SlideShare a Scribd company logo

SBS Internship - Presentation

Download as PPTX, PDF
C
Christian Ries

This internship opportunity at Secure Banking Solutions provides interns experience in information security through technical projects, social engineering exercises, and security awareness training. The intern's roles would include assessing vulnerabilities, managing security awareness training programs for clients, conducting pretext calling and social engineering tests to educate clients, and creating mock unknown media devices to test security controls. The goal is to give interns practical, real-world experience in diverse information security areas to supplement their academic knowledge.

1 of 15
Secure Banking Solutions Internship SEPTEMBER 9TH – DECEMBER 9TH 1
My Job Title Christian Ries Information Security Consultant Intern Email: Christian.ries@protectmybank.com 2
Outline of Topics  Why is Security Important?  My Role at SBS  Example Work  Technical Services  TRAC  Support Staff Projects  Social Engineering  Pre-Text Calling  Unknown Media 3
Why is Security important? C onfidentiality I ntegrity A vailability 4 The Pros & Cons of an overly Secured Bike
My Role at SBS Technical Services Social Engineering Support Staff Projects 5
Technical Services  TRAC  ‘Homework’ – Assignments  Client Accounts  Projects  Data Entry  SBS Institute  ‘Work Papers’  VA (Vulnerabilities Assessment)  Vendor Management  Security Awareness Training 6
Technical Services 7 Gain practical and factual knowledge regarding in depth business processes
Security Awareness Training  Great Final Project to recapture information and experience gained during internship  Unique opportunity to get actual face to face experience with client 8
Social Engineering  Human-based  Pretext Calling  Physical Impersonation  Computer-based  Phishing  Unknown Media 9
Pretext Calling  Social Engineering over the phone  Surprisingly Easy  Information is everywhere  Very Effective  Help Educate Clients with practical examples instead of boring theory  Example Compliance Officer  “SE” Reports 10
Social Media  Public Information  Facebook, Twitter, etc.  Makes Identity theft easy  Number one source for intel  Once information is online, you can’t possibly tell who has access to it  Example (Online Dead Certificate)  “Think like a bad guy”  Use this weakness of new Social Norm to demonstrate importance of Security 11
Technical Exploitation  Using technical means to obtain information  Email  Malicious Files  Hardware  Extremely efficient when combined with Social Engineering  Phishing  Physical Impersonation 12
Unknown Media Devices  Type of Social Engineering  Used to further test security controls for client  Created multiple physical devices 13
Summary  Diverse ‘Field of Study’ related work environment  Ability to gain lot’s of real world experience 14
Thank You For Your Time 15

Recommended

Preparing for a New Career in Cyber - Pulsedive
Preparing for a New Career in Cyber - PulsedivePreparing for a New Career in Cyber - Pulsedive
Preparing for a New Career in Cyber - Pulsedive
Grace Chi
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
Manal MubarakCV
Manal MubarakCVManal MubarakCV
Manal MubarakCVManal Mubarak ,BA
 
Data Analytics in Real World
Data Analytics in Real WorldData Analytics in Real World
Data Analytics in Real World
geetachauhan
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Presentaionslive.blogspot.com
 
Footprintig(Haching)
Footprintig(Haching)Footprintig(Haching)
Footprintig(Haching)
Asif Iqbal
 
Perri Nejib_bio_March_6
Perri Nejib_bio_March_6Perri Nejib_bio_March_6
Perri Nejib_bio_March_6Perri Nejib
 
Cybersecurity pathways event by The TechForce Cyber
Cybersecurity pathways event by The TechForce CyberCybersecurity pathways event by The TechForce Cyber
Cybersecurity pathways event by The TechForce Cyber
Jai Aenugu
 

Recommended

Preparing for a New Career in Cyber - Pulsedive
Preparing for a New Career in Cyber - PulsedivePreparing for a New Career in Cyber - Pulsedive
Preparing for a New Career in Cyber - Pulsedive
Grace Chi
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
Manal MubarakCV
Manal MubarakCVManal MubarakCV
Manal MubarakCVManal Mubarak ,BA
 
Data Analytics in Real World
Data Analytics in Real WorldData Analytics in Real World
Data Analytics in Real World
geetachauhan
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Presentaionslive.blogspot.com
 
Footprintig(Haching)
Footprintig(Haching)Footprintig(Haching)
Footprintig(Haching)
Asif Iqbal
 
Perri Nejib_bio_March_6
Perri Nejib_bio_March_6Perri Nejib_bio_March_6
Perri Nejib_bio_March_6Perri Nejib
 
Cybersecurity pathways event by The TechForce Cyber
Cybersecurity pathways event by The TechForce CyberCybersecurity pathways event by The TechForce Cyber
Cybersecurity pathways event by The TechForce Cyber
Jai Aenugu
 
Seclud it polesc_sjuly7
Seclud it polesc_sjuly7Seclud it polesc_sjuly7
Seclud it polesc_sjuly7
Sergio Loureiro
 
Kathryn Trask's Resume
Kathryn Trask's ResumeKathryn Trask's Resume
Kathryn Trask's ResumeKathryn Trask
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackers
technoxian
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture
Asim Jahan
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011Agora Group
 
Generic threats to mobile application
Generic threats to mobile applicationGeneric threats to mobile application
Generic threats to mobile application
Vikrant Kansal
 
CiscoCertificate
CiscoCertificateCiscoCertificate
CiscoCertificateEric Carter
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
venkatvajradhar1
 
Security & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts ExplainedSecurity & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts Explained
Alan Eardley
 
Big data in term of security measure
Big data in term of security measureBig data in term of security measure
Big data in term of security measureYaakub Idris
 
Bradley Weatherill resume
Bradley Weatherill resumeBradley Weatherill resume
Bradley Weatherill resume
Bradley Weatherill
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
venkatvajradhar1
 
Issues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and CybersecurityIssues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and CybersecurityDaniel Cervera
 
SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015Jon Papp
 
Abstract
AbstractAbstract
AbstractTrevor Moon
 
IT Infrastructure Coordinator
IT Infrastructure CoordinatorIT Infrastructure Coordinator
IT Infrastructure Coordinatoraiyer3
 
Psychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec FieldPsychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec Field
Zach(ary) Eikenberry
 
internet and intra net
internet and intra netinternet and intra net
internet and intra net
Naga Dinesh
 
Web profile
Web profileWeb profile
Web profileNuuko, Inc.
 
It security forensic
It security forensicIt security forensic
It security forensic
Rupesh Verma
 
- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
Ramya Nellutla
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
infosec train
 

More Related Content

What's hot

Seclud it polesc_sjuly7
Seclud it polesc_sjuly7Seclud it polesc_sjuly7
Seclud it polesc_sjuly7
Sergio Loureiro
 
Kathryn Trask's Resume
Kathryn Trask's ResumeKathryn Trask's Resume
Kathryn Trask's ResumeKathryn Trask
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackers
technoxian
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture
Asim Jahan
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011Agora Group
 
Generic threats to mobile application
Generic threats to mobile applicationGeneric threats to mobile application
Generic threats to mobile application
Vikrant Kansal
 
CiscoCertificate
CiscoCertificateCiscoCertificate
CiscoCertificateEric Carter
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
venkatvajradhar1
 
Security & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts ExplainedSecurity & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts Explained
Alan Eardley
 
Big data in term of security measure
Big data in term of security measureBig data in term of security measure
Big data in term of security measureYaakub Idris
 
Bradley Weatherill resume
Bradley Weatherill resumeBradley Weatherill resume
Bradley Weatherill resume
Bradley Weatherill
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
venkatvajradhar1
 
Issues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and CybersecurityIssues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and CybersecurityDaniel Cervera
 
SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015Jon Papp
 
IT Infrastructure Coordinator
IT Infrastructure CoordinatorIT Infrastructure Coordinator
IT Infrastructure Coordinatoraiyer3
 
Psychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec FieldPsychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec Field
Zach(ary) Eikenberry
 
internet and intra net
internet and intra netinternet and intra net
internet and intra net
Naga Dinesh
 
It security forensic
It security forensicIt security forensic
It security forensic
Rupesh Verma
 

What's hot (20)

Seclud it polesc_sjuly7
Seclud it polesc_sjuly7Seclud it polesc_sjuly7
Seclud it polesc_sjuly7
 
Kathryn Trask's Resume
Kathryn Trask's ResumeKathryn Trask's Resume
Kathryn Trask's Resume
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackers
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011
 
Generic threats to mobile application
Generic threats to mobile applicationGeneric threats to mobile application
Generic threats to mobile application
 
CiscoCertificate
CiscoCertificateCiscoCertificate
CiscoCertificate
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
 
Security & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts ExplainedSecurity & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts Explained
 
Big data in term of security measure
Big data in term of security measureBig data in term of security measure
Big data in term of security measure
 
Bradley Weatherill resume
Bradley Weatherill resumeBradley Weatherill resume
Bradley Weatherill resume
 
How AI Can Improve Your Security System?
How AI Can Improve Your Security System?How AI Can Improve Your Security System?
How AI Can Improve Your Security System?
 
Issues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and CybersecurityIssues in Cloud Technology and Cybersecurity
Issues in Cloud Technology and Cybersecurity
 
SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015
 
Abstract
AbstractAbstract
Abstract
 
IT Infrastructure Coordinator
IT Infrastructure CoordinatorIT Infrastructure Coordinator
IT Infrastructure Coordinator
 
Psychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec FieldPsychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec Field
 
internet and intra net
internet and intra netinternet and intra net
internet and intra net
 
Web profile
Web profileWeb profile
Web profile
 
It security forensic
It security forensicIt security forensic
It security forensic
 

Similar to SBS Internship - Presentation

- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
Ramya Nellutla
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
infosec train
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information security
Major Hayden
 
Social engineering
Social engineeringSocial engineering
Social engineeringHHSome
 
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
EC-Council
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdf
infosec train
 
Lecture 1-2.pdf
Lecture 1-2.pdfLecture 1-2.pdf
Lecture 1-2.pdf
FumikageTokoyami4
 
Time based security for cloud computing
Time based security for cloud computingTime based security for cloud computing
Time based security for cloud computing
Jorge Sebastiao
 
Information Security Awareness Session -2020
Information Security Awareness Session -2020Information Security Awareness Session -2020
Information Security Awareness Session -2020
Ismail Oduoye CISSP,CISA, CCNP-ROUTE,CCNA, MCITP,MCTS
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
MAX Technical Training
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 
Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020
JayTymchuk
 
Security in it
Security in it Security in it
Security in it
Yoshan madhumal
 
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
mohammedSALEH189
 
Module 9 (social engineering)
Module 9 (social engineering)Module 9 (social engineering)
Module 9 (social engineering)
Wail Hassan
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration Recommendations
Meg Weber
 
Answer each question in one to two paragraphs.Question 1
Answer each question in one to two paragraphs.Question 1Answer each question in one to two paragraphs.Question 1
Answer each question in one to two paragraphs.Question 1
brockdebroah
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
software-security.ppt
software-security.pptsoftware-security.ppt
software-security.ppt
PRALHAD MAGADUM
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 

Similar to SBS Internship - Presentation (20)

- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information security
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdf
 
Lecture 1-2.pdf
Lecture 1-2.pdfLecture 1-2.pdf
Lecture 1-2.pdf
 
Time based security for cloud computing
Time based security for cloud computingTime based security for cloud computing
Time based security for cloud computing
 
Information Security Awareness Session -2020
Information Security Awareness Session -2020Information Security Awareness Session -2020
Information Security Awareness Session -2020
 
Is Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson HelferIs Your Company's Data Secure? Shelley Vinson Helfer
Is Your Company's Data Secure? Shelley Vinson Helfer
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
 
Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020
 
Security in it
Security in it Security in it
Security in it
 
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
Laudon_Traver_3E_Chapter5_Final.pdf E-commerceKenneth C. LaudonCarol Guercio ...
 
Module 9 (social engineering)
Module 9 (social engineering)Module 9 (social engineering)
Module 9 (social engineering)
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration Recommendations
 
Answer each question in one to two paragraphs.Question 1
Answer each question in one to two paragraphs.Question 1Answer each question in one to two paragraphs.Question 1
Answer each question in one to two paragraphs.Question 1
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
 
software-security.ppt
software-security.pptsoftware-security.ppt
software-security.ppt
 
Social engineering
Social engineering Social engineering
Social engineering
 

SBS Internship - Presentation

  • 1. Secure Banking Solutions Internship SEPTEMBER 9TH – DECEMBER 9TH 1
  • 2. My Job Title Christian Ries Information Security Consultant Intern Email: Christian.ries@protectmybank.com 2
  • 3. Outline of Topics  Why is Security Important?  My Role at SBS  Example Work  Technical Services  TRAC  Support Staff Projects  Social Engineering  Pre-Text Calling  Unknown Media 3
  • 4. Why is Security important? C onfidentiality I ntegrity A vailability 4 The Pros & Cons of an overly Secured Bike
  • 5. My Role at SBS Technical Services Social Engineering Support Staff Projects 5
  • 6. Technical Services  TRAC  ‘Homework’ – Assignments  Client Accounts  Projects  Data Entry  SBS Institute  ‘Work Papers’  VA (Vulnerabilities Assessment)  Vendor Management  Security Awareness Training 6
  • 7. Technical Services 7 Gain practical and factual knowledge regarding in depth business processes
  • 8. Security Awareness Training  Great Final Project to recapture information and experience gained during internship  Unique opportunity to get actual face to face experience with client 8
  • 9. Social Engineering  Human-based  Pretext Calling  Physical Impersonation  Computer-based  Phishing  Unknown Media 9
  • 10. Pretext Calling  Social Engineering over the phone  Surprisingly Easy  Information is everywhere  Very Effective  Help Educate Clients with practical examples instead of boring theory  Example Compliance Officer  “SE” Reports 10
  • 11. Social Media  Public Information  Facebook, Twitter, etc.  Makes Identity theft easy  Number one source for intel  Once information is online, you can’t possibly tell who has access to it  Example (Online Dead Certificate)  “Think like a bad guy”  Use this weakness of new Social Norm to demonstrate importance of Security 11
  • 12. Technical Exploitation  Using technical means to obtain information  Email  Malicious Files  Hardware  Extremely efficient when combined with Social Engineering  Phishing  Physical Impersonation 12
  • 13. Unknown Media Devices  Type of Social Engineering  Used to further test security controls for client  Created multiple physical devices 13
  • 14. Summary  Diverse ‘Field of Study’ related work environment  Ability to gain lot’s of real world experience 14
  • 15. Thank You For Your Time 15

Editor's Notes

  1. Answer: http://www.csoonline.com/article/2112379/physical-security/the-clean-desk-test-what-s-wrong-with-this-picture.html