Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


NCTSSD Cyber Security Stand-Down Training

CyberSecurity - Who needs Cyber Security

Javon Burden

on 11 April 2011

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of NCTSSD Cyber Security Stand-Down Training

Should I worry? Threats CyberSecurity is good business CyberSecurity Demystified Who needs CyberSecurity? URL Injectors rootkits viruses Trojans Spyware adware worms dialers keyloggers backdoors exploits Reputational impacts Damage to firm's brand
Negative publicity
Customer relationships
Invitation to Regulation Main cyber losses Intellectual property
Corporate data
Revenue losses
fines & recovery efforts 2007 cyber attacks on Estonia Government websites
Political parties
News organizations
Communications firms
Banks Steps to Protect Yourself Identify important processes and info
Get professional IT Security support
Spend real money on real threats
Review periodically, top-down

Take it seriously, but be pragmatic Cryptography The Art and Science of Secret Communication Digital Signature Mathematical scheme for demonstrating the authenticity of a digital message or document Access Control The ability to selectively control who has access to given information or systems Confidentiality Confidentiality ensures information is not available to unauthorized recipients Authentication A method of determining if a person is who they say they are Encryption Encoding information so that it cannot be read by anyone without access to the key N53 Information Assurance Impacts Personal Financial Reputation Strategic Security Tools Security Concepts Disk Encryption
Access Control
Intrusion Protection Physical Crime has never been stopped, why would electronic crime be any different? Done right, Cybersecurity is a high value, high margin growth business with high barriers to entry Individuals Businesses Network Attacks Hacking IP Spoofing Denial of Service Ping of Death Malware Eavesdropping DNS Poisoning Do you know what was in that cool little photoblogging app you installed Tuesday? It was a Trojan. Where will it send your data today? Malware Social Engineering 10% are lying... It's more than casual It can be professional Corporate and national espionage takes the path of least resistance. Serious opponents will find a way to get you to give them what they want You won't even know it happened Social media provides a wealth of information that can be used against you... Mobile Phones Consider how much important information you carry on your phone iPhones, Blackberries, other smartphones It may be everything that is important email contacts passwords schedule contracts business plans revenue forecast personal issues It can all be easily stolen from your phone Veterans administration
TD Ameritrade
TJ Maxx
Choicepoint National Interests Diplomatic
Critical Infrastructure
Banking System
Legislative, Judicial & Executive
Military & Intelligence Lasting Effects Employment
Health Yes. Is all hope lost? No What should I do? N53
Information Assurance Cyber Security
Awareness Training Government Has it happened to you? 90% admit to looking at others displays Cyber risk is of great concern to global enterprises. 42 percent rank it their top concern, more than natural disasters, terrorism and traditional crime.
Protect your screen too! Your security spending is wasted if anyone can just look over your shoulder Consider how much important information you carry on your phone One of the more common methods of spreading malware on the Internet is through social engineering. Most malicious activity is often successful because users are deceived into believing it is legitimate. Exploitation by social engineering is extremely lucrative and is bound to significantly increase in the mobile market... Types of Social Engineering:

SMISHING A criminal act of attempting to manipulate a victim into providing sensitive information by masquerading as a trustworthy entity.

This is a well established, significant cyber threat, and mobile devices provide unique opportunities for phishing. Leverages voice communications primarily. This technique can be combined with other forms of social engineering that entice a victim to call a certain number and divulge sensitive information. Vishing exploits the public's trust in telephone services.

With vishing, fraudsters call multiple phone numbers at once, hoping for unsuspecting victims to pick up the phone. Upon answering, a recorded message instructs you to call in response to fraudulent activity within a bank or credit card account. Once you call in, you’re instructed to enter sensitive numbers on the keypad. Smishing – phishing in the form of a text message to your mobile phone. (The term “smishing” comes from the idea of SMS phishing.) In this form of phishing fraud, you receive a text message directing you to call or visit a website to confirm or enter personal info. Social Networks for Dummies... Enabling Objectives: Discuss who needs Cyber Security
Types of Network threats
Cyber Security impacts
Demystification of Cyber Security Today, someone in Uzbekistan owns your Personal Information
Full transcript