Steps to be taken by organisations and individuals towards the protection of sensitive data and personal information. Delivered at Jamaica's 3rd National Cyber Security Conference Nov 2015
Protecting Financial Records, Privacy & Digital Footprint
1. Protecting Your Financial Records And
Privacy While Controlling Your Digital
Footprint Session
Shiva Bissessar, BSc (Hons), MBA, MSc
Managing & Technical Director
shiva@pinaka.co.tt
@PinakaTT
www.pinaka.co.tt
November 17-18, 2015
2. Brief History
• Career spanning almost 20 years. 13 years at major
telecommunication services provider, primarily working in ICT
roles with security focus
• In 2013, attained M.Sc. Information Security from University
College London (UCL), UK. M.Sc. thesis was on transaction
analysis of Bitcoin block-chain
• Then formed Pinaka Technology Solutions to assist organization
with their strategic ICT and Information Security needs.
• Lectures full credit Master level course at Lok Jack GSB (UWI),
Information Systems Security, Ethics & Law
• Avid commentator on Cyber security strategy within Trinidad &
Tobago and wider Caribbean
6. Implement A Comprehensive Information
Security Awareness Programme
• Objective is to change organizational behaviours
toward proper information handing
• Proper cyber security is a risk management issue
rather than an IT problem.
• Marketing departments have well define brand
promotion strategy…but what about “brand
protection”?
• You either pay now or you pay much more later…
http://pinaka.co.tt/blog/lessons-for-the-caribbean-from-the-oas-first-cyber-security-colloquium
7. Cyber Security Ecosystem Towards Local
And Regional Protection
• Develop cyber security holistically rather than adopting
a silo approach to cybercrime going beyond strategy,
CSIRT, Law Enforcement, CIP
• Involve, engage and encourage participation from the
private sector, academia and civil society
• Capacity building towards the creation of a cyber
security ecosystem of professionals incl. researchers,
lecturers, writers, service providers and vendors.
http://pinaka.co.tt/blog/lessons-for-the-caribbean-from-the-oas-first-cyber-security-colloquium
8. At a Personal Level
• Don’t reveal personal or financial info via email. This
includes following links sent in email.
• Pay attention to the website's URL. Malicious websites may
look identical to a legitimate site (*.com vs. *.net).
• If unsure contacting the company directly.
• Report phishing e.g. CSIRT or Anti-Phishing Working Group
(APWG)
• Keep a clean machine e.g patched OS & s/w, AV, etc.
Should you become a victim
• Report it e.g. network administrators, cybercrime unit
• Get in contact w/ your financial institution
• Watch for any unauthorized charges to your account.
https://www.staysafeonline.org/stay-safe-online/keep-a-clean-machine/spam-and-phishing
9. STOP, THINK, CONNECT
• When in doubt, throw it out
• Think before you act
• Secure your accounts
• Make passwords long and strong
• Unique account, unique password
https://www.staysafeonline.org/stay-safe-online/keep-a-clean-machine/spam-and-phishing
11. Protecting Your Financial Records And
Privacy While Controlling Your Digital
Footprint Session
Shiva Bissessar, BSc (Hons), MBA, MSc
Managing & Technical Director
shiva@pinaka.co.tt
@PinakaTT
www.pinaka.co.tt
Any Questions?