Today's enterprises face increasing cybersecurity threats from a variety of sources such as cybercriminals, terrorists, and insiders. Users need to be aware of security guidelines to protect confidential information and systems. Some key recommendations include using secure protocols, protecting physical access to systems, scanning files before downloading, enabling multifactor authentication, keeping systems patched and passwords strong. Social engineering is a major threat, so users should be cautious of phishing attempts, not leave sensitive information unattended, and verify requests for personal information.

1. END USER SECURITY AWARENESS
Today’s enterprise is more vulnerable than before. The traditional boundaries of
organization are changing with advance technologies but cyber-attacks are also come more
frequently. So users need to be aware from the security guild lines to keep information safe.
Cyber Security- All the processes and practices we implement to protect networks,
systems, applications and data from attacks on the CIA triad (Confidentiality, Integrity, &
Availability).
Why do we care? –
Estimate upwards of 250 billion $ of loss associated with cybercrime and every year cost will
be increases.
Know your Enemy
Cybercriminals, Terrorists, Foreign Nations, Insiders, Hacktivists and common thieves.
What can we do?
 Use secure protocols when transmitting data – (HTTPS instead of HTTP)
 Protect physical access to your systems like every time when you left the systemit
should be locked by Window button+ L
 Don’t connect systems to the network without knowledge of security aspects.
 Don’t bring media to work from home without prior approval
 Scan all the files before download
 Download from trusted sites
 Encrypt mail and other sensitive files

2. Protecting Identities
 We live in world of information sharing.
 What is PII? Personally Identifiable Information
 Over the 17 million people were victims of identify theft in 2014 and this number is
on the rise.
 Any Information that can lead to locating and contacting an Individual & Identifying
that individual uniquely. Like – Full Name, Mother, father’s name phone number
and other unique identity.
 Don’t respond to unsolicited requests for personal by phone and mail.
 Watch out for shoulder surfers specifically with coded access to building when using
ATMs.
 Store personal information in a safe place at home & at work.
 Install firewalls and virus detection software on your system.
Protect against Social Engineering
Social Engineering is the greatest threat to gather the sensitive information and
compromise the confidentiality today.
Phishing, pretexting, baiting, tailgating, quid pro quo all the Social engineering types.
What can we do?
 Require multifactor authentication
 Trust no one!
 Install anti-malware
 Don’t leave valuable information on your desk
 When in doubt, call security team
Best Practices to keep your system safe
 Always log off or lock your systemif you leave.
 Keep system patched and up to date
 Use Strong password
 Encrypt sensitive files
 Disable insecure mechanisms if possible
 Don’t forget physical security

3. Data protection aspects
Email Precautions and Procedures
 Often e-mails attachments are means of distributing malicious code.
 Many viruses will “read” an infected user’s e-mail list and replicates it originates
with a trusted source does not mean that is true.
 Often by clicking those links, your systembecomes infected and these links may be
use for phishing.
What to do?
 Do not click on link in messages
 Verify with known parties
 Do not download files from unsolicited sources
 Watch for poor grammar, miss- spelling, urgent messages, please for money and etc.
Protection Against Malicious Websites
 Rogue websites are used to collect information intercept information, and
distribute malicious software.
 Browser Hijacking: if a site won’t allow you to access any other site, be
suspicious! Has your homepage or search engine been modified without your
permission.
 “free downloads” may be spyware or other malicious software.
What do we do?
 Avoid suspicious sites.
 Don’t download files from peer-to-peer sites
 Use Secure protocols.
Protection
Security
Informat
ion
Data
Privacy
Code
safty

4.  Don’t ignore security warnings
 Don’t change browser security settings unless instructed to do so by the
security team.
Prepared By- Kanishk Raj (Cyber Security Certified by Cybrary.com)
Reference by- Cybrary.com