SlideShare a Scribd company logo

CyberSecurity Cyber24x7.pdf

Varinder K
Varinder K

Cyber24x7 Cybersecurity awareness slides to make users aware of company policies , information security issues , phishing emails etc. Well explained crisp information security slides covering 27001 awareness.

1 of 17
Download to read offline
Importance of Cybersecurity  The internet allows an attacker to work from anywhere on the planet.  Risks caused by poor security knowledge and practice:  R & D , Patents, Intellectual Property Theft  Identity Theft  Monetary Theft  Legal Ramifications (for yourself and your organization)  Sanctions or termination if policies are not followed  According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  Mobiles  Chat clients  Web Applications  Excessive User Rights
Cybersecurity is Safety • Information Security: We must protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology • Resilience : We must ensure resilience in our systems to survive against any attacks.
What is Information Security? • Ensure the confidentiality, integrity, and availability of information through safeguards (Information Security) • Ensure that the information will not be disclosed to unauthorized individuals or processes (Confidentiality) • Ensure that the condition of information has not been altered or destroyed in an unauthorized manner, and data is accurately transferred from one system to another (Integrity) • Ensure that information is accessible and useable upon demand by an authorized person (Availability)
Leading Threats • Viruses • Worms - WannaCry • Trojan Horses / Logic Bombs • Social Engineering • Rootkits • Botnets / Zombies • Hackers
Social Engineering • Social engineering is a technique to manipulate people into performing actions or divulging confidential information. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or access computer systems. Phone Call: Phone Call: Phone Call: This is John, the System Administrator. What is your password? Email: Email: Email: ABC Bank has noticed a problem with your account… In Person: In Person: In Person: What city you are from ? Your mother’s maiden name? and have some lovely software patches! I have come to repair your machine…
Phishing: Counterfeit Email • Phishing: A seemingly trustworthy entity asks for sensitive information such as SSN, credit card numbers, login IDs or passwords via e-mail
Phishing: Counterfeit Email
Phishing: Counterfeit Email
Physical Access Controls • All employees need to wear their ID cards while entering the premises. • Do not let anyone tail-gate while you enter critical areas like Data center or Server room or UPS room etc. • You are required to cooperate with the guards during frisking to ensure our own security. • Employees should inform all visitors not to carry any weapon or tobacco products while entering the premises of the company during visits/meetings. • Wipe of the boards while meeting is over before you vacate the meeting rooms. • Ensure mobile devices are protected and note left unattended while you are travelling or visiting company areas which are not under CCTV monitoring. • Ensure that you are aware if fire safety norms, usage of fire extinguishers and emergency numbers.
Security Etiquette • Good Security Standards follow the “80 / 20” Rule: • 20% of security safeguards are technical • 80% of security safeguards rely on the computer user (“YOU”) to adhere to good computing practices • Example: The lock on the door is the 20% control. Your responsibility is 80% which includes tasks such as remembering to lock, checking to see if it is properly locked, ensuring others do not prop the door open, keeping control of keys. 20% security by lock is worthless without YOU! • “A study reveals that the vast majority of security breaches are the result of a human error rather than technology flaws.” Best of technology fails if users do not adopt good security practices/procedures. See report from Verizon : https://www.verizon.com/business/resources/reports/dbir/
E-mail Usage • Sending mails to public accounts such as gmail, yahoo etc is prohibited unless approved by HOD. • All emails going out of the company are scanned and tracked using state of the security technology • Employees should not forward sensitive or confidential information via e- mail without authorization. • Employees are prohibited from sending/storing unofficial files using e- mails. • Employees should not write abusive, racist or otherwise inappropriate comments in e-mails. • Don’t forward chain mails with jokes, multimedia file and other non- productive content. • Report spam/unsolicited messages to
Internet Usage • Use internet for business purpose only • Chatting, accessing job sites, YouTube, Social Media, checking movie clips is prohibited • Do Not access sites that may be considered to be obscene, racist, sexist, or otherwise offensive • Accessing unofficial mail sites (Yahoo, Hotmail, Rediff, or others) and online chat sites is prohibited • Do not upload or send confidential company information (e.g. credit cards, ATMs, or e-funds transfer information ) through the Internet • Do Not download or use copyright, trademark or patent protected information • Do Not post personal opinion or sensitive information to chat rooms, bulletin boards, or forums • Do not subscribe to unofficial sites without approval from your HOD. • Access to Internet Is Monitored and Logged Regularly. Your systems can be audited any time by IT /IT Security team.
Desktop/Laptop Data Security • Do not share your Login ID’s such as system login, Server login or Network login IDs • Do not use other’s ID, Access company resources with your own ID only. • Do not fiddle with security settings of your systems • Do not use corporate hardware for personal use • Do not use personal storage devices/USB’s on corporate network/hardware • Store confidential data in the file servers with access controls • Follow clear desk and clear screen guidelines to protect information • Lock you desktop/laptop while you leave your workspace for a break • Periodic Audits Are Done to Ensure Compliance With All These Policies
Software Compliance • Do not download or install any software on your computer without a clearance from the IT support teams • Installation of unauthorized Software (e.g. Yahoo messenger, Skype, Mobile PC suites, games, MP3 files, etc) is strictly prohibited as per the company policy and can result in disciplinary action. • In case you observe any such software on your system, please inform your manager & the Information security team immediately.
Password Security • Set minimum eight character password with a combination of upper case, lower case, numbers, and special characters like @, %, ^, &, and *. • Do not use your name, surname, city etc in the password • Do not share a password with anyone • Do not write your password or store critical passwords in the browsers. • Change your password on a regular basis as per security policy of the company. • Use a separate password for your work and personal accounts
CyberSecurity Cyber24x7.pdf

Recommended

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
MeesanRaza
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcare
Nicholas Davis
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
Kirti Verma
 
Information security
Information securityInformation security
Information security
Shanthamallachar D B
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
 

Recommended

Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
MeesanRaza
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcare
Nicholas Davis
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
Kirti Verma
 
Information security
Information securityInformation security
Information security
Shanthamallachar D B
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
Geoffrey Vaughan
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity Challenge
Net at Work
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?
Mujeeb Riaz
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Cyber security
Cyber security Cyber security
Cyber security
ZwebaButt
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Kaushal Solanki
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptx
vasidharta
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
Brian Pichman
 
Security Basics
Security BasicsSecurity Basics
Security Basics
Rishi Prasath
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security Practice
Brian Pichman
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
santosh26kumar2003
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
Kazi Sarwar Hossain
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation
dhirujapla
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Adeel Younas
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 

More Related Content

Similar to CyberSecurity Cyber24x7.pdf

Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
Geoffrey Vaughan
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity Challenge
Net at Work
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?
Mujeeb Riaz
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
Krishna Srikanth Manda
 
Cyber security
Cyber security Cyber security
Cyber security
ZwebaButt
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Kaushal Solanki
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecuritylearnt
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptx
vasidharta
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
Brian Pichman
 
Security Basics
Security BasicsSecurity Basics
Security Basics
Rishi Prasath
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security Practice
Brian Pichman
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
santosh26kumar2003
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
Kazi Sarwar Hossain
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation
dhirujapla
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Adeel Younas
 

Similar to CyberSecurity Cyber24x7.pdf (20)

Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
 
Meeting the Cybersecurity Challenge
Meeting the Cybersecurity ChallengeMeeting the Cybersecurity Challenge
Meeting the Cybersecurity Challenge
 
Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?Cyber Crime and how to prevent it?
Cyber Crime and how to prevent it?
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cyber security
Cyber security Cyber security
Cyber security
 
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptxTheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
ISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptxISMS Awareness Training (2) (1).pptx
ISMS Awareness Training (2) (1).pptx
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security Practice
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygiene
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Information security Presentation
Information security Presentation Information security Presentation
Information security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 

CyberSecurity Cyber24x7.pdf

  • 1.
  • 2. Importance of Cybersecurity  The internet allows an attacker to work from anywhere on the planet.  Risks caused by poor security knowledge and practice:  R & D , Patents, Intellectual Property Theft  Identity Theft  Monetary Theft  Legal Ramifications (for yourself and your organization)  Sanctions or termination if policies are not followed  According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  Mobiles  Chat clients  Web Applications  Excessive User Rights
  • 3. Cybersecurity is Safety • Information Security: We must protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology • Resilience : We must ensure resilience in our systems to survive against any attacks.
  • 4. What is Information Security? • Ensure the confidentiality, integrity, and availability of information through safeguards (Information Security) • Ensure that the information will not be disclosed to unauthorized individuals or processes (Confidentiality) • Ensure that the condition of information has not been altered or destroyed in an unauthorized manner, and data is accurately transferred from one system to another (Integrity) • Ensure that information is accessible and useable upon demand by an authorized person (Availability)
  • 5. Leading Threats • Viruses • Worms - WannaCry • Trojan Horses / Logic Bombs • Social Engineering • Rootkits • Botnets / Zombies • Hackers
  • 6. Social Engineering • Social engineering is a technique to manipulate people into performing actions or divulging confidential information. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or access computer systems. Phone Call: Phone Call: Phone Call: This is John, the System Administrator. What is your password? Email: Email: Email: ABC Bank has noticed a problem with your account… In Person: In Person: In Person: What city you are from ? Your mother’s maiden name? and have some lovely software patches! I have come to repair your machine…
  • 7. Phishing: Counterfeit Email • Phishing: A seemingly trustworthy entity asks for sensitive information such as SSN, credit card numbers, login IDs or passwords via e-mail
  • 10. Physical Access Controls • All employees need to wear their ID cards while entering the premises. • Do not let anyone tail-gate while you enter critical areas like Data center or Server room or UPS room etc. • You are required to cooperate with the guards during frisking to ensure our own security. • Employees should inform all visitors not to carry any weapon or tobacco products while entering the premises of the company during visits/meetings. • Wipe of the boards while meeting is over before you vacate the meeting rooms. • Ensure mobile devices are protected and note left unattended while you are travelling or visiting company areas which are not under CCTV monitoring. • Ensure that you are aware if fire safety norms, usage of fire extinguishers and emergency numbers.
  • 11. Security Etiquette • Good Security Standards follow the “80 / 20” Rule: • 20% of security safeguards are technical • 80% of security safeguards rely on the computer user (“YOU”) to adhere to good computing practices • Example: The lock on the door is the 20% control. Your responsibility is 80% which includes tasks such as remembering to lock, checking to see if it is properly locked, ensuring others do not prop the door open, keeping control of keys. 20% security by lock is worthless without YOU! • “A study reveals that the vast majority of security breaches are the result of a human error rather than technology flaws.” Best of technology fails if users do not adopt good security practices/procedures. See report from Verizon : https://www.verizon.com/business/resources/reports/dbir/
  • 12. E-mail Usage • Sending mails to public accounts such as gmail, yahoo etc is prohibited unless approved by HOD. • All emails going out of the company are scanned and tracked using state of the security technology • Employees should not forward sensitive or confidential information via e- mail without authorization. • Employees are prohibited from sending/storing unofficial files using e- mails. • Employees should not write abusive, racist or otherwise inappropriate comments in e-mails. • Don’t forward chain mails with jokes, multimedia file and other non- productive content. • Report spam/unsolicited messages to
  • 13. Internet Usage • Use internet for business purpose only • Chatting, accessing job sites, YouTube, Social Media, checking movie clips is prohibited • Do Not access sites that may be considered to be obscene, racist, sexist, or otherwise offensive • Accessing unofficial mail sites (Yahoo, Hotmail, Rediff, or others) and online chat sites is prohibited • Do not upload or send confidential company information (e.g. credit cards, ATMs, or e-funds transfer information ) through the Internet • Do Not download or use copyright, trademark or patent protected information • Do Not post personal opinion or sensitive information to chat rooms, bulletin boards, or forums • Do not subscribe to unofficial sites without approval from your HOD. • Access to Internet Is Monitored and Logged Regularly. Your systems can be audited any time by IT /IT Security team.
  • 14. Desktop/Laptop Data Security • Do not share your Login ID’s such as system login, Server login or Network login IDs • Do not use other’s ID, Access company resources with your own ID only. • Do not fiddle with security settings of your systems • Do not use corporate hardware for personal use • Do not use personal storage devices/USB’s on corporate network/hardware • Store confidential data in the file servers with access controls • Follow clear desk and clear screen guidelines to protect information • Lock you desktop/laptop while you leave your workspace for a break • Periodic Audits Are Done to Ensure Compliance With All These Policies
  • 15. Software Compliance • Do not download or install any software on your computer without a clearance from the IT support teams • Installation of unauthorized Software (e.g. Yahoo messenger, Skype, Mobile PC suites, games, MP3 files, etc) is strictly prohibited as per the company policy and can result in disciplinary action. • In case you observe any such software on your system, please inform your manager & the Information security team immediately.
  • 16. Password Security • Set minimum eight character password with a combination of upper case, lower case, numbers, and special characters like @, %, ^, &, and *. • Do not use your name, surname, city etc in the password • Do not share a password with anyone • Do not write your password or store critical passwords in the browsers. • Change your password on a regular basis as per security policy of the company. • Use a separate password for your work and personal accounts