SlideShare a Scribd company logo

How to Secure Your Organisation Data

Phannarith Ou, G-CISO
Phannarith Ou, G-CISO

The document discusses various topics relating to information security including basic concepts, malware, password protection, social engineering, and recommendations. It covers confidentiality, integrity and availability as key aspects of information security. Threats, vulnerabilities and losses are examined, as well as why information security is important. Common malware types like viruses, worms and trojans are defined. The document provides tips for securing passwords and protecting against social engineering. It emphasizes the importance of regular software and antivirus updates.

1 of 31
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 1"
!  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
3"
ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
•  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
. - : @ . ! 11"
Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
13"
Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
•  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
•  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
18"
•  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
How"to"secure"your"password" . - : @ . ! 22"
23"
. - : @ . ! 24"
. - : @ . ! 25"
. - : @ . ! 26"
. - : @ . ! 27"
28"
User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 31"

Recommended

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hacking
hackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Zivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
Greg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
Phillip Maddux
 
Honeypots
HoneypotsHoneypots
Honeypots
Bilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 

Recommended

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hacking
hackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Zivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
Greg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
Phillip Maddux
 
Honeypots
HoneypotsHoneypots
Honeypots
Bilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
InfinIT - Innovationsnetværket for it
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
S.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)
Ulrich Janßen
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
aritraranjan
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
Vaughan Olufemi ACIB, AICEN, ANIM
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
Phannarith Ou, G-CISO
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRajendra Dangwal
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Tushar Malhotra
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPTAnshuman Tripathi
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?
Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Codemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the Trenches
Yair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101
Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?
Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A Network
Phil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal level
Arnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity Symposium
Bob Rudis
 

More Related Content

Viewers also liked

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
S.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)
Ulrich Janßen
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
aritraranjan
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
Vaughan Olufemi ACIB, AICEN, ANIM
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
Phannarith Ou, G-CISO
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Tushar Malhotra
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 

Viewers also liked (10)

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 

Similar to How to Secure Your Organisation Data

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?
Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Codemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the Trenches
Yair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101
Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?
Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A Network
Phil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal level
Arnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity Symposium
Bob Rudis
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
pinkflawd
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoT
MONICA-Project
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013JimWhite
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
JoAnna Cheshire
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
Vlad Styran
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elements
ahmed_vr
 

Similar to How to Secure Your Organisation Data (20)

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the Trenches
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A Network
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal level
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity Symposium
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoT
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elements
 

More from Phannarith Ou, G-CISO

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer
Phannarith Ou, G-CISO
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Reconnaisance
Reconnaisance Reconnaisance
Reconnaisance
Phannarith Ou, G-CISO
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your information
Phannarith Ou, G-CISO
 
Case - How to protect your website
Case - How to protect your websiteCase - How to protect your website
Case - How to protect your website
Phannarith Ou, G-CISO
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)
Phannarith Ou, G-CISO
 
Internet Security Policy - Khmer
Internet Security Policy - Khmer Internet Security Policy - Khmer
Internet Security Policy - Khmer
Phannarith Ou, G-CISO
 
How to Protect Computer From Virus
How to Protect Computer From VirusHow to Protect Computer From Virus
How to Protect Computer From Virus
Phannarith Ou, G-CISO
 
How to Secure Your WiFi
How to Secure Your WiFiHow to Secure Your WiFi
How to Secure Your WiFi
Phannarith Ou, G-CISO
 
Facebook Security in 3 Ways
Facebook Security in 3 Ways Facebook Security in 3 Ways
Facebook Security in 3 Ways
Phannarith Ou, G-CISO
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding Keylogger
Phannarith Ou, G-CISO
 
Exchange Server 2003
Exchange Server 2003Exchange Server 2003
Exchange Server 2003
Phannarith Ou, G-CISO
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006
Phannarith Ou, G-CISO
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 Enterprise
Phannarith Ou, G-CISO
 
Secure System Development Proposal
Secure System Development ProposalSecure System Development Proposal
Secure System Development Proposal
Phannarith Ou, G-CISO
 
ូUnderstanding DNS Spoofing
ូUnderstanding DNS SpoofingូUnderstanding DNS Spoofing
ូUnderstanding DNS Spoofing
Phannarith Ou, G-CISO
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU Student
Phannarith Ou, G-CISO
 

More from Phannarith Ou, G-CISO (20)

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Reconnaisance
Reconnaisance Reconnaisance
Reconnaisance
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your information
 
Case - How to protect your website
Case - How to protect your websiteCase - How to protect your website
Case - How to protect your website
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)
 
Internet Security Policy - Khmer
Internet Security Policy - Khmer Internet Security Policy - Khmer
Internet Security Policy - Khmer
 
How to Protect Computer From Virus
How to Protect Computer From VirusHow to Protect Computer From Virus
How to Protect Computer From Virus
 
How to Secure Your WiFi
How to Secure Your WiFiHow to Secure Your WiFi
How to Secure Your WiFi
 
Facebook Security in 3 Ways
Facebook Security in 3 Ways Facebook Security in 3 Ways
Facebook Security in 3 Ways
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding Keylogger
 
Exchange Server 2003
Exchange Server 2003Exchange Server 2003
Exchange Server 2003
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 Enterprise
 
Secure System Development Proposal
Secure System Development ProposalSecure System Development Proposal
Secure System Development Proposal
 
ូUnderstanding DNS Spoofing
ូUnderstanding DNS SpoofingូUnderstanding DNS Spoofing
ូUnderstanding DNS Spoofing
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU Student
 
Heartbleed vulnerability
Heartbleed vulnerabilityHeartbleed vulnerability
Heartbleed vulnerability
 
P12 r202t8 05-spam
P12 r202t8 05-spamP12 r202t8 05-spam
P12 r202t8 05-spam
 
P12 r202t8 04-d-dos
P12 r202t8 04-d-dosP12 r202t8 04-d-dos
P12 r202t8 04-d-dos
 

Recently uploaded

Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
Krisztián Száraz
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
Academy of Science of South Africa
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
Mohammed Sikander
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
goswamiyash170123
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
TechSoup
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
Wasim Ak
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Dr. Vinod Kumar Kanvaria
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 

Recently uploaded (20)

Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 

How to Secure Your Organisation Data

  • 2. !  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
  • 3. 3"
  • 4. ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
  • 5. Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
  • 6. Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
  • 7. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
  • 8. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
  • 9. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
  • 10. •  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
  • 11. . - : @ . ! 11"
  • 12. Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
  • 13. 13"
  • 14. Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
  • 15. •  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
  • 16. •  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
  • 17. Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
  • 18. 18"
  • 19. •  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
  • 20. Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
  • 21. Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
  • 23. 23"
  • 24. . - : @ . ! 24"
  • 25. . - : @ . ! 25"
  • 26. . - : @ . ! 26"
  • 27. . - : @ . ! 27"
  • 28. 28"
  • 29. User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
  • 30. You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"