This document provides an overview of cyber security and the need for cyber security professionals. It discusses how connected devices have become part of daily life and how organizations utilize networks to do business. As more digital data is gathered and stored, it is essential to protect this information at both the personal and organizational levels. The document also cites statistics about the global shortage of cyber security professionals and explains some of the benefits of working in the cyber security field such as high earning potential, challenging work, and the ability to provide an important public service.
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
As the nation and the world adapted to the coronavirus pandemic, businesses became accustomed to employees working from home. Even as the states reopened from the mandated “lockdown”, many companies and employees alike found advantages to working remotely. Today, we live in a world where the hybrid of in-office work and remote work from home is the “new” normal. Home computers or other remote locations are more vulnerable than ever to cyber-attacks. Organizations need to build people-centric cybersecurity strategies to protect against business email compromises or email account compromises. Increasingly risky websites are being transmitted through corporate emails. The speaker will discuss some of the newest trends in cyberattacks which are continually evolving and growing. Ransomware can hit in seconds. Credit card use is higher than ever, and some cyber-crime groups live to target payment card information. This program has been designed to offer real-life examples and practical steps which may be taken to thwart business-fraud and cyber-crime.
Time is now changing faster, it was started with Green Revolution, White Revolution and now it’s time for Data Revolutions. It means Cyber War; in today’s world AI is replacing human beings. A research says that more than 80% work is depending upon AI. Due to this cyber crimes and threats are also increased.
Application security meetup data privacy_27052021lior mazor
"Application Security Meetup - Data Privacy", hear about Data Protection and Privacy in Modern times, recent Cyber Fraud attacks and data theft, and practical methods of implementing Data Protection in the process development life cycle.
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
As the nation and the world adapted to the coronavirus pandemic, businesses became accustomed to employees working from home. Even as the states reopened from the mandated “lockdown”, many companies and employees alike found advantages to working remotely. Today, we live in a world where the hybrid of in-office work and remote work from home is the “new” normal. Home computers or other remote locations are more vulnerable than ever to cyber-attacks. Organizations need to build people-centric cybersecurity strategies to protect against business email compromises or email account compromises. Increasingly risky websites are being transmitted through corporate emails. The speaker will discuss some of the newest trends in cyberattacks which are continually evolving and growing. Ransomware can hit in seconds. Credit card use is higher than ever, and some cyber-crime groups live to target payment card information. This program has been designed to offer real-life examples and practical steps which may be taken to thwart business-fraud and cyber-crime.
Time is now changing faster, it was started with Green Revolution, White Revolution and now it’s time for Data Revolutions. It means Cyber War; in today’s world AI is replacing human beings. A research says that more than 80% work is depending upon AI. Due to this cyber crimes and threats are also increased.
Application security meetup data privacy_27052021lior mazor
"Application Security Meetup - Data Privacy", hear about Data Protection and Privacy in Modern times, recent Cyber Fraud attacks and data theft, and practical methods of implementing Data Protection in the process development life cycle.
Presented at the 29th Annual FMA Conference
Topics:
> Raise awareness of the emerging trends in cybersecurity, such as the threats and the potential cost that a breach could have on your organization
> Establish an understanding of what your organization and board can do to reduce the likelihood and impact of a breach
> Identify key characteristics and aspects within an incident/breach response plan and how this plan will reduce the impact of the unfortunate event
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
This ppt contains details about various cyber crime and how can you prevent yourself from the cyber crime. This also includes cyber law of India and its various section.
A Survey Paper on Identity Theft in the Internetijtsrd
Identity of any internet user is stole in seconds and the user may not aware about it. There are various tools available in the internet which allow anyone to steal data of any particular user, if he she is connected to internet. The attacker is not required to have advanced knowledge about the internet technology or how networking works. Identity theft is a tremendous issue for most Internet clients.. This paper is an attempt to make reader aware about how their identity can be theft in the internet. This work expects to expand the mindfulness and comprehension of the Identity thefts that are and related cheats all through the world. Guruprasad Saroj | Rasika G. Patil ""A Survey Paper on Identity Theft in the Internet"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23966.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-security/23966/a-survey-paper-on-identity-theft-in-the-internet/guruprasad-saroj
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
The financial services industry, like most businesses and consumers, has become dependent on mobile communications as a way to conduct business, manage customer information, exchange data, and work with customers. Due to its convenience, speed and ease, the electronic form of money has gained tremendous popularity among ordinary people and businesses
Presented by Vipin Chandra Joshi at IJSARD (International Journal of Socio-legal Analysis and Rural Development) International Virtual Conference 2017 On Law and Social Sciences.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Presented at the 29th Annual FMA Conference
Topics:
> Raise awareness of the emerging trends in cybersecurity, such as the threats and the potential cost that a breach could have on your organization
> Establish an understanding of what your organization and board can do to reduce the likelihood and impact of a breach
> Identify key characteristics and aspects within an incident/breach response plan and how this plan will reduce the impact of the unfortunate event
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
This ppt contains details about various cyber crime and how can you prevent yourself from the cyber crime. This also includes cyber law of India and its various section.
A Survey Paper on Identity Theft in the Internetijtsrd
Identity of any internet user is stole in seconds and the user may not aware about it. There are various tools available in the internet which allow anyone to steal data of any particular user, if he she is connected to internet. The attacker is not required to have advanced knowledge about the internet technology or how networking works. Identity theft is a tremendous issue for most Internet clients.. This paper is an attempt to make reader aware about how their identity can be theft in the internet. This work expects to expand the mindfulness and comprehension of the Identity thefts that are and related cheats all through the world. Guruprasad Saroj | Rasika G. Patil ""A Survey Paper on Identity Theft in the Internet"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-4 , June 2019, URL: https://www.ijtsrd.com/papers/ijtsrd23966.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-security/23966/a-survey-paper-on-identity-theft-in-the-internet/guruprasad-saroj
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
The financial services industry, like most businesses and consumers, has become dependent on mobile communications as a way to conduct business, manage customer information, exchange data, and work with customers. Due to its convenience, speed and ease, the electronic form of money has gained tremendous popularity among ordinary people and businesses
Presented by Vipin Chandra Joshi at IJSARD (International Journal of Socio-legal Analysis and Rural Development) International Virtual Conference 2017 On Law and Social Sciences.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Are you wondering why your inbox of your emails is filled with junk mail every day? or why hackers are able to recognize your username when they try to take your password? Most likely, your data was disclosed through security breaches.
The Bitdefender study has found that internet users have accounts on an average of eight online platforms that include social media, online shopping platforms and video streaming utility providers, and many more. Criminals are determined to gathering this information and making use of it to attack us.
Cybercrime is classified into different stages or stages, or. It includes those who execute attacks that steal customer data; those that market the data to the highest bidders on the dark web and finally, those who buy the data and use it for fraud and extortion or to launch attacks on those whose information was compromised in the hack.
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
Slides from the 2014 GRC Conference Presented by:
Jeff Spivey, CRISC, CPP
Vice President of Strategy, RiskIQ, Inc.
President, Security Risk Management, Inc
Adair Barton, CPA, CISA
Vice President of Internal Audit
Dycom Industries, Inc.
and
David A. Less, CISA, CISM
CIO & SVP
Sunteck, Inc.
By David F. Larcker, Peter C. Reiss, and Brian Tayan
Stanford Closer Look Series, November 16, 2017
The board of directors is expected to ensure that management has identified and developed processes to mitigate risks facing the organization, including risks arising from data theft and the loss of information. Unfortunately, recent experience suggests that companies are not doing a sufficient job of securing this data. In this Closer Look, we examine they types of cyberattacks that occur and how companies respond to them.
We ask:
• What steps can the board take to prevent, monitor, and mitigate data theft?
• What data, metrics, and information should board members review to satisfy themselves that management has taken proper steps to minimize cyber risks?
• What qualifications should a board member have in order to constructively contribute to boardroom discussions on cybersecurity?
• How difficult is it to find board candidates with these skills?
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
2. What is Cyber Security
2
— Connected electronic devices has become part of our daily lives .
— Different types of organisations, such as educational, financial ,Oil and
gas, law institutions use network to do business.They utilise network by
sharing, storing, processing and collecting large amount of digital
data/information.
— As more digital information is gathered and stored it is essential to
protect it.
— Personal level: It is vital to protect your data, your identity and your
computing Devices.
— Organisational level : Cyber Security is combination of processes ,
practices and technologies aimed to protect computers (end nodes),
network, software, operating systems (OS),Websites and data from
unauthorised access, attack and damage .
3. Our Identity
— As we spend more time online our identity both online and offline
can effect our lives.
— Our offline identity is human who our friends and family interact
with at work/home/school.
— They know our personal information such as name, age, where we
live and maybe DOB.
— Our online identity is who we present ourselves as online , and
this should have minimal information about us.
— We have to careful when choosing username online and it should
not disclose personal information, it should not violate any policy.3
4. Your Data
4
— Your Identity
— Medical data
— Educational data
— Information online
— Employment
— Information on devices
— Financial data
5. Where is our data
5
— All this information is about us there is different laws that
protect our privacy and data in our country.
— When we visit doctor our medical record might be shared
with insurance companies for different reasons.
— When we share our pictures online with our friends, do we
know who may have a copy of pictures?We have copies on
our devices ,our friends might have them. If they were shared
publicly then strangers might have access to them.
— Shopping loyalty cards maybe be convenient way to save
money but is they might be storing our shopping profile and
might be using for marketing purposes.
6. Our computing Devices
— Our devices don’t just store our information but they
became information gateway for bad guys.
— Unless we receive paper statement ,we use our computing
devices to access data.
— If we want most recent card statement we log online and
access that information.
— Beside allowing us to access information, these devices also
generate information about us.
— With all this information about us online our personal data
has become more profitable to hackers.6
7. They want our money
— If we have anything valuable ,the criminals want it.
— Our online credentials are valuable .
— They can trick our friend and family pretended to be us and
ask them to transfer money somewhere with false stories.
— The criminals can not only trick into us giving them our
money but also they can steal our identity and ruin our lives.
— They can steal frequent flyer points and use it for travelling.
— A recent case shown on Rip of Britain, they managed to
emptied bank account7
8. Types of
Organisational
Data
— Traditional Data: This includes personnel information ,
intellectual properties and financial data.
— Internet of Things & Big Data: With IoT on raise there
is more data to manage and secure. IoT can include sensors
,IP cameras, DVRs and equipment that extend beyond the
traditional computer network.All these connections plus we
have expanded storage capacity & storage devices through
cloud and virtualisation.This data has created new area of
interest in technology and business called “Big Data”.8
9. Information Security
for an organisation
— Confidentiality: Company policies should restrict access to the
information to authorised personnel. Methods to ensure this include
data encryption, user & pass, 2FA and minimising exposure of
sensitive information.
— Integrity: is accuracy, consistency, and trustworthiness of the data
during its entire life cycle. Checksum is used to verify integrity of
data from one place to other over the network.
— Availability: Marinating equipment, performing hardware repairs,
keeping OS & software up to date, and creating backups ensure the
availability of the network and data to the authorised users. Plans to
recover from natural and man made disaster.
9
10. The Consequences
of a Security Breach
— Theft: If hackers are able to get into your website or network ,they will be able
to access your bank information.
— Revenue Lost: If a hacker gets into your site and crashes it or causes and
extended period of downtime, your operation will cease & you will loose
revenue.
— Vandalism: Your company’s reputation could be ruined in matter of minutes if
customers or others find poor information brazenly placed on your website.
— Ruined Reputation: If you keep private documents online, they could easily be
made public if your computer is hacked.
— Damaged Intellectual property: If a hacker gets in and steals ideas, plans, or
blueprints, you could miss out on being able to fully implement new products or
designs.
10
11. Cyber Crime
& Data Breach
examples 1
— British Gas: In Oct 2015 they contacted 2,200 customers and warn them that their
email addresses and account passwords were posted online in an unexplained data leak.
— TalkTalk: In Oct 2015 cybercriminals hackedTalkTalk website (email addresses, names,
DoB and phone were accessed) Other data included 16,000 bank account numbers and
28,000 credit/debit card details .TalkTalk says 157,000 customers were affected – latter
fined £400,000
— Vodafone: Vodafone says hackers have accessed the accounts of 1,827 customers, just a
week after a separate hacking attack atTalkTalk.The hack could potentially give criminals
customers’ names, mobile numbers, sort codes and the last four digits of their bankACC.
— Carphone warehouse: InAugust 2015, they said the personal details of up to 2.4
million of its customers may have been accessed in a cyber-attack.The encrypted credit
card details of up to 90,000 people may have been accessed, the mobile phone firm said.11
12. — Tesco Bank: (Nov 2016) 40,000 customer accounts ofTesco bank out of a total of
136,000 were subject to suspicious transactions, 9,000 of these had money stolen from
their accounts.The sums taken were relatively small varying up to amounts of £600 but
eventually totalled £2,500,000.
— National Lottery: (Nov 2016) Hackers gained access to 26,500 National Lottery
accounts with the use of passwords and e-mail addresses that had been stolen from
previous breaches.
— Three Mobile: (Nov 2016) Three Mobile have advised that a customer database has
been compromised as a result of a hacker attack, it is understood that 133,827 customers
may have suffered a data breach.
— Hospitals in Lincolnshire: (Oct 2016) Hospitals have been subject to a cyber attack
after an NHS computer network was compromised.12
Cyber Crime
& Data Breach
examples 2
13. — Sage Group: (Aug 2016) Sage Group who provide accounting , payroll and payments
software for many small and medium sized business have disclosed that an internal login
has been utilized to gain unauthorized access to the data of of a number of its British
clients. It is understood that the personal details of the employees of about 280 British
companies were possibly exposed in this breach.
— Cheltenham Hairdressing Salon: (June 2016)A local Cheltenham hairdresser
discovered that their computers not longer worked which meant that they were unable to
access their electronic diary to make and check bookings and to access their contact
details.
London Stock Exchange: (June 2016)The London Stock Exchange was apparently
taken down for two hours by the hacking groupAnonymous .
— Mumsnet: (July 2016)The Mumsnet website was notoriously hacked twice last year in
July andAugust and up until now it has not be possible to identify who was responsible.
The parenting site had to reset its 7.7 million members’ passwords.Teenager was charged
13
Cyber Crime
& Data Breach
examples 3
14. — NatWest accounts accessed by “SIM swap fraud”: (Mar 2016) NatWest bank were
subject to a challenge to their security procedures after journalists from BBC Radio 4’s
You andYours program managed to access an account online taking money. Only £1.50
was transferred, a token amount to demonstrate how this could be carried out.
— Lincolnshire County Council Malware Attack: (Jan 2016) Lincolnshire County
Council was been subject to a £1m ransomware demand which forced the council to shut
down their PCs and servers across their entire network. It is understood that this was
caused by an email containing malware that was launched by a member of staff following a
phishing attack.
— Hackers target house conveyancing industry: It has been reported by the Daily
Telegraph that in excess of £10 million has been stolen by hackers who have managed to
gain access to the e-mails of individuals buying and selling houses.Over 90 people have
succumbed to this and it is understood that the average amount stolen is £112,000.14
Cyber Crime
& Data Breach
examples 4
15. — eBay: (2014) eBay asked 145m users to change their passwords after hackers stole
customers' names, addresses, numbers and dates of birth
— Heartbleed: (2014)A serious vulnerability was discovered in encryption technology used
to protect many of the world's major websites, leaving them vulnerable to data theft
— Sony: (2014)A cyber attack on Sony Pictures Entertainment resulted in a huge data leak,
including private details of 47,000 employees and famous actors
— US Central Command: (2015) Hackers claiming links to Isil managed to take control of
CentCom'sTwitter andYouTube accounts, changing the logo to an image of a hooded fighter
— Ashley Madison: (2015) Hackers threatened to publish the names of up to 37m
AshleyMadison.com customers - a dating website for adulterous affairs
— JDWetherspoon: (2015)A database containing names, email addresses, birth dates and
phone numbers of of 656,723 customers was hacked.The company insisted only an
“extremely limited” number of credit card details were taken
15
Cyber Crime
& Data Breach
examples 5
16. — CommodityThreats: Commodity threats are the random malware, viruses,Trojans,
worms, botnets, ransomware, and other threats that are out propagating on the Internet all
the time. Strictly by chance, commodity threats are undirected and may end up inside of the
enterprise at any time.
— Hacktivists: Activist hacking, or hacktivism, consists of targeted attacks. Hacktivists use
hacking to make a public or political statement.Their goal is to use hacking to bolster their
cause or embarrass their adversaries. Hacktivism may be used against individuals,
enterprises, or governments, depending on the situation and the particular objectives of the
hacktivists.
— Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and
criminal organizations have found there is serious money to be made on the Internet.
16
Types of Cyber
attackers -1
17. — Espionage: Cyberespionage centers on stealing trade secrets for commercial advantage or
national secrets for political or military advantage
— Cyberwar: Whereas espionage is generally focused on stealing information, cyberwar is
about damaging the ability of enterprises or governments to operate in cyberspace.This
damage is done by overwhelming, overloading, disabling, or destroying the IT systems used
by the victims, or even using those IT systems to cause physical systems to malfunction and
damage themselves or their operators.
— Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and
criminal organizations have found there is serious money to be made on the Internet.
17
Types of Cyber
attackers – 2
18. — Databases: The most interesting place to look for hackers is database, however these tend
to relatively well protected inside the enterprise.
— Backups: Enterprise databases which contains critical business and customer data should be
backed up. Usually the backups are not encrypted or are backed non-secure systems. Second
backup location usually doesn't have security best practices.
— Application Servers: Databases somehow have to make their data available to front end
application servers .Breaches of these systems can be used to gain access to data through the
applications, bypassing encryption and other protection methods.
— Systems Administrators: If attackers get access to these accounts, they can bypass all
other data protections and can steal valuable information. Usually they stay quit for long
time before taking any bad action.
18
Types of Cyber
attackers –
Confidentiality
19. — Hijacking: altering infrastructure data about internet properties such as domain names,
social media identities or registered network locations. Some of these properties can be
worth thousands/millions.
— Sarbanes-Oxley: In the wake of the Enron disaster, the Sarbanes-Oxley regulations were
developed to protect the integrity of financial data published by publicly traded
corporations.
— Online Banking: Attackers can get access to online business banking that can include
payroll, investments, stock funds and other assets worth thousands/millions.
— Direct Deposit: With bank direct deposit settings, employees are vulnerable to thefts
where their pay can be redirected to attacker’s account.
— Vandalism: Malicious actors try to infect websites or modify public material to embarrass
the victim. Internet facing systems can be hard to protect fully.
19
Types of Cyber
attackers –
Integrity
20. — Distributed Denial of Service(DDOS): attackers can send large request or traffic by
using infected systems, which can include IoT devices which are considered non-secure and
easy to control.This can cause large organisations loss in millions.
— Targeted Denial of Service: attacks involve hacking into victim and then disabling
systems so that they need to be rebuilt or recovered. Depending on the severity of the
damage it could take some time for IT department to recover systems and restores, if
backups are affected as well as the primary systems.
— Physical Destruction:Attacks involve using cyberattacks to cause physical destruction.As
more and more critical systems are now days computer controlled, these types of attacks
will become potentially more dangerous and destructive over time.
20
Types of Cyber
attackers –
Availability
21. — The global IT security industry will face a shortfall of 1.8 million workers by 2022, according to a new
study, while the UK faces the prospect of its workforce actually shrinking.
— The Center for Cyber Safety and Education surveyed 19,000 cyber-security professionals for its eighth
bi-annual Global Information SecurityWorkforce Study (GISWS), sponsored by non-profit
professionals' association (ISC)².
— It found that the perceived shortfall in cyber-security experts had risen 20 percent, up from 1.5
million, the figure it published in its previous survey in 2015.
— The UK government's recent Cyber Security Strategy called Britain's cyber-security skills
gap a “national vulnerability that must be resolved”.
— The survey found that two-thirds of firms in the UK don't have enough infosecurity personnel to meet
their needs, and it is impacting economic security.Around 47 percent claimed the reason behind this
was an absence of qualified candidates.
— The skills shortage issue has already impacted UK firms, with 46 percent of UK companies reporting
that the shortfall of cyber-security personnel is having significant impact on their customers and 45
percent warning that it is leading to security breaches.
— more information https://www.scmagazineuk.com/uk-approaching-skills-cliff-edge-as-cyber-workforce-ages--report/article/638146/
21
Need for Cyber
Security
Professionals
22. 22
Why Become a
Cyber Security
Specialist?
— High Earning Potential:There is skill gap for cyber security professionals
this lead to higher earning potential
— Challenging Career: IT changes constantly, for cybersecurity it is more
dynamic field which will be challenging and fascinating. Cybersecurity
professionals would need to always be up to date with new threats.
— Highly Portable Career:A cybersecurity specialist job exist almost
everywhere in the world. It is portable job.
— Service to the Public:A cybersecurity specialist provide a necessary
service to their organisations, societies and countries, very much like law
enforcement or emergency responders.
— Becoming a cybersecurity specialist is a rewarding career opportunity.