Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Workshop

No description
by

sofia torres

on 4 May 2016

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Workshop

About Bechtel
Needs Assessment
Business Impact
What Happens When You Get Phished?
What is Phishing?
Slide 1 Phishing Workshop
Slide 2 Overview
Slide 3 Content
Slide 4 What We Will Learn From This Workshop
Slide 5 About Bechtel
Slide 6 Needs Assessment
Slide 7 Person and Needs Analysis
Slide 8 Appropriate Needs Assessment Techniques
Slide 9 Phishing Drill
Slide 10 What is Phishing
Slide 11 What Happens When You Get Fished?
Slide 12 Business Impact
Slide 13 Recognizing Phishing Websites
Slide 14 Recognizing Phishing Emails
Slide 15 Did You Catch That?
Slide 16 Did You Catch That?
Slide 17 Evaluation Overview and Pre-Test
Slide 18 Phishing Evaluation

A global leader in engineering, procurement, construction, and project management.
Founded in 1898
Bechtel is the world's No. 1 choice for engineering, construction, and project management.
Worked on more than 25,000 projects in over 160 countries
More than 53,000 employees
$37.9 billion revenue in 2012
New contract awards valued at $23.9 billion.

Despite multiple, widely publicized cyber-attacks that have resulted in personal, corporate data and
direct financial losses reaching nearly $1 trillion dollars
, most companies still do not have adequate protection against phishing attacks.
Executives ignore, downplay or misinterpret the enormous threats these attacks represent.
When you get phished,
you
have effectively given the attacker a
key
for stealing something.
Brought to you by:

Sofia Torres
Christopher Woodford
Adam Falcon
Julianne Dishongh
Workshop
Content
The act of
impersonating
a trustworthy entity in an
electronic communication
to trick a person into taking an
action
that enables a theft of sensitive information
Bechtel User Name and Password
Financial Account Numbers and Personal
Identification Information
Network/System Access
We
are what stands between the attackers and the private information on our internal network.
At Risk
- Bechtel's:

-
Reputation

-
Competitiveness

-
Profitability
Impact on Bechtel's Business
-
It could damage Bechtel's reputation in the eyes of our current and potential customers.
-
This in turn could damage our competitiveness in the marketplace and lead to lost work.
-
Most securely breaches result in tangible costs, upwards of $10 million, which could negatively affect Bechtel's profitability.

What We Will Learn in This Workshop
*
How to Recognize and Respond to Phishing Attacks in Emails
How To Recognize and Respond To Phishing Websites

*
How to Report Suspected Phishing Attacks at Bechtel

*
Where to Go for More Information


Recognizing Phishing Websites
• How does phishing threaten our talent base?
• How will this training and development help meet my business goals?
Person and Task Analysis
1.
No http
s
://
2
. No padlock in address bar
3.
Publicly available logos
4.
Meaningless positions
5.
Meaningless Graphics
6.
Sense of urgency
Person Analysis:
Recognizing Phishing Emails
• What do our current employees do to accomplish our business objective?
• Who should be trained, manager, professionals, or core employees
Task Analysis:
• How will this training make a difference in product quality or customer service?
• What task should the employee be trained in?
1. Sense of urgency
2. Meaningless positions of
word 'Bechtel' in web address
3. Publicly available graphics


Appropriate Needs Assessment Techniques
Historical data review
Focus groups and collaboration tools
Observation
Did You Catch That?
*
Is this phishing?

*
Point it out?
*
Is this phishing?
*
Point it out?
Did You Catch That?
Evaluation Overview and Pre-Test
Summative Evaluation
: Occurs after the final version of instruction is implemented. This type of evaluation
assesses the overall effectiveness of the instruction
. Data from the Summative Evaluation is often used to make a decision about the instruction.
Pre-Test Evaluation
Results show training needs.
People around the world in different offices responded negatively, raising the issue of possible phishing schemes.
Phishing Evaluation:
Whether or not you are able to recognize the phishing emails or websites given throughout the presentation.
If the company sends a fake email in order to observe how many people respond after the training, would you fall for it?
Can you successfully pinpoint attempted phishing schemes?
Based on the quizzes and information given students were able to
successfully identify the differences between phishing email/websites, and legitimate emails/websites.
Phishing Evaluation
Phishing Drill
We tricked the employees into taking action
in a phishing test without them knowing.
-
Click the link in the email
-
Enter user name and password
Results
What Questions Do You Have??
For more information call our hotline: 1-800-BEC-FISH
Or email: becfishing@bechtel.com

Transfer of Training
We at Bechtel want to make sure that our resources are protected at all times and to do so we will be:

Send quarterly reminders.
Follow up on emails and concerns sent to our website and hotline.

Everyone in this class is a professional, if you believe you have received an email that raises a red flag please send it to our staff:
becfishing@bechtel.com
Like stated before
YOU
are the only thing between the hacker and our internal systems.
Plan Time Allotted
Slide 1 - 4 5:30 2


Slide 5-8 5:32 3



Slide 9-12 5:35 3



Slide 13 - 16 5:38 4


Slide 17 - 18 5:42 3
Wrap-up questions 5:45
Full transcript