SlideShare a Scribd company logo

IT Security Basics For Managers

Download as PPTX, PDF
D
Daniel Owens

Designed largely for management, this presentation discusses common vulnerabilities, cyber security attack trends, and how to hamper, thwart and contain malicious attacks. Included is data from the latest vulnerability trend research, cyber security threat data, and a variety of methods for staying safe, detecting a compromise, and handling a compromise. The goal of this presentation is to give management information and help "start a conversation" within small businesses between management and IT staff to ensure the security of organization data.

Technology
1 of 24
Daniel Owens How to Hamper, Thwart, and Contain a Malicious Attack Through Best Practices Private Founder’s Webinar IT Security Specialist
2 ✧ Vulnerability Trends ✧ Common Attacks and Trends ✧ Detecting and Handling Intrusions Agenda Legal Disclaimer: This information is for educational purposes only & not intended to detail all requirements, vulnerabilities, and security measures necessary.
3 Vulnerability Trends
COTS Vulnerability Trends Source: VulDB
COTS Vulnerability Trends Source: VulDB
COTS Vulnerability Trends Source: CYTENNA
OWASP Top Ten of 2017 Source: OWASP
Other Related Resources 1. MITRE Common Weakness Enumeration (CWE) a. SANS/MITRE Top 25 Most Dangerous Software Errors 2. MITRE Common Vulnerabilities and Exposures (CVE) 3. National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) 4. Security Focus 5. VulDB
Attack Trends
Email Attack Trends Source: SymantecSource: Symantec
Source: Symantec
Source: Symantec
Email Attack Trends Source: SymantecSource: Symantec
Email Attack Trends Source: SymantecSource: Symantec
Remote Attack Trends Source: SymantecSource: Symantec
Malware Trends Source: SymantecSource: Symantec
Other Related Resources 1. Symantec Monthly Threat Report 2. Symantec Internet Security Threat Report (ISTR) 3. McAfee Labs Threats Reports 4. Microsoft Security Intelligence Report 5. Cisco Cybersecurity Reports 6. Akamai State of the Internet Report 7. WatchGuard Technology Internet Security Insights
Detecting and Handling Incidents
8 Keys to (Hampering and) Detecting an Incident (in no particular order) ● Anti-malware software ○ On all workstations, servers, and mobile devices ● Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) ○ In front of each network segment, at a minimum ● Firewalls ○ On all workstations, servers, and in front of each network segment ○ Must be “default-deny” ○ Stateful packet inspection (SPI) is important ● Proper logging ○ On all systems (e.g. mobile devices, network devices, servers, workstations) ○ Ensure logs are reviewed daily ○ Important systems should have weekly and monthly log reports ● Proper events notifications ○ On all systems (e.g. mobile devices, network devices, servers, workstations) ○ Alert staff when there is something important, only or something that might indicate an attack or compromise ● Vulnerability scanners ○ Run against everything at least monthly ● Third party audits and penetration tests ○ Performed at least annually ● Educating all users
Signs of a Compromise ● Ransom notes ○ In your email ○ In documents on the computer ○ In popups on the computer or on boot ● Slow computer or network ○ Especially if it seems like the computer is doing a lot of work, even when it shouldn’t be ● Odd popups from your antimalware ○ Especially if it starts saying that malware is found or that the antimalware solution keeps getting turned off ● Mouse moves on its own ● Things are typed that you aren’t typing ● Screen blinks ● Screen flips ● Unexpected software is installed on your computer ● Your friends/coworkers/family say that you are sending them spam ● You are called by your ISP about recent malicious activity coming from your network ● Passwords aren’t working or are changed ● Random popups appear on your computer ● Your default/home changes on your browsers (or other browser preferences change) ● Web searches or requests are redirected ○ Especially if to odd sites
What to do When Compromised Isolate Isolate the affected system from everything else, disconnecting it from the network Image If desired take a snapshot of the system, its volatile memory, and then shutdown and “image” (make a copy of) the harddrive Investigate Examine the newly created “images” to see: 1. What 2. When 3. How 4. Where 5. Why 6. Who You may even find that your backups are infected. Online Bring the system back online and monitor it and similar systems carefully to ensure that it isn’t reinfected. Also, change all passwords that may have been stored on the system Rebuild Using the last known good backups, restore the system. If the compromise was because of a vulnerability, fix or mitigate the vulnerability.
Additional Resources 1. Center for Internet Security (CIS) benchmarks, controls, and best practises 2. National Institute for Standards and Technology (NIST) IT security publications 3. Information Assurance Support Environment’s (IASE) Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) 4. National Security Agency (NSA) IT security publications 5. Microsoft’s Security Guidance Blog
Questions?

Recommended

Limbtec Computer Security Presentation
Limbtec Computer Security PresentationLimbtec Computer Security Presentation
Limbtec Computer Security Presentation
limbtec
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
Computer Awareness Training
Computer Awareness TrainingComputer Awareness Training
Computer Awareness Training
bsnsfadmin
 
Online Safety - Malwares
Online Safety - MalwaresOnline Safety - Malwares
Online Safety - Malwares
Arnav Kumar
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)
Azmi Mohd Tamil
 
Know More about Your Enemies
Know More about Your EnemiesKnow More about Your Enemies
Know More about Your Enemies
Softex Software House
 
Worms and viruses
Worms and virusesWorms and viruses
Worms and viruses
Connor Kerns
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
Jonathan Sinclair
 

Recommended

Limbtec Computer Security Presentation
Limbtec Computer Security PresentationLimbtec Computer Security Presentation
Limbtec Computer Security Presentation
limbtec
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
Computer Awareness Training
Computer Awareness TrainingComputer Awareness Training
Computer Awareness Training
bsnsfadmin
 
Online Safety - Malwares
Online Safety - MalwaresOnline Safety - Malwares
Online Safety - Malwares
Arnav Kumar
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)
Azmi Mohd Tamil
 
Know More about Your Enemies
Know More about Your EnemiesKnow More about Your Enemies
Know More about Your Enemies
Softex Software House
 
Worms and viruses
Worms and virusesWorms and viruses
Worms and viruses
Connor Kerns
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
Jonathan Sinclair
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
Dharmesh Kumar Sharma
 
Virus
VirusVirus
Virus
open_kraken98
 
Metasploit
MetasploitMetasploit
Metasploit
Parth Sahu
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
 
Defensive measure of virus
Defensive measure of virusDefensive measure of virus
Defensive measure of virus
Abrish06
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
robsworld
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
Akshay Kurhade
 
Technical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackTechnical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attack
Avanzo net
 
maintaning your computer systems
maintaning your computer systemsmaintaning your computer systems
maintaning your computer systems
Gener Luis Morada
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applications
webhostingguy
 
Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)
Satyendra Arora
 
Sowmya
SowmyaSowmya
Sowmya
Santhosh Sundar
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
AfiqEfendy Zaen
 
Security and Viruses
Security and VirusesSecurity and Viruses
Security and Viruses
Amrit Kaur
 
How to remove malware from your windows computer
How to remove malware from your windows computerHow to remove malware from your windows computer
How to remove malware from your windows computer
Technetweb
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
Get Norton Support From The Norton Experts
Get Norton Support From The Norton ExpertsGet Norton Support From The Norton Experts
Get Norton Support From The Norton Experts
mitchm4545
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
Jonathan Sinclair
 
Four Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer TodayFour Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer Today
Ohio Public Library Information Network (OPLIN)
 
Narain exploring web vulnerabilities
Narain exploring web vulnerabilitiesNarain exploring web vulnerabilities
Narain exploring web vulnerabilities
Er. Narayan Koirala
 
computer virus full explain ppt.pptx
computer virus full explain ppt.pptxcomputer virus full explain ppt.pptx
computer virus full explain ppt.pptx
TayyabaAbbas4
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
ITPG Secure Compliance and Certification Training
 

More Related Content

What's hot

Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
Dharmesh Kumar Sharma
 
Virus
VirusVirus
Virus
open_kraken98
 
Metasploit
MetasploitMetasploit
Metasploit
Parth Sahu
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
 
Defensive measure of virus
Defensive measure of virusDefensive measure of virus
Defensive measure of virus
Abrish06
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
robsworld
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
Akshay Kurhade
 
Technical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackTechnical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attack
Avanzo net
 
maintaning your computer systems
maintaning your computer systemsmaintaning your computer systems
maintaning your computer systems
Gener Luis Morada
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applications
webhostingguy
 
Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)
Satyendra Arora
 
Sowmya
SowmyaSowmya
Sowmya
Santhosh Sundar
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
AfiqEfendy Zaen
 
Security and Viruses
Security and VirusesSecurity and Viruses
Security and Viruses
Amrit Kaur
 
How to remove malware from your windows computer
How to remove malware from your windows computerHow to remove malware from your windows computer
How to remove malware from your windows computer
Technetweb
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
Get Norton Support From The Norton Experts
Get Norton Support From The Norton ExpertsGet Norton Support From The Norton Experts
Get Norton Support From The Norton Experts
mitchm4545
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
Jonathan Sinclair
 
Four Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer TodayFour Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer Today
Ohio Public Library Information Network (OPLIN)
 
Narain exploring web vulnerabilities
Narain exploring web vulnerabilitiesNarain exploring web vulnerabilities
Narain exploring web vulnerabilities
Er. Narayan Koirala
 

What's hot (20)

Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
 
Virus
VirusVirus
Virus
 
Metasploit
MetasploitMetasploit
Metasploit
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
 
Defensive measure of virus
Defensive measure of virusDefensive measure of virus
Defensive measure of virus
 
W01p2virus wayman robert
W01p2virus wayman robertW01p2virus wayman robert
W01p2virus wayman robert
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
 
Technical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackTechnical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attack
 
maintaning your computer systems
maintaning your computer systemsmaintaning your computer systems
maintaning your computer systems
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applications
 
Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)Safe computing (Tips & Tricks)
Safe computing (Tips & Tricks)
 
Sowmya
SowmyaSowmya
Sowmya
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
 
Security and Viruses
Security and VirusesSecurity and Viruses
Security and Viruses
 
How to remove malware from your windows computer
How to remove malware from your windows computerHow to remove malware from your windows computer
How to remove malware from your windows computer
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
 
Get Norton Support From The Norton Experts
Get Norton Support From The Norton ExpertsGet Norton Support From The Norton Experts
Get Norton Support From The Norton Experts
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
 
Four Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer TodayFour Things You Should Do to Your Computer Today
Four Things You Should Do to Your Computer Today
 
Narain exploring web vulnerabilities
Narain exploring web vulnerabilitiesNarain exploring web vulnerabilities
Narain exploring web vulnerabilities
 

Similar to IT Security Basics For Managers

computer virus full explain ppt.pptx
computer virus full explain ppt.pptxcomputer virus full explain ppt.pptx
computer virus full explain ppt.pptx
TayyabaAbbas4
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
ITPG Secure Compliance and Certification Training
 
Malware 10 minute presentation
Malware 10 minute presentationMalware 10 minute presentation
Malware 10 minute presentation
David Lombrozo
 
Virus And Antivirus short presentation.pptx
Virus And Antivirus short presentation.pptxVirus And Antivirus short presentation.pptx
Virus And Antivirus short presentation.pptx
sachingwalani24
 
Operating System and Virus (Introduction).pptx
Operating System and Virus (Introduction).pptxOperating System and Virus (Introduction).pptx
Operating System and Virus (Introduction).pptx
DondonGoles
 
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
Lucy Denver
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
jemtallon
 
Basic Computer Skills.pptx
Basic Computer Skills.pptxBasic Computer Skills.pptx
Basic Computer Skills.pptx
ChandniK7
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing Presentation
Chris Gates
 
10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program 10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program
Dtex Systems
 
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
CODE BLUE
 
Advanced malware analysis training session3 botnet analysis part2
Advanced malware analysis training session3 botnet analysis part2Advanced malware analysis training session3 botnet analysis part2
Advanced malware analysis training session3 botnet analysis part2
Cysinfo Cyber Security Community
 
Internet security
Internet securityInternet security
Internet security
rfukunaga
 
Basic Computer Security for Doctors
Basic Computer Security for DoctorsBasic Computer Security for Doctors
Basic Computer Security for Doctors
Plus91 Technologies Pvt. Ltd.
 
Information security
Information securityInformation security
Information security
Shanthamallachar D B
 
Drop, Stop & Roll
Drop, Stop & RollDrop, Stop & Roll
Drop, Stop & Roll
John Hoffoss
 
Cyber security
Cyber securityCyber security
Cyber security
Arjun Chetry
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
ahmad abdelhafeez
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6
Chinatu Uzuegbu
 
PACE-IT: Common Network Security Issues
PACE-IT: Common Network Security IssuesPACE-IT: Common Network Security Issues
PACE-IT: Common Network Security Issues
Pace IT at Edmonds Community College
 

Similar to IT Security Basics For Managers (20)

computer virus full explain ppt.pptx
computer virus full explain ppt.pptxcomputer virus full explain ppt.pptx
computer virus full explain ppt.pptx
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
 
Malware 10 minute presentation
Malware 10 minute presentationMalware 10 minute presentation
Malware 10 minute presentation
 
Virus And Antivirus short presentation.pptx
Virus And Antivirus short presentation.pptxVirus And Antivirus short presentation.pptx
Virus And Antivirus short presentation.pptx
 
Operating System and Virus (Introduction).pptx
Operating System and Virus (Introduction).pptxOperating System and Virus (Introduction).pptx
Operating System and Virus (Introduction).pptx
 
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
'We Eat Cryptolocker for Breakfast' - How to Beat Ransomware Presentation
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
 
Basic Computer Skills.pptx
Basic Computer Skills.pptxBasic Computer Skills.pptx
Basic Computer Skills.pptx
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing Presentation
 
10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program 10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program
 
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
 
Advanced malware analysis training session3 botnet analysis part2
Advanced malware analysis training session3 botnet analysis part2Advanced malware analysis training session3 botnet analysis part2
Advanced malware analysis training session3 botnet analysis part2
 
Internet security
Internet securityInternet security
Internet security
 
Basic Computer Security for Doctors
Basic Computer Security for DoctorsBasic Computer Security for Doctors
Basic Computer Security for Doctors
 
Information security
Information securityInformation security
Information security
 
Drop, Stop & Roll
Drop, Stop & RollDrop, Stop & Roll
Drop, Stop & Roll
 
Cyber security
Cyber securityCyber security
Cyber security
 
Incident handling.final
Incident handling.finalIncident handling.final
Incident handling.final
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6
 
PACE-IT: Common Network Security Issues
PACE-IT: Common Network Security IssuesPACE-IT: Common Network Security Issues
PACE-IT: Common Network Security Issues
 

Recently uploaded

Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Neo4j
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
zjhamm304
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
BibashShahi
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving
 
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
Vadym Kazulkin
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
What is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE RolesWhat is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE Roles
DianaGray10
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
Fwdays
 
A Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's ArchitectureA Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's Architecture
ScyllaDB
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Fwdays
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
LizaNolte
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
Sease
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 

Recently uploaded (20)

Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
 
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
What is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE RolesWhat is an RPA CoE? Session 2 – CoE Roles
What is an RPA CoE? Session 2 – CoE Roles
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
 
A Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's ArchitectureA Deep Dive into ScyllaDB's Architecture
A Deep Dive into ScyllaDB's Architecture
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 

IT Security Basics For Managers

  • 1. Daniel Owens How to Hamper, Thwart, and Contain a Malicious Attack Through Best Practices Private Founder’s Webinar IT Security Specialist
  • 2. 2 ✧ Vulnerability Trends ✧ Common Attacks and Trends ✧ Detecting and Handling Intrusions Agenda Legal Disclaimer: This information is for educational purposes only & not intended to detail all requirements, vulnerabilities, and security measures necessary.
  • 7. OWASP Top Ten of 2017 Source: OWASP
  • 8. Other Related Resources 1. MITRE Common Weakness Enumeration (CWE) a. SANS/MITRE Top 25 Most Dangerous Software Errors 2. MITRE Common Vulnerabilities and Exposures (CVE) 3. National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) 4. Security Focus 5. VulDB
  • 10. Email Attack Trends Source: SymantecSource: Symantec
  • 13.
  • 14. Email Attack Trends Source: SymantecSource: Symantec
  • 15. Email Attack Trends Source: SymantecSource: Symantec
  • 16. Remote Attack Trends Source: SymantecSource: Symantec
  • 18. Other Related Resources 1. Symantec Monthly Threat Report 2. Symantec Internet Security Threat Report (ISTR) 3. McAfee Labs Threats Reports 4. Microsoft Security Intelligence Report 5. Cisco Cybersecurity Reports 6. Akamai State of the Internet Report 7. WatchGuard Technology Internet Security Insights
  • 20. 8 Keys to (Hampering and) Detecting an Incident (in no particular order) ● Anti-malware software ○ On all workstations, servers, and mobile devices ● Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) ○ In front of each network segment, at a minimum ● Firewalls ○ On all workstations, servers, and in front of each network segment ○ Must be “default-deny” ○ Stateful packet inspection (SPI) is important ● Proper logging ○ On all systems (e.g. mobile devices, network devices, servers, workstations) ○ Ensure logs are reviewed daily ○ Important systems should have weekly and monthly log reports ● Proper events notifications ○ On all systems (e.g. mobile devices, network devices, servers, workstations) ○ Alert staff when there is something important, only or something that might indicate an attack or compromise ● Vulnerability scanners ○ Run against everything at least monthly ● Third party audits and penetration tests ○ Performed at least annually ● Educating all users
  • 21. Signs of a Compromise ● Ransom notes ○ In your email ○ In documents on the computer ○ In popups on the computer or on boot ● Slow computer or network ○ Especially if it seems like the computer is doing a lot of work, even when it shouldn’t be ● Odd popups from your antimalware ○ Especially if it starts saying that malware is found or that the antimalware solution keeps getting turned off ● Mouse moves on its own ● Things are typed that you aren’t typing ● Screen blinks ● Screen flips ● Unexpected software is installed on your computer ● Your friends/coworkers/family say that you are sending them spam ● You are called by your ISP about recent malicious activity coming from your network ● Passwords aren’t working or are changed ● Random popups appear on your computer ● Your default/home changes on your browsers (or other browser preferences change) ● Web searches or requests are redirected ○ Especially if to odd sites
  • 22. What to do When Compromised Isolate Isolate the affected system from everything else, disconnecting it from the network Image If desired take a snapshot of the system, its volatile memory, and then shutdown and “image” (make a copy of) the harddrive Investigate Examine the newly created “images” to see: 1. What 2. When 3. How 4. Where 5. Why 6. Who You may even find that your backups are infected. Online Bring the system back online and monitor it and similar systems carefully to ensure that it isn’t reinfected. Also, change all passwords that may have been stored on the system Rebuild Using the last known good backups, restore the system. If the compromise was because of a vulnerability, fix or mitigate the vulnerability.
  • 23. Additional Resources 1. Center for Internet Security (CIS) benchmarks, controls, and best practises 2. National Institute for Standards and Technology (NIST) IT security publications 3. Information Assurance Support Environment’s (IASE) Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) 4. National Security Agency (NSA) IT security publications 5. Microsoft’s Security Guidance Blog