SlideShare a Scribd company logo

Untangled Conference - November 8, 2014 - Security Awareness

Download as PPTX, PDF
Eric Vanderburg
Eric Vanderburg

Security awareness for church employees. This presentation was given at the Untangled Conference on November 8, 2014. http://getuntangled.org/

Technology
1 of 28
Security Awareness Untangled Church Technology Conference © 2014 JurInnov, Ltd. All Rights Reserved November 8, 2014 Dr. Eric Vanderburg Director, Cybersecurity and Information Systems eav@jurinnov.com @evanderburg (216) 664-1100
How Security is comprised 90% © 2014 JurInnov, Ltd. All Rights Reserved 1 Process Technology People 10%
Things your mother probably told you • Don’t accept candy from strangers – Infected devices • It’s ok to ask questions – Challenge • Don’t leave your things lying around – Clean desk and locked screen • Be careful who your friends are – Social networking • Avoid that area of town – Discretionary web surfing © 2014 JurInnov, Ltd. All Rights Reserved 2
Security goals Three Goals Confidentiality Ensuring that confidential university information is protected from unauthorized disclosure Integrity Ensuring the accuracy and completeness of information and computer software © 2014 JurInnov, Ltd. All Rights Reserved 3 Availability Ensuring that information and vital services are accessible for use when required
Malware Detection Security software stops working Defense Computer seems slower than usual, unexpected restarts Browser takes you to a different site than you expected © 2014 JurInnov, Ltd. All Rights Reserved 4 Your hard drive is full Antivirus software with updates and regular scanning Avoid unsolicited email and links Download from trusted sites Increased number of popup windows Personal firewall
Computer Use • Secure browsing • Updates • Popups and warnings • Certificate errors • Suspicious links • Deleted files are not truly deleted © 2014 JurInnov, Ltd. All Rights Reserved 5
Remove the opportunity • Location of office equipment – Printers & fax machines • Lock it down – Office doors – File cabinets, sensitive documents, personal items – Computers • Windows OS: Ctrl-Alt-Delete [enter] or Windows L • Macs: Shift (⇧) + Command (⌘) + Q • Password-protected screensaver or Time-out • Don’t leave the computer unattended when logged into an account with sensitive data (i.e., payroll, email, personal info) – Phones © 2014 JurInnov, Ltd. All Rights Reserved 6
It’s ok to discriminate against data • You can’t treat it all the same – Personal information – Financial information – Member information – Public information • Where is all the data? – Head, paper, computer, server, backup, email • What if we got rid of it? © 2014 JurInnov, Ltd. All Rights Reserved 7
Data Protection • Accessible only to authorized users • Physically locked down • Not out in the open • Encrypted • Password protected © 2014 JurInnov, Ltd. All Rights Reserved 8
Encryption • At rest © 2014 JurInnov, Ltd. All Rights Reserved 9 – Full disk encryption – File encryption • In motion – VPN – SSL
Phishing • Email • Text • Chat • Craigslist • Dating sites © 2014 JurInnov, Ltd. All Rights Reserved 10
Phishing markers • False Sense Of Urgency - Threatens to "close/suspend your account”, charge a fee or talks about suspicious logon attempts, etc. • Suspicious-Looking Links - Links containing all or part of a real company's name asking you to submit personal information. • Not personalized – does not address you by name or include a masked version of the account number. • Misspelled or Poorly Written – Helps fraudulent emails avoid spam filters © 2014 JurInnov, Ltd. All Rights Reserved 11
Subject: URGENT! Haiti Victims Need Your Help! Subject: You’ve received a greeting card © 2014 JurInnov, Ltd. All Rights Reserved 12
Protect yourself against phishing • Treat all email with suspicion • Never use a link in an email to get to any web page • Never send personal or financial information to any one via email • Never give personal or financial information solicited via email © 2014 JurInnov, Ltd. All Rights Reserved 13
Passwords • Passwords are THE KEYS TO: – Your bank account – Your computer – Your email – A server on a network – Many other things © 2014 JurInnov, Ltd. All Rights Reserved 14
Passwords • Passwords are like underwear – Change them often – Showing them to others can get you in trouble – Don’t leave them lying around • Use different passwords for different purposes © 2014 JurInnov, Ltd. All Rights Reserved 15
Passwords • Length • Complexity • Passphrase • http://www.passwordmeter.com/ © 2014 JurInnov, Ltd. All Rights Reserved 16
• 2NiteWeparty*likeits1999 • HowdoU”spell”thatAGAIN? • Amishwish4fish2squish • OunceI$good#isbetter! Use a phrase, sentence, question or random statement (with a twist) • Website (time4anewpwagain.com) • Email (Passwords@stupid.com) • File (passwords/make/me/crazy) • Address 4223westmyhouse Use fake website, email, file, addresse • Follow the yellow brick road to OZ = Ftybr2OZ • Why did the chicken cross the road? = Y?dtCxtR? • Wildthing = W!ld*7H1ng! • Red Jello = R3d-j3llo:) Use a phrase, random statement or compound word; then shorten it and make it nonsensical © 2014 JurInnov, Ltd. All Rights Reserved 17
Email password theft - indicators Receive a large number of rejected messages © 2014 JurInnov, Ltd. All Rights Reserved 18 Find messages in your sent folder that you know you didn’t send Missing email Unexplained changes to your account settings Spam Warning Signs
Identity Theft • Thieves will… • Go on spending sprees using your credit card • With your name and Social Security number they can: – open new credit card accounts – gain employment • Give your name to the police during an arrest • Establish wireless service in your name © 2014 JurInnov, Ltd. All Rights Reserved 19
Identity theft – How it happens • They may steal your mail, wallet, or purse • Malware • Phishing • Social engineering – bribing or conning an employee who has access to these records • Stealing personnel records or breaking into your records electronically © 2014 JurInnov, Ltd. All Rights Reserved 20
Social engineering Social engineering preys on qualities of human nature:  The desire to © 2014 JurInnov, Ltd. All Rights Reserved 21 be helpful  The tendency to trust people  The fear of getting into trouble
Identity Theft - Indicators • Bills that do not arrive as expected • Charges on your credit card that are not yours • Unexpected credit cards or account statements • Denials of credit for no apparent reason • Calls or letters from – Debt collectors – Businesses about merchandise or services you did not make © 2014 JurInnov, Ltd. All Rights Reserved 22
Identity Theft - Defenses • Limit the number of credit cards you carry • Keep a list of all credit cards numbers and the numbers to call to report them • Shred Information • Be diligent about checking statements • Order and analyze your credit report • Watch for Shoulder Surfing © 2014 JurInnov, Ltd. All Rights Reserved 23
Identity Theft - Response • Place a "Fraud Alert" on your credit reports • Close suspect accounts • Use the FTC’s ID Theft Affidavit • Keep Documentation about conversations • File a police report with local Law Enforcement • Report the theft to FTC – Online at Ftc.gov/idtheft – By phone 1-877-ID-THEFT (438-4338) © 2014 JurInnov, Ltd. All Rights Reserved 24
Social Networking (Cont’d) • Networking sites: – Used to meet people online, stay in touch with friends, connect on professional levels – Use privacy setting on your account to ensure maximum security – Be careful about who you accept as a “friend” – Be careful about the information you provide on these sites © 2014 JurInnov, Ltd. All Rights Reserved 25
What’s wrong with this picture? © 2014 JurInnov, Ltd. All Rights Reserved 26
Q&A Don’t be shy… © 2014 JurInnov, Ltd. All Rights Reserved 27

Recommended

Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Eric Vanderburg
 
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...Eric Vanderburg
 
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgSt. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgEric Vanderburg
 
WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
Cyber security and crime
Cyber security and crimeCyber security and crime
Cyber security and crimeMd. Sarowar Alam Saidi
 
Internet Security
Internet SecurityInternet Security
Internet SecurityMitesh Gupta
 
Internet security
Internet securityInternet security
Internet securityPokanati SatyaPraveen
 

Recommended

Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Eric Vanderburg
 
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...
Security Awareness: 360 empowerment for cyber defense - JurInnov - Eric Vande...Eric Vanderburg
 
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgSt. Mark Lutheran Cyber safety seminar - JurInnov - Eric Vanderburg
St. Mark Lutheran Cyber safety seminar - JurInnov - Eric VanderburgEric Vanderburg
 
WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers WFH Cybersecurity Basics Employees and Employers
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
Cyber security and crime
Cyber security and crimeCyber security and crime
Cyber security and crimeMd. Sarowar Alam Saidi
 
Internet Security
Internet SecurityInternet Security
Internet SecurityMitesh Gupta
 
Internet security
Internet securityInternet security
Internet securityPokanati SatyaPraveen
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Nicholas Davis
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security introAbhilash Ak
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Gian Gentile
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for studentsAkhil Nadh PC
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
 
Phone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyPhone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyDavid Rogers
 
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...Asociación de Ejecutivos de Cooperativas de Puerto Rico
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre Smt. Indira Gandhi College of Engineering, Navi Mumbai, Mumbai
 
Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
Hacking
Hacking Hacking
Hacking thajmohammed
 
Corporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance ThreatsCorporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance Threatspattcom
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 

More Related Content

What's hot

Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Nicholas Davis
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security introAbhilash Ak
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Gian Gentile
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for studentsAkhil Nadh PC
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
 
Phone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyPhone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyDavid Rogers
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
Corporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance ThreatsCorporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance Threatspattcom
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 

What's hot (20)

Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)Cyber Security Awareness (Reduce Personal & Business Risk)
Cyber Security Awareness (Reduce Personal & Business Risk)
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for students
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Network Security
Network SecurityNetwork Security
Network Security
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Phone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyPhone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden history
 
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...
Seguridad de la Información y Controles contra Hackers - Getting hacked 101 ...
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measures
 
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Hacking
Hacking Hacking
Hacking
 
Corporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance ThreatsCorporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance Threats
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber security
 

Viewers also liked

Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
A Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgA Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgEric Vanderburg
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
Physical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgPhysical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgEric Vanderburg
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
 
Security Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVSecurity Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 

Viewers also liked (13)

Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
A Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgA Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric Vanderburg
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOV
 
Physical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgPhysical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric Vanderburg
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVUnderstanding computer attacks and attackers - Eric Vanderburg - JURINNOV
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
 
Security Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVSecurity Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOV
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 

Similar to Untangled Conference - November 8, 2014 - Security Awareness

Today's technology and you: Safe computing in a digital world - Eric Vanderbu...
Today's technology and you: Safe computing in a digital world - Eric Vanderbu...Today's technology and you: Safe computing in a digital world - Eric Vanderbu...
Today's technology and you: Safe computing in a digital world - Eric Vanderbu...Eric Vanderburg
 
Identity Theft Lake Placid 2012
Identity Theft Lake Placid 2012Identity Theft Lake Placid 2012
Identity Theft Lake Placid 2012Mark Kotzin
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Abzetdin Adamov
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalVaishnaviKhandelwal6
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 
Security and the Service Desk
Security and the Service DeskSecurity and the Service Desk
Security and the Service DeskNorthCoastHDI
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitysamina khan
 
Identity thefts
Identity theftsIdentity thefts
Identity theftsHHSome
 
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015Ulster Bank - Financial Elder Abuse Project in Ireland, 2015
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015Age Action
 
MatahariMall.com - Jiwasraya Knowledge Sharing
MatahariMall.com - Jiwasraya Knowledge SharingMatahariMall.com - Jiwasraya Knowledge Sharing
MatahariMall.com - Jiwasraya Knowledge SharingRendra Perdana Satria
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 

Similar to Untangled Conference - November 8, 2014 - Security Awareness (20)

Today's technology and you: Safe computing in a digital world - Eric Vanderbu...
Today's technology and you: Safe computing in a digital world - Eric Vanderbu...Today's technology and you: Safe computing in a digital world - Eric Vanderbu...
Today's technology and you: Safe computing in a digital world - Eric Vanderbu...
 
Identity Theft Lake Placid 2012
Identity Theft Lake Placid 2012Identity Theft Lake Placid 2012
Identity Theft Lake Placid 2012
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
it-security.ppt
it-security.pptit-security.ppt
it-security.ppt
 
Identity theft
Identity theftIdentity theft
Identity theft
 
Identity Theft ppt
Identity Theft pptIdentity Theft ppt
Identity Theft ppt
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
 
Personal Threat Models
Personal Threat ModelsPersonal Threat Models
Personal Threat Models
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwal
 
Internet security
Internet securityInternet security
Internet security
 
Staying Secure Electronically
Staying Secure ElectronicallyStaying Secure Electronically
Staying Secure Electronically
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 
Security and the Service Desk
Security and the Service DeskSecurity and the Service Desk
Security and the Service Desk
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Identity thefts
Identity theftsIdentity thefts
Identity thefts
 
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015Ulster Bank - Financial Elder Abuse Project in Ireland, 2015
Ulster Bank - Financial Elder Abuse Project in Ireland, 2015
 
MatahariMall.com - Jiwasraya Knowledge Sharing
MatahariMall.com - Jiwasraya Knowledge SharingMatahariMall.com - Jiwasraya Knowledge Sharing
MatahariMall.com - Jiwasraya Knowledge Sharing
 
Protect Your Identity
Protect Your IdentityProtect Your Identity
Protect Your Identity
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tips
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
The security professional's guide to programming - Eric Vanderburg
The security professional's guide to programming - Eric VanderburgThe security professional's guide to programming - Eric Vanderburg
The security professional's guide to programming - Eric VanderburgEric Vanderburg
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgEric Vanderburg
 
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEthical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEric Vanderburg
 

More from Eric Vanderburg (16)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
The security professional's guide to programming - Eric Vanderburg
The security professional's guide to programming - Eric VanderburgThe security professional's guide to programming - Eric Vanderburg
The security professional's guide to programming - Eric Vanderburg
 
Guide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric VanderburgGuide to protecting networks - Eric Vanderburg
Guide to protecting networks - Eric Vanderburg
 
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEthical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
 

Recently uploaded

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Untangled Conference - November 8, 2014 - Security Awareness

  • 1. Security Awareness Untangled Church Technology Conference © 2014 JurInnov, Ltd. All Rights Reserved November 8, 2014 Dr. Eric Vanderburg Director, Cybersecurity and Information Systems eav@jurinnov.com @evanderburg (216) 664-1100
  • 2. How Security is comprised 90% © 2014 JurInnov, Ltd. All Rights Reserved 1 Process Technology People 10%
  • 3. Things your mother probably told you • Don’t accept candy from strangers – Infected devices • It’s ok to ask questions – Challenge • Don’t leave your things lying around – Clean desk and locked screen • Be careful who your friends are – Social networking • Avoid that area of town – Discretionary web surfing © 2014 JurInnov, Ltd. All Rights Reserved 2
  • 4. Security goals Three Goals Confidentiality Ensuring that confidential university information is protected from unauthorized disclosure Integrity Ensuring the accuracy and completeness of information and computer software © 2014 JurInnov, Ltd. All Rights Reserved 3 Availability Ensuring that information and vital services are accessible for use when required
  • 5. Malware Detection Security software stops working Defense Computer seems slower than usual, unexpected restarts Browser takes you to a different site than you expected © 2014 JurInnov, Ltd. All Rights Reserved 4 Your hard drive is full Antivirus software with updates and regular scanning Avoid unsolicited email and links Download from trusted sites Increased number of popup windows Personal firewall
  • 6. Computer Use • Secure browsing • Updates • Popups and warnings • Certificate errors • Suspicious links • Deleted files are not truly deleted © 2014 JurInnov, Ltd. All Rights Reserved 5
  • 7. Remove the opportunity • Location of office equipment – Printers & fax machines • Lock it down – Office doors – File cabinets, sensitive documents, personal items – Computers • Windows OS: Ctrl-Alt-Delete [enter] or Windows L • Macs: Shift (⇧) + Command (⌘) + Q • Password-protected screensaver or Time-out • Don’t leave the computer unattended when logged into an account with sensitive data (i.e., payroll, email, personal info) – Phones © 2014 JurInnov, Ltd. All Rights Reserved 6
  • 8. It’s ok to discriminate against data • You can’t treat it all the same – Personal information – Financial information – Member information – Public information • Where is all the data? – Head, paper, computer, server, backup, email • What if we got rid of it? © 2014 JurInnov, Ltd. All Rights Reserved 7
  • 9. Data Protection • Accessible only to authorized users • Physically locked down • Not out in the open • Encrypted • Password protected © 2014 JurInnov, Ltd. All Rights Reserved 8
  • 10. Encryption • At rest © 2014 JurInnov, Ltd. All Rights Reserved 9 – Full disk encryption – File encryption • In motion – VPN – SSL
  • 11. Phishing • Email • Text • Chat • Craigslist • Dating sites © 2014 JurInnov, Ltd. All Rights Reserved 10
  • 12. Phishing markers • False Sense Of Urgency - Threatens to "close/suspend your account”, charge a fee or talks about suspicious logon attempts, etc. • Suspicious-Looking Links - Links containing all or part of a real company's name asking you to submit personal information. • Not personalized – does not address you by name or include a masked version of the account number. • Misspelled or Poorly Written – Helps fraudulent emails avoid spam filters © 2014 JurInnov, Ltd. All Rights Reserved 11
  • 13. Subject: URGENT! Haiti Victims Need Your Help! Subject: You’ve received a greeting card © 2014 JurInnov, Ltd. All Rights Reserved 12
  • 14. Protect yourself against phishing • Treat all email with suspicion • Never use a link in an email to get to any web page • Never send personal or financial information to any one via email • Never give personal or financial information solicited via email © 2014 JurInnov, Ltd. All Rights Reserved 13
  • 15. Passwords • Passwords are THE KEYS TO: – Your bank account – Your computer – Your email – A server on a network – Many other things © 2014 JurInnov, Ltd. All Rights Reserved 14
  • 16. Passwords • Passwords are like underwear – Change them often – Showing them to others can get you in trouble – Don’t leave them lying around • Use different passwords for different purposes © 2014 JurInnov, Ltd. All Rights Reserved 15
  • 17. Passwords • Length • Complexity • Passphrase • http://www.passwordmeter.com/ © 2014 JurInnov, Ltd. All Rights Reserved 16
  • 18. • 2NiteWeparty*likeits1999 • HowdoU”spell”thatAGAIN? • Amishwish4fish2squish • OunceI$good#isbetter! Use a phrase, sentence, question or random statement (with a twist) • Website (time4anewpwagain.com) • Email (Passwords@stupid.com) • File (passwords/make/me/crazy) • Address 4223westmyhouse Use fake website, email, file, addresse • Follow the yellow brick road to OZ = Ftybr2OZ • Why did the chicken cross the road? = Y?dtCxtR? • Wildthing = W!ld*7H1ng! • Red Jello = R3d-j3llo:) Use a phrase, random statement or compound word; then shorten it and make it nonsensical © 2014 JurInnov, Ltd. All Rights Reserved 17
  • 19. Email password theft - indicators Receive a large number of rejected messages © 2014 JurInnov, Ltd. All Rights Reserved 18 Find messages in your sent folder that you know you didn’t send Missing email Unexplained changes to your account settings Spam Warning Signs
  • 20. Identity Theft • Thieves will… • Go on spending sprees using your credit card • With your name and Social Security number they can: – open new credit card accounts – gain employment • Give your name to the police during an arrest • Establish wireless service in your name © 2014 JurInnov, Ltd. All Rights Reserved 19
  • 21. Identity theft – How it happens • They may steal your mail, wallet, or purse • Malware • Phishing • Social engineering – bribing or conning an employee who has access to these records • Stealing personnel records or breaking into your records electronically © 2014 JurInnov, Ltd. All Rights Reserved 20
  • 22. Social engineering Social engineering preys on qualities of human nature:  The desire to © 2014 JurInnov, Ltd. All Rights Reserved 21 be helpful  The tendency to trust people  The fear of getting into trouble
  • 23. Identity Theft - Indicators • Bills that do not arrive as expected • Charges on your credit card that are not yours • Unexpected credit cards or account statements • Denials of credit for no apparent reason • Calls or letters from – Debt collectors – Businesses about merchandise or services you did not make © 2014 JurInnov, Ltd. All Rights Reserved 22
  • 24. Identity Theft - Defenses • Limit the number of credit cards you carry • Keep a list of all credit cards numbers and the numbers to call to report them • Shred Information • Be diligent about checking statements • Order and analyze your credit report • Watch for Shoulder Surfing © 2014 JurInnov, Ltd. All Rights Reserved 23
  • 25. Identity Theft - Response • Place a "Fraud Alert" on your credit reports • Close suspect accounts • Use the FTC’s ID Theft Affidavit • Keep Documentation about conversations • File a police report with local Law Enforcement • Report the theft to FTC – Online at Ftc.gov/idtheft – By phone 1-877-ID-THEFT (438-4338) © 2014 JurInnov, Ltd. All Rights Reserved 24
  • 26. Social Networking (Cont’d) • Networking sites: – Used to meet people online, stay in touch with friends, connect on professional levels – Use privacy setting on your account to ensure maximum security – Be careful about who you accept as a “friend” – Be careful about the information you provide on these sites © 2014 JurInnov, Ltd. All Rights Reserved 25
  • 27. What’s wrong with this picture? © 2014 JurInnov, Ltd. All Rights Reserved 26
  • 28. Q&A Don’t be shy… © 2014 JurInnov, Ltd. All Rights Reserved 27

Editor's Notes

  1. A more malicious type of spam is phishing. Phishing is a social engineering technique cyber criminals use to acquire sensitive information by masquerading as a trustworthy person or business in a seemingly official electronic notification or message. Other common malicious emails masquerade as invitations to see photos of family or friends, greeting cards, pleas for disaster relief assistance, or other intriguing headlines.  These emails play on your emotions to try to get you to react without thinking. So always beware of messages where someone is threatening to close an account or take away privileges unless you provide personal information. Remember that social engineers are trying to use your trusting nature and fear of trouble against you.
  2. The key to password strength is length and complexity As you just learned, a poorly chosen password may result in the compromise of individual systems, data or the entire University of Arizona network. Therefore, it’s important that your NetID password is as long and complex as is feasible. Passwords should be easy for you to remember, but difficult for other people to guess. Some people find creating a password that is associated with a phrase (also known as a passphrase) is easier to remember. By virtue of its length, a passphrase is stronger than a password. It could be a line from your favorite song, the punch line of a joke, three or more words in a row, or anything else. However, be careful about using dictionary words, movie titles, famous quotes, etc., as these have been added to password cracker dictionaries. So, if you opt to use a well-known phrase, sentence, question, or quote, you should always add a twist. For example, if you use a well know question -- such as “why did the chicken cross the road?” -- add a word in the middle. Another suggestion for creating a complex yet easy to remember password is to use a fake (and we emphasize fake) website address, email address, and the like. Unfortunately, not all services support long passwords. For those accounts that do allow longer passwords, what matters is the complexity you add to make it secure. The more nonsensical, the better!  For these instances you can use a phrase, random statement or compound word, shorten it and make it nonsensical by inserting numbers and special characters. Take the example here using the compound word “wildthing,” where we have added complexity by using uppercase, lowercase, and inserting numbers and special characters. It’s important to note that you should never use published example password/passphrases, such as the ones used in this presentation.
  3. Networking sites have become very popular online, but can also be places that identity thieves use to capture personal information they can use against you. Make sure that you adjust your privacy settings to protect yourself, and be careful about who you accept as a friend. Once you have accepted someone as your friend they will be able to access any information about you (including photographs) that you have marked as viewable by your friends. You can remove friends at any time, should you change your mind about someone.