent of management.  Have you ever filled out online forms, questionnaires, profile pages considering your official profile ?  Have you ever purchased anything online while sharing your credit /debit cards number insecurely?  Have you ever shared your passwords with someone other ?  Have you ever downloaded and installed software without consulting your team mate.  Have you opened emails from total strangers?  Have you ever agreed to meet in person someone you have only met online?  Have you ever been involved in chat sessions with people using vulgar expressions or sexually explicit language?
Code Red Worm (Year 2001) IIS
Information Hacking History  The first recorded cyber crime was recorded in the year 1820.(France) Loom Device.  The first spam email took place in year 1978 when it was sent over the Arpanet.  The first Virus was installed on an Apple Computer in year 1982. (Rich Skrenta wrote first Elk Cloner virus) (On every 50th boot the Elk Cloner virus would display a short poem)
Cyber Crime Includes…..  Illegal Access/ interceptions.  System/Data Interference,  Misuse of Device,  Hacking.  Denial of Services.  Virus Dissemination.  Cyber Terrorism.  Software Piracy.
Hacker & Types of Hackers…. 1) White Hat – Good guys. Report hacks/vulnerabilities to appropriate people. 2) Black Hat – Only interested in personal goals, regardless of impact. 3) Gray Hat – Somewhere in between. Script Kiddies  Someone that calls themselves a ‘hacker’ but really isn’t Ethical Hacker  Someone hired to hack a system to find vulnerabilities and report on them.  Also called a ‘sneaker’
Security…. Password… Why would someone wants to steal your password ? Passwords are the only keys that prevent unauthorized entry to many systems. Password Security Preventions – 1. It should be separate for diff-2 email accounts. 2. Don’t ever reveal your passwords to anyone. 3. Write down in a secure location. 4. Change your passwords if compromised suspected. 5. Add Complexity to passwords . 6. Last but not least for Banking related…Forgot the Password…only if….?
How to Make password more Secure…  Choose at least 8 characters, including: - Uppercase - Lowercase - Numbers - Symbols such as @#$%^&*()!~’”  Avoid simple words  Don’t pick names or nicknames of people….Notice……!  Don’t include repeated characters  Avoid your special person’s like BF/GF name  EXAMPLE: 0mBhUrBhur@v3Sw@h Note: for Organizations pls always refer a password policy for life cycle of Information system.
Security…… USB Devices…. USB flash drives are hard to track physically, being stored in bags, backpacks, laptop cases, jackets or left at unattended workstations.  STUXNET (Siemens ICS-SCADA, Programmable Logic Controller) A survey shows end users most frequently copy: - Customer Data (25%) - Financial Information (25%) - Business Plans (15%) - Employee Data (13%) - Source Code (6%)
Securing USB Drives……. - Manually save files with a password. - Avoid Direct Plug-Ins. (Hold a Shift key and then attach) - Lock your flash drive with USB Safeguard. - Encrypting the drive with third party tools like True Crypt. - Ensure that all USB devices are checked for malware before they are connected to the network.
Data Protection…. Computer data security is the process of preventing and detecting unauthorized use of your computer data. It is concerned with 4 main areas – (CIA)  Confidentiality  Integrity  Availability  Authentication
System Security Tools/ Websites Tool - FileAnalyzer Tool - ComboFix Tool - Comodo Firewall Tool - Process Explorer Tool - Sandboxie Website - Virustotal.com Website - Nosharescanner.com
•Linux was originally built by Linus Torvalds at the University of Helsinki in 1991. •Linux is a Unix-like, Kernel-based OS. •Flavors – Redhat, Fedora, Ubuntu, Backtrack, Debian, BSD, Suse, Slackware. Windows/Linux… First version of Windows – Windows 3.1 released in 1992 by Microsoft. Windows is a GUI based operating system Flavors – Windows 95, 98, ME, NT, XP, 2000, 2003, Vista, 7, 8, 8.1, 10. expecting 11
Virus Attack…. Symptoms….  Processes take more resources and time.  Computer beeps with no display.  Drive label changes.  Unable to load OS.  Computer slows down when program starts.  Anti-virus alerts.  Computer freezes frequently or encounters error.  Files & Folders are missing.  Hard Drive is not accessible.  Browser window freezes.
Security … Email…. Why….? Email is important because it creates a fast, reliable form of communication that is free and easily accessible. Basic Reasons of attacks on Email Accounts – - When one discloses his or her password to other person. - Forgetting to logout from public computers. - Lack of awareness about legal remedies to sue a bad man.
Securing….Email……. To scan email headers – http://cyberforensics.in For Latest Email Scams – http://hoax-slayer.com Tips:  Use a wacky email address  Don’t recycle your password  Know how to catch a phish  Don’t use free Wi-Fi  Never open any Spam/Junk Email
Ransomware….. What……?  A Ransomware is a type of malware that locks your files, data or the PC itself and extorts money from you in order to provide access.  Ransomware is considered “scare virus” as it forces users to pay a fee (or ransom) by scaring or threatening them. Example: cyberware, wannacry, petya For more info, www.yeahhub.com
Securing …. Ransomware……  Backup your data.  Show hidden file extensions.  Filter EXEs in email.  Disable file running from AppData/LocalAppData Folders.  Disable RDP (Remote Desktop Protocol).  Patch or Update your software.  Disconnect your Wi-Fi or unplug.  Use System Restore to get back to a known clean state.  Set the BIOS clock back.  Google the leaked private key.
Safe Surfing of Internet…. Browsing Secure web browsing is a game of changing tactics. Just when you think you’ve made your computer as safe to use as possible, the landscape changes. Always use HTTPS for banking transactions. Builtwith.com, who.is, centralops.net
Safe Browsing ..to do…Please  Don’t download free media.  Don’t store your payment information online.  Don’t over share personal information on social media accounts.  Change passwords regularly.  Keep your browser software up-to-date.  Run Anti-Virus software.  Scan downloaded files before executing.  Watch out for phishing.  Don’t Reuse Passwords.  Use HTTPS for banking transactions.  Read Privacy Policies.  Avoid Public or Free Wi-Fi.  Disable Stored Passwords.
Social Networking….. Glance…  Today’s world is a global village. Everyone is connected to one another in this vast network generated by network.  Till date, the world’s largest social networking company, Facebook has 340 million active users in INDIA (2.85 billion world wide), and the no. of users are increasing every year. 70% - Ages 18-29 Years 77% -Ages 30-49 Years 73% - Ages 50-64 Years 50% -Ages 65+ Year Total of 77% Women verses 61% Men
Securing Social Networking.. Lets not do it…….!  Never post illegal activities.  Avoid Bullying others.  Don’t trash your Seniors/mentors/ Colleges.. And more…..  Don’t post objectionable content from organizational networks.  Don’t post confidential information.  Don’t overlay specific location check-ins.  Never rely on privacy settings 100%.
Facebook Security….  Koobface (2009) – A Must see viral video  Zeus – Botnet  LikeJacking – Fake Likes  Facebook Black – JS Malware  Who Viewed Your profile? – Browser Hijacking Security – 1. For Account Recovering - https://facebook.com/hacked 2. To Report anything - https://www.facebook.com/help/contact/ 485974059259751 3. About Safety Check - https://www.facebook.com/about/safetycheck/
Security…Mobile Device(Android) 1) Do not save all of your passwords 2) Use Android in-built security 3) Lock your apps (Ex. App Lock) 4) Importance of App Permissions 5) Securing your network (Ex. Hideninja VPN, Wi-Fi Protector) 6) Use Mobile Security App 7) Create Multiple User Account to protect privacy 8) Prepare a Backup of your data 9) Enable Remote Wipe (Ex. 3cx Mobile Device Manager) 10) Track your lost device (Ex. Where’s My Droid, Plan B, SeekDroid Lite, AntiDroidTheft, Prey AntiTheft)
Security Best Practices…. 1) Use antivirus software (AVAST, AVG…..) 2) Insert firewalls , pop up blocker (Windows, Comodo) 3) Uninstall unnecessary software (Adwares) 4) Maintain backup (Weekly/Monthly) 5) Check security settings (Netstat) 6) Use secure connection (HTTPS) 7) Open attachments carefully 8) Use strong passwords , don’t give personal identifiable information (PII) unless required.
Some Promises to keep while…. On internet…. 1) I will make my organization secure while using given resources securely 2) I will not submit any of my organization information in public forum. 3) I will segregate my duty and social life on internet. 4) If anyone endorsing me to spread information, please don’t forward it without verification or trust. 5) I will change password of my sensitive information (personal/official) on domain of internet/Intranet. 6) I will put my system offline (disconnect form network) if I am not using it.. 7) I will contact ISMO/ISO if I found something malacious to IT system of My organization.
Thanks….. But No thanks…. The only system which is truly secure is one which is switched off and unplugged ,when it is not in use. But otherwise to be safe is Pay attention and Act smart. { Any Enquiry keep in touch with ISMO/ISO } https://haryanaismo.gov.in Information Security Management Office, Haryana

Recommended

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 

Recommended

Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
davidcurriecia
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
hubbargf
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
Michel Bitter
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
MohammedYaseen638128
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & Principles
LearningwithRayYT
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
Community IT Innovators
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
ANGIEPAEZ304
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 
cyber ethics
cyber ethics cyber ethics
cyber ethics
Alomgir Hossain
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
LucaMartins7
 

More Related Content

What's hot

Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Stephen Cobb
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
davidcurriecia
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
Bill Gardner
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
hubbargf
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
Michel Bitter
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
MohammedYaseen638128
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & Principles
LearningwithRayYT
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
Community IT Innovators
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
ANGIEPAEZ304
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 

What's hot (20)

Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & Principles
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
 

Similar to Cyber Security Awareness Program.pptx

cyber ethics
cyber ethics cyber ethics
cyber ethics
Alomgir Hossain
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
LucaMartins7
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptx
UmaraZahidLecturer
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
Abdelfatah hegazy
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
Abdul Manaf Vellakodath
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
Mustafa Amiri
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Salma Zafar
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Adeel Younas
 
Computer virus
Computer virusComputer virus
Computer virus
vazhichal12
 
Information security a new era technology_
Information security a new era technology_Information security a new era technology_
Information security a new era technology_
Tahmid Munaz
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A Discussion
Kaushik Patra
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
gracestearns
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
gracestearns
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
MuhammadRobeel3
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
peterhitch
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
Ashley Zimmerman
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
Asif Raza
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
Travis Good
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
SoniaTaryal
 

Similar to Cyber Security Awareness Program.pptx (20)

cyber ethics
cyber ethics cyber ethics
cyber ethics
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptx
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Computer virus
Computer virusComputer virus
Computer virus
 
Information security a new era technology_
Information security a new era technology_Information security a new era technology_
Information security a new era technology_
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A Discussion
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
 
The downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_centuryThe downfall to_computers_in_the_21st_century
The downfall to_computers_in_the_21st_century
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 

Recently uploaded

快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
Tarandeep Singh
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
APNIC
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
APNIC
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
thezot
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 

Recently uploaded (12)

快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 

Cyber Security Awareness Program.pptx

  • 1. Cyber Security Awareness Program -ISMO SECURITY BEST PRACTICES……. STANDARD….. NON STANDARD
  • 2. Basic InfoSec……..?  Introduction…? My Self …… Yourselves……  Let us stop fussing…….! And see $whoami C:>whoami  Safety is not a slogan, it’s a way of life  Start with YOU and ends with YOU.  Skip these intros and lets see WhatsApp ? What's up in InfoSec World..  Current ongoing in Cyber/Information Security Arena …..!  Look for Threat post , the hacker news….  Still need explanation…… think…..Back to Basics….  Normal User ……. Get more on google..  Information Security Standards (ISO/IEC 27001-2013 ISMS)  11 Domains, 30 Control Objectives, 130 + controls to adopt an international Standard and certification of ISO/IEC- 27001-2013  Center for Internet Security- Benchmarking for security of the various IT System..  How to harden OS/Server/Firewall/Router/Switches.
  • 3. InfoSec/Cyber Security. Start/End…. You/Me/We…!  Basic Practices of System (PC/Laptop/Desktop) handling …..  Start at ….? End up with……? Observe….Cautiously….!  Windows user Task Manager/Even Viewer…. Need more… !  https://docs.microsoft.com/en-us/sysinternals/downloads/  Linux user much more to look @ ps aux/ufw /netstat/system monitor.  End of the working day …..Disconnect (Physically)
  • 6. Types of organizations….. THERE ARE ONLY TWO TYPES OF ORGANIZATIONS Those that have been hacked, And those that will be.
  • 7. Cyber Security Threat Landscape..  92% of the Indians/ youth was found to have shared private information online despite being aware that this is risky.  53% of youngsters trust the virtual world and interact with strangers.  51% of those polled didn’t care about their online privacy at all.
  • 8. Lime Lights of Today may can be…. Password Security USB Device Security Data Protection and Destruction Email Security & Phishing Awareness Protecting Against Ransom Virus URL and Safer Web Browsing Safe Social Networking Mobile Device Security
  • 9. Threats identification…..Trailing ….  Does your screen name identify you as your actual name…? Administrator…?  Have you ever posted any personal information of yours or anyone else without explicit consent?  Have you ever uploaded your picture of sensitive area of organization, wihtout prior consent of management.  Have you ever filled out online forms, questionnaires, profile pages considering your official profile ?  Have you ever purchased anything online while sharing your credit /debit cards number insecurely?  Have you ever shared your passwords with someone other ?  Have you ever downloaded and installed software without consulting your team mate.  Have you opened emails from total strangers?  Have you ever agreed to meet in person someone you have only met online?  Have you ever been involved in chat sessions with people using vulgar expressions or sexually explicit language?
  • 10. Code Red Worm (Year 2001) IIS
  • 11. Information Hacking History  The first recorded cyber crime was recorded in the year 1820.(France) Loom Device.  The first spam email took place in year 1978 when it was sent over the Arpanet.  The first Virus was installed on an Apple Computer in year 1982. (Rich Skrenta wrote first Elk Cloner virus) (On every 50th boot the Elk Cloner virus would display a short poem)
  • 12. Cyber Crime Includes…..  Illegal Access/ interceptions.  System/Data Interference,  Misuse of Device,  Hacking.  Denial of Services.  Virus Dissemination.  Cyber Terrorism.  Software Piracy.
  • 13. Hacker & Types of Hackers…. 1) White Hat – Good guys. Report hacks/vulnerabilities to appropriate people. 2) Black Hat – Only interested in personal goals, regardless of impact. 3) Gray Hat – Somewhere in between. Script Kiddies  Someone that calls themselves a ‘hacker’ but really isn’t Ethical Hacker  Someone hired to hack a system to find vulnerabilities and report on them.  Also called a ‘sneaker’
  • 14. Security…. Password… Why would someone wants to steal your password ? Passwords are the only keys that prevent unauthorized entry to many systems. Password Security Preventions – 1. It should be separate for diff-2 email accounts. 2. Don’t ever reveal your passwords to anyone. 3. Write down in a secure location. 4. Change your passwords if compromised suspected. 5. Add Complexity to passwords . 6. Last but not least for Banking related…Forgot the Password…only if….?
  • 15. How to Make password more Secure…  Choose at least 8 characters, including: - Uppercase - Lowercase - Numbers - Symbols such as @#$%^&*()!~’”  Avoid simple words  Don’t pick names or nicknames of people….Notice……!  Don’t include repeated characters  Avoid your special person’s like BF/GF name  EXAMPLE: 0mBhUrBhur@v3Sw@h Note: for Organizations pls always refer a password policy for life cycle of Information system.
  • 16.
  • 17. Security…… USB Devices…. USB flash drives are hard to track physically, being stored in bags, backpacks, laptop cases, jackets or left at unattended workstations.  STUXNET (Siemens ICS-SCADA, Programmable Logic Controller) A survey shows end users most frequently copy: - Customer Data (25%) - Financial Information (25%) - Business Plans (15%) - Employee Data (13%) - Source Code (6%)
  • 18. Securing USB Drives……. - Manually save files with a password. - Avoid Direct Plug-Ins. (Hold a Shift key and then attach) - Lock your flash drive with USB Safeguard. - Encrypting the drive with third party tools like True Crypt. - Ensure that all USB devices are checked for malware before they are connected to the network.
  • 19.
  • 20. Data Protection…. Computer data security is the process of preventing and detecting unauthorized use of your computer data. It is concerned with 4 main areas – (CIA)  Confidentiality  Integrity  Availability  Authentication
  • 21. System Security Tools/ Websites Tool - FileAnalyzer Tool - ComboFix Tool - Comodo Firewall Tool - Process Explorer Tool - Sandboxie Website - Virustotal.com Website - Nosharescanner.com
  • 22. •Linux was originally built by Linus Torvalds at the University of Helsinki in 1991. •Linux is a Unix-like, Kernel-based OS. •Flavors – Redhat, Fedora, Ubuntu, Backtrack, Debian, BSD, Suse, Slackware. Windows/Linux… First version of Windows – Windows 3.1 released in 1992 by Microsoft. Windows is a GUI based operating system Flavors – Windows 95, 98, ME, NT, XP, 2000, 2003, Vista, 7, 8, 8.1, 10. expecting 11
  • 23. Virus Attack…. Symptoms….  Processes take more resources and time.  Computer beeps with no display.  Drive label changes.  Unable to load OS.  Computer slows down when program starts.  Anti-virus alerts.  Computer freezes frequently or encounters error.  Files & Folders are missing.  Hard Drive is not accessible.  Browser window freezes.
  • 24. Security … Email…. Why….? Email is important because it creates a fast, reliable form of communication that is free and easily accessible. Basic Reasons of attacks on Email Accounts – - When one discloses his or her password to other person. - Forgetting to logout from public computers. - Lack of awareness about legal remedies to sue a bad man.
  • 25. Securing….Email……. To scan email headers – http://cyberforensics.in For Latest Email Scams – http://hoax-slayer.com Tips:  Use a wacky email address  Don’t recycle your password  Know how to catch a phish  Don’t use free Wi-Fi  Never open any Spam/Junk Email
  • 26. Ransomware….. What……?  A Ransomware is a type of malware that locks your files, data or the PC itself and extorts money from you in order to provide access.  Ransomware is considered “scare virus” as it forces users to pay a fee (or ransom) by scaring or threatening them. Example: cyberware, wannacry, petya For more info, www.yeahhub.com
  • 27. Securing …. Ransomware……  Backup your data.  Show hidden file extensions.  Filter EXEs in email.  Disable file running from AppData/LocalAppData Folders.  Disable RDP (Remote Desktop Protocol).  Patch or Update your software.  Disconnect your Wi-Fi or unplug.  Use System Restore to get back to a known clean state.  Set the BIOS clock back.  Google the leaked private key.
  • 28.
  • 29.
  • 30. Safe Surfing of Internet…. Browsing Secure web browsing is a game of changing tactics. Just when you think you’ve made your computer as safe to use as possible, the landscape changes. Always use HTTPS for banking transactions. Builtwith.com, who.is, centralops.net
  • 31. Safe Browsing ..to do…Please  Don’t download free media.  Don’t store your payment information online.  Don’t over share personal information on social media accounts.  Change passwords regularly.  Keep your browser software up-to-date.  Run Anti-Virus software.  Scan downloaded files before executing.  Watch out for phishing.  Don’t Reuse Passwords.  Use HTTPS for banking transactions.  Read Privacy Policies.  Avoid Public or Free Wi-Fi.  Disable Stored Passwords.
  • 32. Social Networking….. Glance…  Today’s world is a global village. Everyone is connected to one another in this vast network generated by network.  Till date, the world’s largest social networking company, Facebook has 340 million active users in INDIA (2.85 billion world wide), and the no. of users are increasing every year. 70% - Ages 18-29 Years 77% -Ages 30-49 Years 73% - Ages 50-64 Years 50% -Ages 65+ Year Total of 77% Women verses 61% Men
  • 33. Securing Social Networking.. Lets not do it…….!  Never post illegal activities.  Avoid Bullying others.  Don’t trash your Seniors/mentors/ Colleges.. And more…..  Don’t post objectionable content from organizational networks.  Don’t post confidential information.  Don’t overlay specific location check-ins.  Never rely on privacy settings 100%.
  • 34. Facebook Security….  Koobface (2009) – A Must see viral video  Zeus – Botnet  LikeJacking – Fake Likes  Facebook Black – JS Malware  Who Viewed Your profile? – Browser Hijacking Security – 1. For Account Recovering - https://facebook.com/hacked 2. To Report anything - https://www.facebook.com/help/contact/ 485974059259751 3. About Safety Check - https://www.facebook.com/about/safetycheck/
  • 35. Security…Mobile Device(Android) 1) Do not save all of your passwords 2) Use Android in-built security 3) Lock your apps (Ex. App Lock) 4) Importance of App Permissions 5) Securing your network (Ex. Hideninja VPN, Wi-Fi Protector) 6) Use Mobile Security App 7) Create Multiple User Account to protect privacy 8) Prepare a Backup of your data 9) Enable Remote Wipe (Ex. 3cx Mobile Device Manager) 10) Track your lost device (Ex. Where’s My Droid, Plan B, SeekDroid Lite, AntiDroidTheft, Prey AntiTheft)
  • 36. Security Best Practices…. 1) Use antivirus software (AVAST, AVG…..) 2) Insert firewalls , pop up blocker (Windows, Comodo) 3) Uninstall unnecessary software (Adwares) 4) Maintain backup (Weekly/Monthly) 5) Check security settings (Netstat) 6) Use secure connection (HTTPS) 7) Open attachments carefully 8) Use strong passwords , don’t give personal identifiable information (PII) unless required.
  • 37. Some Promises to keep while…. On internet…. 1) I will make my organization secure while using given resources securely 2) I will not submit any of my organization information in public forum. 3) I will segregate my duty and social life on internet. 4) If anyone endorsing me to spread information, please don’t forward it without verification or trust. 5) I will change password of my sensitive information (personal/official) on domain of internet/Intranet. 6) I will put my system offline (disconnect form network) if I am not using it.. 7) I will contact ISMO/ISO if I found something malacious to IT system of My organization.
  • 38. Thanks….. But No thanks…. The only system which is truly secure is one which is switched off and unplugged ,when it is not in use. But otherwise to be safe is Pay attention and Act smart. { Any Enquiry keep in touch with ISMO/ISO } https://haryanaismo.gov.in Information Security Management Office, Haryana