Cybersecurity and Cyberhygiene

Slides:



Advertisements
Similar presentations
®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Advertisements

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
LittleOrange Internet Security an Endpoint Security Appliance.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Internet Security In the 21st Century Presented by Daniel Mills.
Securing a Wireless Network
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
FIREWALL. The member in group 1. Bhummikorn M.2/5 No.5 2.Borwornrat Khrongsiriwat M.2/5 No.6 3. Panaphon sangobsakun M.2/5 No.20 4.Kalint Muangsornkeaw.
Module 7: Implementing Security Using Group Policy.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Windows Tutorial 5 Protecting Your Computer
Security fundamentals
ITMT Windows 7 Configuration Chapter 10 – Securing Windows 7
Managing Windows Security
Methods of Securing Data in Windows Networks
What they are and how to protect against them
Hotspot Shield Protect Your Online Identity
Unit 4 IT Security.
Instructor Materials Chapter 7 Network Security
Before the talk… Zix Mail is the approved encrypted platform, we will have training on this soon. Citrix Sharefile has been approved for use for.
TECHNOLOGY GUIDE THREE
© 2015 Air Force Association
EN Lecture Notes Spring 2016
Securing A Wireless Network
Click to edit Master subtitle style
Cyber Security By: Pratik Gandhi.
Introduction to Networking
Firewalls.
Security of a Local Area Network
Teaching Computing to GCSE
Information Security Session November 11, 2004
Risk of the Internet At Home
Cybersecurity Strategy
Digital Pacman: Firewall Edition
Information Security Session October 24, 2005
Intro to Ethical Hacking
Intro to Ethical Hacking
Take Cyber Security “TO HEART”
Design Unit 26 Design a small or home office network
Top Ten Cyber Security Hygiene Tips
Chapter 3: Protecting Your Data and Privacy
Implementing Client Security on Windows 2000 and Windows XP Level 150
Cyber Security - Protecting Information
Securing Windows 7 Lesson 10.
Network hardening Chapter 14.
Test 3 review FTP & Cybersecurity
Hacking Windows Damian Gordon.
Protection Mechanisms in Security Management
6. Application Software Security
Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd
Bethesda Cybersecurity Club
Presentation transcript:

Cybersecurity and Cyberhygiene Clark Evans, ACB, CL

Cybersecurity Pew Research Center Cybersecurity Quiz Americans’ familiarity with cybersecurity concepts 1,055 took a 10-question survey Score: 10/10: 99th percentile Score: 9/10: 96th percentile Score: 8/10: 91st percentile Score: 7/10: 84th percentile Score: 6/10: 73rd percentile I’ll briefly present some good Cyber-Hygiene practices.

Cyber-hygiene: Preventing Attacks How many users are on your PC or laptop? Do they all have their own account? You don’t want your kids or grandkids to be able to wipe the machine out downloading the latest virtual reality game right that turns out to actually be malware right? Suggestions: Multiple Accounts with limited privileges Also secure the original Administrative Account by re- naming from “Admin” or “Root”. Protect all accounts with passwords

Cyber-hygiene: Preventing Attacks Authentication: Choose a Strong Password! Hacking threat (ex. Brute Force; social engineering) Always change default passwords (ex. factory) Password Strength Measures Length (ex. 8 characters) Complexity (UPPER; lower; 124; ##$*@!) Maximum age Minimum age History settings (re-use blocked for # generations) Account lockout after # of attempts Screen Lock activated? Re-entry of password required?

Cyber-hygiene: Preventing Attacks In addition to Passwords: Two-factor Authentication enhances security! Combines any of the below Authentication Factors Something you know Ex. Password Something you have Ex. Access Card; Fob Something you are Ex. Retina or fingerprint scan

Cyber-hygiene: Preventing Attacks Protect your data through encryption! Requires credentials/keys (password/PIN) to unscramble In Transit (Data Transmission Encryption) Internet: Is your browsing session encrypted? Ensure use of https:// protocol (not http:) when entering sensitive information! VPN: Dedicated/encrypted connection to a network via Internet Protected At Rest Enable BitLocker: Built in on Windows Vista and Later if you have: Professional version Enterprise version Other Endpoint Encryption applications McAfee Symantec Trend Micro

Cyber-hygiene: Preventing Attacks Firewalls Can block traffic by numerous properties “Problem” IP addresses and domains (ex. Robya.blind.com) Ports (Ex. Well-known TCP/UDP port numbers are associated with certain services. Ex. Port 80 = http) Other attributes (ex. content for some types of firewalls) Network-Based Protects an entire network from external traffic Also can use to make part of a network more secure Host-Based Protects host equipment only ex. Turn on Windows Firewall on your PC/laptop!

Cyber-hygiene: Preventing Attacks MAC Filters Can be used to restrict devices by their unique MAC Address Used on Access Points (ex. Wireless Router) May also be configured on firewalls SSID Broadcast (Wireless) Turn off your wireless SSID broadcast (Still possible to connect by typing SSID name)

Cyber-hygiene: Preventing Attacks If a potential attack does get through…. Common Attack types Malware (Spyware; Adware; Virus; Trojan Horse) Use Anti-Malware; Anti-Virus; Endpoint protection Phishing and Ransomware Watch for solicitation e-mails to click on links Often appear to be from someone you know/do business with Links within e-mail often direct user to a third party site Even clicking on the link can compromise data Some links lead to malicious sites (think Identity theft)

Cyber-hygiene: Preventing Attacks Patch (update) all computers/smart devices! Critical (non-optional) Operating System patches Application Patches Anti-Virus/Anti-Malware/Endpoint Protection Ensure definitions are updated when provider releases

Cyber-hygiene: Preventing Attacks Vulnerability Scans can identify security gaps Ex. Microsoft Baseline Security Analyzer Free tool downloadable from Microsoft Network-level scanners Nessus Qualys Retina

Further Reading For more information about Cybersecurity Awareness in the US as reflected in the study: http://www.pewinternet.org/2017/03/22/what- the-public-knows-about-cybersecurity/ Other sources of helpful hints: https://www.sans.org/tip-of-the-day https://www.cisecurity.org/resources/daily-tip/

Stay safe! Best of luck!