SlideShare a Scribd company logo

Why implement a robust cyber security policy?

Download as PPTX, PDF
Jisc
Jisc

A presentation from the Jisc security conference 2018, but Dr Ken Thomson, principal and chief executive, Forth Valley College

Technology
1 of 22
Why implement a robust cyber security policy? Dr Ken Thomson principal and chief executive, Forth Valley College
Operational Downtime and Recovery Period Long Lasting Reputational Damage Severe Financial Cost Impact Cyber Attack For “Why” ask “What is the Damage” Then ask “how?”
What if… Impact of a DDOS attack on the College • Research places a network outage as costing on average £3,300 per minute. This is the equivalent of the annual funding to the College for 1 full time student EVERY MINUTE • Average length of attack at a Scottish College is 21 minutes, equating to £70,000 • Loss of external links means loss of contact with external stakeholders, including potential new applicants via the College website • All levels of teaching interrupted from BCS ECDL courses to Degree level provision • Depending on timing, could impact on processing student funding or staff salary payments impacting relationships internally
What if… The College suffered a Phishing/Malware attack? • Loss of control of business critical infrastructure, information and/or IP • Loss of access to affected network drive until restored • Impact on staff time to restore affected network drive • If information taken from College systems – • Reputational damage and loss of trust • Potential legal action against the College (Information Commissioner or private individuals)
Cyber Mitigation It’s not all digital • Complacency can be the biggest threat to an organisation. The Cyber environment is constantly evolving and you must evolve with it • There can be a temptation to just throw money at the problem of Cyber Security with the latest software protections and kit • While important, all your efforts are only as effective as the weakest link in your armour which research shows is almost always • People
How Implement a Robust Cyber Security Policy?
Cyber Mitigation Policies and Strategies • Robust IT Security Policy • Creative Learning & Technologies Strategy • People Strategy • Enhancing the digital skills and cyber awareness of staff
Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
DDOS Phreaker Malware Phisher Click Jacking Cybernetic Symbiosis Shoulder Surfer Patching Fake Access Point Hacker Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
How do we treat health and safety? Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
Hello! I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it. Your password from ken.thomson@forthvalley.ac.uk on moment of crack: hu11city Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time……………….. Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
Protecting your Infrastructure • Invest in a secure firewall • Up to date anti-virus and malware protection • Deploy security patches timeously • Regular vulnerability scans and action results Cyber Mitigation
External Scrutiny and help/advice • Cyber Essentials accreditation • External audit • JISC Review • Penetration Testing • JISC expertise on cyber resilience • Member of Cyber Security Information Sharing Partnership (early warning of cyber threats and secure exchange of information) • Member of Scottish Colleges Information Leadership Group (sharing of knowledge and good practice) Cyber Mitigation
Dealing with the impact • You must recognise that, even with all the preparations in place within your organisation, a sufficiently skilled/persistent attacker will get through • Structure your network to implement isolation and cut off impacted sections and prevent spread • Effective and robust business continuity plan in place and tested to facilitate recovery to normal operations • Build resilience to your network – multiple routes to the outside world Cyber Mitigation
Dealing with the impact • You must recognise that, even with all the preparations in place within your organisation, a sufficiently skilled/persistent attacker will get through • Structure your network to implement isolation and cut off impacted sections and prevent spread • Effective and robust business continuity plan in place and tested to facilitate recovery to normal operations • Build resilience to your network – multiple routes to the outside world Cyber Mitigation
Ultimately, cybersecurity is definitely a FVC Panda
Thank you

Recommended

Employee security awareness communication
Employee security awareness communicationEmployee security awareness communication
Employee security awareness communication
SnapComms
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafel
SURFnet
 
Business-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a DisasterBusiness-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a Disaster
NetWize
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017
Etienne Liebetrau
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
Ben Rothke
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To Cloud
Michael Yung
 

Recommended

Employee security awareness communication
Employee security awareness communicationEmployee security awareness communication
Employee security awareness communication
SnapComms
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafel
SURFnet
 
Business-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a DisasterBusiness-Critical Backup: Preparing for a Disaster
Business-Critical Backup: Preparing for a Disaster
NetWize
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017
Etienne Liebetrau
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
Ben Rothke
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To Cloud
Michael Yung
 
IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd SecurityJason Newell
 
PACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related ConceptsPACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related Concepts
Pace IT at Edmonds Community College
 
Security On Demand by NBSecurity Srl
Security On Demand by NBSecurity SrlSecurity On Demand by NBSecurity Srl
Security On Demand by NBSecurity Srl
Antonio Fiorito
 
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
raymurphy9533
 
2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings 2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings
F5 Networks
 
Risk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Crew
 
Charity Winkler
Charity WinklerCharity Winkler
Charity WinklerCharity Winkler
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
marketingunitrends
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Lumension
 
A closer look at CTF challenges
A closer look at CTF challengesA closer look at CTF challenges
A closer look at CTF challenges
DNIF
 
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Michele Marius
 
Austin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber PresentationAustin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber Presentation
Expressworks International
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06
Source 44 Consulting
 
Engage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness ProgramEngage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness Program
Ben Woelk, CISSP, CPTC
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
Sherry D. Bailey
 
Jason r mc kinney halfday
Jason r mc kinney halfdayJason r mc kinney halfday
Jason r mc kinney halfdayJason Mckinney-Halfday
 
Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization
Gross, Mendelsohn & Associates
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
Melbourne IT
 
Comprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityComprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber security
JasonTrinhNguyenTruo
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Intergen
 

More Related Content

What's hot

IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsAndrew S. Baker (ASB)
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd SecurityJason Newell
 
PACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related ConceptsPACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related Concepts
Pace IT at Edmonds Community College
 
Security On Demand by NBSecurity Srl
Security On Demand by NBSecurity SrlSecurity On Demand by NBSecurity Srl
Security On Demand by NBSecurity Srl
Antonio Fiorito
 
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
raymurphy9533
 
2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings 2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings
F5 Networks
 
Risk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Crew
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
marketingunitrends
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Lumension
 
A closer look at CTF challenges
A closer look at CTF challengesA closer look at CTF challenges
A closer look at CTF challenges
DNIF
 
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Michele Marius
 
Austin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber PresentationAustin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber Presentation
Expressworks International
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06
Source 44 Consulting
 
Engage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness ProgramEngage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness Program
Ben Woelk, CISSP, CPTC
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
Sherry D. Bailey
 
Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization
Gross, Mendelsohn & Associates
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
Melbourne IT
 

What's hot (20)

IT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and ToolsIT Security Management -- People, Procedures and Tools
IT Security Management -- People, Procedures and Tools
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd Security
 
PACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related ConceptsPACE-IT: Risk and Security Related Concepts
PACE-IT: Risk and Security Related Concepts
 
Security On Demand by NBSecurity Srl
Security On Demand by NBSecurity SrlSecurity On Demand by NBSecurity Srl
Security On Demand by NBSecurity Srl
 
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
Why Cyber Security is Important to the Transportation Ecosystem NHI IDC Ray M...
 
2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings 2011 ADC Security Survey—Global Findings
2011 ADC Security Survey—Global Findings
 
Risk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response Programme
 
Charity Winkler
Charity WinklerCharity Winkler
Charity Winkler
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
 
A closer look at CTF challenges
A closer look at CTF challengesA closer look at CTF challenges
A closer look at CTF challenges
 
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
 
Austin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber PresentationAustin Bsides March 2016 Cyber Presentation
Austin Bsides March 2016 Cyber Presentation
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06
 
Engage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness ProgramEngage! Creating a Meaningful Security Awareness Program
Engage! Creating a Meaningful Security Awareness Program
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
 
Jason r mc kinney halfday
Jason r mc kinney halfdayJason r mc kinney halfday
Jason r mc kinney halfday
 
Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization Top 6 Technology Threats to Your Long Term Care Organization
Top 6 Technology Threats to Your Long Term Care Organization
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 

Similar to Why implement a robust cyber security policy?

Comprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityComprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber security
JasonTrinhNguyenTruo
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Intergen
 
Activity 2 Presentation1.pptxlllllllmmmm
Activity 2 Presentation1.pptxlllllllmmmmActivity 2 Presentation1.pptxlllllllmmmm
Activity 2 Presentation1.pptxlllllllmmmm
canpaksolutions04
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
Empired
 
Cyber Safety Awareness Training (Brochure)
Cyber Safety Awareness Training (Brochure)Cyber Safety Awareness Training (Brochure)
Cyber Safety Awareness Training (Brochure)
NAFCU Services Corporation
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges
Bloxx
 
KnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfKnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdf
ahmad661583
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
yehyaibrahem2
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
WPICPE
 
Understanding the Importance of Security Testing in Safeguarding Your Digital...
Understanding the Importance of Security Testing in Safeguarding Your Digital...Understanding the Importance of Security Testing in Safeguarding Your Digital...
Understanding the Importance of Security Testing in Safeguarding Your Digital...
Afour tech
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
Allen Zhang
 
How US Cybersecurity Executive Order Impacts IBM i Customers
How US Cybersecurity Executive Order Impacts IBM i Customers How US Cybersecurity Executive Order Impacts IBM i Customers
How US Cybersecurity Executive Order Impacts IBM i Customers
Precisely
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingKimberly Hood
 
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Richard Lawson
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
Kabul Education University
 
Why SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPsWhy SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPs
The TNS Group
 
How to Protect Your Business from Cyberattacks.pptx
How to Protect Your Business from Cyberattacks.pptxHow to Protect Your Business from Cyberattacks.pptx
How to Protect Your Business from Cyberattacks.pptx
Rohit kumar
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
WPICPE
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
Swati Gupta
 
Shield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security EssentialsShield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security Essentials
FutureSkills Prime
 

Similar to Why implement a robust cyber security policy? (20)

Comprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber securityComprehensive plans are in place to improve our institutional cyber security
Comprehensive plans are in place to improve our institutional cyber security
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Activity 2 Presentation1.pptxlllllllmmmm
Activity 2 Presentation1.pptxlllllllmmmmActivity 2 Presentation1.pptxlllllllmmmm
Activity 2 Presentation1.pptxlllllllmmmm
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Cyber Safety Awareness Training (Brochure)
Cyber Safety Awareness Training (Brochure)Cyber Safety Awareness Training (Brochure)
Cyber Safety Awareness Training (Brochure)
 
Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges Cyber Security Landscape: Changes, Threats and Challenges
Cyber Security Landscape: Changes, Threats and Challenges
 
KnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfKnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdf
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
 
Understanding the Importance of Security Testing in Safeguarding Your Digital...
Understanding the Importance of Security Testing in Safeguarding Your Digital...Understanding the Importance of Security Testing in Safeguarding Your Digital...
Understanding the Importance of Security Testing in Safeguarding Your Digital...
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 
How US Cybersecurity Executive Order Impacts IBM i Customers
How US Cybersecurity Executive Order Impacts IBM i Customers How US Cybersecurity Executive Order Impacts IBM i Customers
How US Cybersecurity Executive Order Impacts IBM i Customers
 
Best Practices for Security Awareness and Training
Best Practices for Security Awareness and TrainingBest Practices for Security Awareness and Training
Best Practices for Security Awareness and Training
 
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
Empowering Employees for Cyber Resilience: A Guide to Strengthening Your Orga...
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
Why SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPsWhy SMBs Outsource IT to MSPs
Why SMBs Outsource IT to MSPs
 
How to Protect Your Business from Cyberattacks.pptx
How to Protect Your Business from Cyberattacks.pptxHow to Protect Your Business from Cyberattacks.pptx
How to Protect Your Business from Cyberattacks.pptx
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
 
Shield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security EssentialsShield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security Essentials
 

More from Jisc

Adobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptxAdobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptx
Jisc
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of Sheffield
Jisc
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
Jisc
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
Jisc
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
Jisc
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
Jisc
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
Jisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
Jisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
Jisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
Jisc
 

More from Jisc (20)

Adobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptxAdobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of Sheffield
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 

Recently uploaded

GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 

Recently uploaded (20)

GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 

Why implement a robust cyber security policy?

  • 1. Why implement a robust cyber security policy? Dr Ken Thomson principal and chief executive, Forth Valley College
  • 2. Operational Downtime and Recovery Period Long Lasting Reputational Damage Severe Financial Cost Impact Cyber Attack For “Why” ask “What is the Damage” Then ask “how?”
  • 3. What if… Impact of a DDOS attack on the College • Research places a network outage as costing on average £3,300 per minute. This is the equivalent of the annual funding to the College for 1 full time student EVERY MINUTE • Average length of attack at a Scottish College is 21 minutes, equating to £70,000 • Loss of external links means loss of contact with external stakeholders, including potential new applicants via the College website • All levels of teaching interrupted from BCS ECDL courses to Degree level provision • Depending on timing, could impact on processing student funding or staff salary payments impacting relationships internally
  • 4. What if… The College suffered a Phishing/Malware attack? • Loss of control of business critical infrastructure, information and/or IP • Loss of access to affected network drive until restored • Impact on staff time to restore affected network drive • If information taken from College systems – • Reputational damage and loss of trust • Potential legal action against the College (Information Commissioner or private individuals)
  • 5. Cyber Mitigation It’s not all digital • Complacency can be the biggest threat to an organisation. The Cyber environment is constantly evolving and you must evolve with it • There can be a temptation to just throw money at the problem of Cyber Security with the latest software protections and kit • While important, all your efforts are only as effective as the weakest link in your armour which research shows is almost always • People
  • 6. How Implement a Robust Cyber Security Policy?
  • 7.
  • 8.
  • 9. Cyber Mitigation Policies and Strategies • Robust IT Security Policy • Creative Learning & Technologies Strategy • People Strategy • Enhancing the digital skills and cyber awareness of staff
  • 10. Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 11. DDOS Phreaker Malware Phisher Click Jacking Cybernetic Symbiosis Shoulder Surfer Patching Fake Access Point Hacker Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 12. Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 13. How do we treat health and safety? Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 14. Hello! I'm a programmer who cracked your email account and device about half year ago. You entered a password on one of the insecure site you visited, and I catched it. Your password from ken.thomson@forthvalley.ac.uk on moment of crack: hu11city Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time……………….. Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 15. Preparing People • Effective training for your staff • De-mystifying cyber threats • Sense of ownership across the organisation – not just an IT issue! • Staff have awareness of cyber threats and bear this in mind when developing/reviewing systems • Raise awareness of staff to enable them to recognise a threat • Educate staff to be aware of digital risks in both their work and personal life Cyber Mitigation
  • 16. Protecting your Infrastructure • Invest in a secure firewall • Up to date anti-virus and malware protection • Deploy security patches timeously • Regular vulnerability scans and action results Cyber Mitigation
  • 17. External Scrutiny and help/advice • Cyber Essentials accreditation • External audit • JISC Review • Penetration Testing • JISC expertise on cyber resilience • Member of Cyber Security Information Sharing Partnership (early warning of cyber threats and secure exchange of information) • Member of Scottish Colleges Information Leadership Group (sharing of knowledge and good practice) Cyber Mitigation
  • 18. Dealing with the impact • You must recognise that, even with all the preparations in place within your organisation, a sufficiently skilled/persistent attacker will get through • Structure your network to implement isolation and cut off impacted sections and prevent spread • Effective and robust business continuity plan in place and tested to facilitate recovery to normal operations • Build resilience to your network – multiple routes to the outside world Cyber Mitigation
  • 19.
  • 20. Dealing with the impact • You must recognise that, even with all the preparations in place within your organisation, a sufficiently skilled/persistent attacker will get through • Structure your network to implement isolation and cut off impacted sections and prevent spread • Effective and robust business continuity plan in place and tested to facilitate recovery to normal operations • Build resilience to your network – multiple routes to the outside world Cyber Mitigation
  • 21. Ultimately, cybersecurity is definitely a FVC Panda