SlideShare uma empresa Scribd logo

Information security awareness, middle management

haneen Emeir, CISA, ISO27001
haneen Emeir, CISA, ISO27001

Information security awareness for middle management

EducaçãoTecnologia
1 de 34
Baixar para ler offline
Haneen Iemeir Information Security Awareness Information Technology Dept. By Haneen Iemeir Haneen Iemeir
Haneen Iemeir Cyber Attacks  Computer-to-computer attack that undermines the confidentiality, integrity, or availability of a computer or information resident on it IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Examples Espionage Organizations-targeted Personnel-targeted Kiddies  Botnets IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen IemeirStuxnet /Iran nuclear IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Flame It was discovered in 2012 but it had been operating since 2010. Attacked Middle East and Asia Collected sensitive data of regular individuals, business men and military personnel. IT Department, Haneen Iemeir Haneen Iemeir
Haneen IemeirHeartland Payment Systems Phishing out over 100 million individual card numbers, costing Heartland more then $140 million dollars in damages incurred in 2008 Started with PHISHING to a regular customer IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir PHISHING.. Simplest example IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Link Clicked .. Oops ! Data is stolen Software is installed … Malware Computer is infected and may infect others on network IT Department, Haneen Iemeir Haneen Iemeir
Haneen IemeirHow do hackers GET AWAY WITH IT! BOTNET IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Could my PC be a botnet? IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir So WHAT ?? Theft of hard disk data, photos and videos Destruction to hard disk and data performance issues Malfunction of applications IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Most Common Threats Infected USB Email phishing, pretend to be some one else asking you to do something Social engineering, https://www.youtube.com/watch?v=HJXJkpir- ds Social Networking, https://www.youtube.com/watch?v=T1EZVFo Zq4A IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Most Common Threats Unknown attachments, https://www.youtube.com/watch?v=5grTJH3B_70 Mobile devices, theft or hack Hard disk failures Malicious codes Accessing business desktop form outside IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir MOST of Most POOR PASSWORD and ACCESS management Unawareness of data importance INSIDER THREATS DOWNTIMES !! On may 2013, it was reported that %58 of cyber attacks attributed to insider attack Intentional harm or misuse of access IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir WHY ??? An employee having the password of another employee is not afraid of consequences and disciplinary actions. An employee who access data that he/she is NOT responsible of DO NOT pay care to confidentiality agreements regarding this data! Unaware employee can lose data and infect the network IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Downtime; availability & Confidentiality If there is no well-documented business continuity plan,, you either end up with NO productivity or paper work will be a total mess!! Switching back from paper to information systems needs authorized procedure and personnel. IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir How to …. Safeguard my PC and Mobil either at home or at office? Protect my integrity,, not allowing anyone to abuse me? Pay due-care towards my signed code of conducts? IT Department, Haneen Iemeir Haneen Iemeir
Haneen IemeirSafeguards .. Data classification. To know the importance of data I access; i.e. when I travel Do not open emails or messages from unknown people, DELETE. Keep my password secret, complex and changed periodically; Password Policy IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Safeguards .. UPGRADE OS of desktop & mobile, ANTIVIRUS and other applications. LOG OFF your computers after work hours IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Safeguards .. Control privileged access to my staff; IT Privilege Request Form & annual privilege review Good job description and confidentiality agreements. Do not click on unknown LINKS Use UPDATED Anti-spam IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Safeguards .. Do NOT use the same password for all your accounts. Avoid UNLICENSED software Close your office when leaving Pay attention to shoulder surfing Use secure devices to access business systems Either from home or via smart phone. Scan USB before opening it IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen IemeirSafeguards .. Use SHAREFOLDERs, Sharefolder request form When implementing new systems,, consult IT for security and performance issues. IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Business Continuity Plan Define Critical business procedures Paper/manual alternative procedure Downtime period needed to pass before launching BCP Who launches the BCP? Decision maker? How to go back to automatic systems after recovery? IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Other Security Considerations Third Party Access NDA Policy IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir How to tell if I am hacked!! Browser open websites by its own and you cannot close them Antivirus is reporting infected file Passwords no longer work or they are locked out. Suspicious applications on the desktop Unreasonable slowness of the system/network IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Report Incidents All the previous systems Abuse of credentials Suspected employee activities How to report ! http://khccportal/default.aspx IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
Haneen Iemeir Thank You IT Department, Haneen Iemeir Haneen Iemeir

Recomendados

End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security AwarenessSurya Bathulapalli
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@R_Yanus
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 

Recomendados

End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security AwarenessSurya Bathulapalli
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@R_Yanus
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness trainingAbdalrhmanTHassan
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security RaviPrashant5
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Cyber security training
Cyber security trainingCyber security training
Cyber security trainingWilmington University
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End UsersCommunity IT Innovators
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptxMohammedYaseen638128
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Security awareness
Security awarenessSecurity awareness
Security awarenessJosh Chandler
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity AwarenessJoshuaWisniewski3
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyoneYasir Nafees
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness SnapComms
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutMarc Vael
 

Mais conteúdo relacionado

Mais procurados

IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness trainingAbdalrhmanTHassan
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security RaviPrashant5
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyoneYasir Nafees
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 

Mais procurados (20)

IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyone
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 

Destaque

Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness SnapComms
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutMarc Vael
 
Information security (un)awareness by Marc Vael
Information security (un)awareness by Marc VaelInformation security (un)awareness by Marc Vael
Information security (un)awareness by Marc VaelCONFENIS 2012
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanAhmed Musaad
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awarenessTerranovatraining
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 

Destaque (7)

Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handout
 
Information security (un)awareness by Marc Vael
Information security (un)awareness by Marc VaelInformation security (un)awareness by Marc Vael
Information security (un)awareness by Marc Vael
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awareness
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
 

Semelhante a Information security awareness, middle management

CyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfCyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfVarinder K
 
5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP System5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP SystemMichael Cunningham
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Security Awareness 101
Security Awareness 101Security Awareness 101
Security Awareness 101HaroldCo
 
Train like you fight
Train like you fightTrain like you fight
Train like you fightIBM Sverige
 
Positive and Negative impact of IT oN Business
Positive and Negative impact of IT oN BusinessPositive and Negative impact of IT oN Business
Positive and Negative impact of IT oN BusinessDinesh Laviskar
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage DetectionIJERA Editor
 
Intro to Information Security.ppt
Intro to Information Security.pptIntro to Information Security.ppt
Intro to Information Security.pptAnuraagAwasthi3
 
Network Security and Privacy Liability - Four Reasons Why You need This Cove...
Network Security and Privacy Liability - Four Reasons Why You need This Cove...Network Security and Privacy Liability - Four Reasons Why You need This Cove...
Network Security and Privacy Liability - Four Reasons Why You need This Cove...CBIZ, Inc.
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus
 
Rothke Sia 2006
Rothke Sia 2006Rothke Sia 2006
Rothke Sia 2006Ben Rothke
 
Cyber security and mobile devices
Cyber security and mobile devicesCyber security and mobile devices
Cyber security and mobile devicesUmer Saeed
 
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...Insurance Technologies Corporation (ITC)
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Kevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram
 
Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...Kannan Subbiah
 

Semelhante a Information security awareness, middle management (20)

Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
 
CyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdfCyberSecurity Cyber24x7.pdf
CyberSecurity Cyber24x7.pdf
 
5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP System5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP System
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Know
 
Security Awareness 101
Security Awareness 101Security Awareness 101
Security Awareness 101
 
Train like you fight
Train like you fightTrain like you fight
Train like you fight
 
Positive and Negative impact of IT oN Business
Positive and Negative impact of IT oN BusinessPositive and Negative impact of IT oN Business
Positive and Negative impact of IT oN Business
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage Detection
 
Intro to Information Security.ppt
Intro to Information Security.pptIntro to Information Security.ppt
Intro to Information Security.ppt
 
Network Security and Privacy Liability - Four Reasons Why You need This Cove...
Network Security and Privacy Liability - Four Reasons Why You need This Cove...Network Security and Privacy Liability - Four Reasons Why You need This Cove...
Network Security and Privacy Liability - Four Reasons Why You need This Cove...
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
 
Rothke Sia 2006
Rothke Sia 2006Rothke Sia 2006
Rothke Sia 2006
 
Cyber security and mobile devices
Cyber security and mobile devicesCyber security and mobile devices
Cyber security and mobile devices
 
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...
Security Features and Securing Your Data in TurboRater and InsurancePro - Kel...
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Kevin Wharram Security Summit
Kevin Wharram Security SummitKevin Wharram Security Summit
Kevin Wharram Security Summit
 
Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident Report
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 

Último

4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsFood processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsManeerUddin
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 

Último (20)

4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsFood processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture hons
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 

Information security awareness, middle management

  • 1. Haneen Iemeir Information Security Awareness Information Technology Dept. By Haneen Iemeir Haneen Iemeir
  • 2. Haneen Iemeir Cyber Attacks  Computer-to-computer attack that undermines the confidentiality, integrity, or availability of a computer or information resident on it IT Department, Haneen Iemeir Haneen Iemeir
  • 4. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 5. Haneen IemeirStuxnet /Iran nuclear IT Department, Haneen Iemeir Haneen Iemeir
  • 6. Haneen Iemeir Flame It was discovered in 2012 but it had been operating since 2010. Attacked Middle East and Asia Collected sensitive data of regular individuals, business men and military personnel. IT Department, Haneen Iemeir Haneen Iemeir
  • 7. Haneen IemeirHeartland Payment Systems Phishing out over 100 million individual card numbers, costing Heartland more then $140 million dollars in damages incurred in 2008 Started with PHISHING to a regular customer IT Department, Haneen Iemeir Haneen Iemeir
  • 8. Haneen Iemeir PHISHING.. Simplest example IT Department, Haneen Iemeir Haneen Iemeir
  • 9. Haneen Iemeir Link Clicked .. Oops ! Data is stolen Software is installed … Malware Computer is infected and may infect others on network IT Department, Haneen Iemeir Haneen Iemeir
  • 10. Haneen IemeirHow do hackers GET AWAY WITH IT! BOTNET IT Department, Haneen Iemeir Haneen Iemeir
  • 11. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 12. Haneen Iemeir Could my PC be a botnet? IT Department, Haneen Iemeir Haneen Iemeir
  • 13. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 14. Haneen Iemeir So WHAT ?? Theft of hard disk data, photos and videos Destruction to hard disk and data performance issues Malfunction of applications IT Department, Haneen Iemeir Haneen Iemeir
  • 15. Haneen Iemeir Most Common Threats Infected USB Email phishing, pretend to be some one else asking you to do something Social engineering, https://www.youtube.com/watch?v=HJXJkpir- ds Social Networking, https://www.youtube.com/watch?v=T1EZVFo Zq4A IT Department, Haneen Iemeir Haneen Iemeir
  • 16. Haneen Iemeir Most Common Threats Unknown attachments, https://www.youtube.com/watch?v=5grTJH3B_70 Mobile devices, theft or hack Hard disk failures Malicious codes Accessing business desktop form outside IT Department, Haneen Iemeir Haneen Iemeir
  • 17. Haneen Iemeir MOST of Most POOR PASSWORD and ACCESS management Unawareness of data importance INSIDER THREATS DOWNTIMES !! On may 2013, it was reported that %58 of cyber attacks attributed to insider attack Intentional harm or misuse of access IT Department, Haneen Iemeir Haneen Iemeir
  • 18. Haneen Iemeir WHY ??? An employee having the password of another employee is not afraid of consequences and disciplinary actions. An employee who access data that he/she is NOT responsible of DO NOT pay care to confidentiality agreements regarding this data! Unaware employee can lose data and infect the network IT Department, Haneen Iemeir Haneen Iemeir
  • 19. Haneen Iemeir Downtime; availability & Confidentiality If there is no well-documented business continuity plan,, you either end up with NO productivity or paper work will be a total mess!! Switching back from paper to information systems needs authorized procedure and personnel. IT Department, Haneen Iemeir Haneen Iemeir
  • 20. Haneen Iemeir How to …. Safeguard my PC and Mobil either at home or at office? Protect my integrity,, not allowing anyone to abuse me? Pay due-care towards my signed code of conducts? IT Department, Haneen Iemeir Haneen Iemeir
  • 21. Haneen IemeirSafeguards .. Data classification. To know the importance of data I access; i.e. when I travel Do not open emails or messages from unknown people, DELETE. Keep my password secret, complex and changed periodically; Password Policy IT Department, Haneen Iemeir Haneen Iemeir
  • 22. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 23. Haneen Iemeir Safeguards .. UPGRADE OS of desktop & mobile, ANTIVIRUS and other applications. LOG OFF your computers after work hours IT Department, Haneen Iemeir Haneen Iemeir
  • 24. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 25. Haneen Iemeir Safeguards .. Control privileged access to my staff; IT Privilege Request Form & annual privilege review Good job description and confidentiality agreements. Do not click on unknown LINKS Use UPDATED Anti-spam IT Department, Haneen Iemeir Haneen Iemeir
  • 26. Haneen Iemeir Safeguards .. Do NOT use the same password for all your accounts. Avoid UNLICENSED software Close your office when leaving Pay attention to shoulder surfing Use secure devices to access business systems Either from home or via smart phone. Scan USB before opening it IT Department, Haneen Iemeir Haneen Iemeir
  • 27. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 28. Haneen IemeirSafeguards .. Use SHAREFOLDERs, Sharefolder request form When implementing new systems,, consult IT for security and performance issues. IT Department, Haneen Iemeir Haneen Iemeir
  • 29. Haneen Iemeir Business Continuity Plan Define Critical business procedures Paper/manual alternative procedure Downtime period needed to pass before launching BCP Who launches the BCP? Decision maker? How to go back to automatic systems after recovery? IT Department, Haneen Iemeir Haneen Iemeir
  • 30. Haneen Iemeir Other Security Considerations Third Party Access NDA Policy IT Department, Haneen Iemeir Haneen Iemeir
  • 31. Haneen Iemeir How to tell if I am hacked!! Browser open websites by its own and you cannot close them Antivirus is reporting infected file Passwords no longer work or they are locked out. Suspicious applications on the desktop Unreasonable slowness of the system/network IT Department, Haneen Iemeir Haneen Iemeir
  • 32. Haneen Iemeir Report Incidents All the previous systems Abuse of credentials Suspected employee activities How to report ! http://khccportal/default.aspx IT Department, Haneen Iemeir Haneen Iemeir
  • 33. Haneen Iemeir IT Department, Haneen Iemeir Haneen Iemeir
  • 34. Haneen Iemeir Thank You IT Department, Haneen Iemeir Haneen Iemeir