Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security.

Slides:



Advertisements
Similar presentations
No Cop on the Beat: Underenforcement in E-Commerce and Cybercrime Peter P. Swire Ohio State University & Center for American Progress Fordham CLIP Information.
Advertisements

Philippine Cybercrime Efforts
How to protect yourself, your computer, and others on the internet
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,
Protecting Personal Information Guidance for Business.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
David A. Brown Chief Information Security Officer State of Ohio
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
DHS, National Cyber Security Division Overview
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
(Geneva, Switzerland, September 2014)
IT Security Challenges In Higher Education Steve Schuster Cornell University.
CYBER CRIME AND SECURITY TRENDS
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Protecting the Security of Your Information Mary Beth Richards Federal Trade Commission May 7, 2008.
A First Course in Information Security
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
Transatlantic Cybersecurity: The Need for Regulatory Coordination EU-US High Level Regulatory Cooperation Forum April 11, 2013 Bruce Levinson
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
Part of a Broader Strategy
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,
Internet Drivers License CSS411/BIS421 Computing Technology & Public Policy Mark Kochanski Spring 2010.
Cybersecurity Governance in Ethiopia
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
A National approach to Cyber security/CIIP: Raising awareness.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.
EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/
Wrap-up. Goals Have fun! Teach you about Cyber Defense so that you can: –Interest your students in Cyber Defense –Teach your students about Cyber Defense.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.
Cybersecurity : Optimal Approach for PSAPs
The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.
U.S. Small Business Administration Answers | Resources | Support For Your Small Business Cybersecurity Awareness Cybersecurity Awareness Signs You’ve Been.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.
Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Tom Lenart & John Field CT DEMHS Region 2.  Department of Emergency Services and Public Protection (DESPP)  Commission on Fire Prevention and Control.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
WHAT IS IDENTITY THEFT?  Identity thieves take your personal information and use it to harm you in various ways, including these:  User names, passwords,
Presented By: Jennifer Thayer, SPHR, SHRM-SCP.  Identify CyberCrime and Types  Identify Steps to Take to Prevent Identity Theft  Learn Tips and Tricks.
Cybersecurity Presentation Insert Name CSIA 412. Agenda 0 Purpose of Legislation 0 Influence of Legislation 0 Legislation vs. Other Regulatory Demands.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Done by… Hanoof Al-Khaldi Information Assurance
Digital Citizenship Middle School
Data Compromises: A Tax Practitioners “Nightmare”
Home Computer Security
8 Building Blocks of National Cyber Strategies
Information Security Session October 24, 2005
Protecting Personal Information Guidance for Business.
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Prevention, Intelligence
Presentation transcript:

Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security

The Self-Assessment purpose  Snapshot of where the nation is Educate participants  Identify strengths and weaknesses  Identify gaps  Allocate responsibilities  Establish priorities  Provide input to a national cyber security strategy 10/19/10

The self-assessment audience  All participants – the ultimate target But to ensure national action, the self-assessment must be addressed to key decision makers in  Government (executive and legislative)  Business and industry  Other organizations and institutions  Individuals and the general public 10/19/10

key elements 10/18/104 Legal Framework Culture of Cybersecurity Incident Management Collaboration and Information Exchange Key Elements of a National Cybersecurity Strategy

The Self-Assessment key elements D. Culture of Security:  Develop security awareness programs for and outreach to all participants, for example, children, small business, etc.  Enhance science and technology (S&T) and research and development (R&D)  Other initiatives 10/19/10

Yael Weinman Counsel for International Consumer Protection Office of International Affairs U.S. Federal Trade Commission September 2010 A Cultural Shift: Cybersecurity Gets Personal

Federal Trade Commission  General jurisdiction consumer protection agency  Enforcement through federal district court and administrative litigation  Small agency 

Federal Trade Commission Three-prong approach:  Individual Culture  Organizational Culture  FTC Enforcement Components of Cybersecurity  Privacy and Data Security  Spam  Spyware  Identity Theft How the FTC Can Help  Consumer and Business Education  Research and Consultation  International cooperation

Personal Culture Privacy and Data Security It is every individual’s responsibility You don’t need computer expertise or to be a member of IT to ensure data privacy and security

Organizational Culture Privacy and Data Security Build in privacy and data security from the ground up Privacy Impact Assessments Routine use of data security hardware and software

Enforcement Privacy and Data Security

Personal Culture Spam and Phishing Don’t open unknown s Never open attachments unless you know the sender Type URLs into the address bar rather than clicking Don’t respond with account or personal information

Organizational Culture Spam and Phishing Let customers know how you will use their personal information—and stick to it Know the rules on sending unsolicited commercial (UCE) Know how to communicate with your customers

Enforcement Spam and Phishing $2.5 Million court-ordered fine for weight loss spam $413,000 fine under a settlement with an X rated website

Personal Culture Spyware Don’t install software from an unknown source on your computer Be aware that games and other freeware can contain spyware Maintain virus protection software

Organizational Culture Spyware A consumer’s computer belongs to him or her, not software distributors Full disclosures must be clear and conspicuous A consumer must be able to uninstall or disable downloaded software

Enforcement Spyware Zango: $3 million disgorgement Seismic Entertainment ERG Ventures

Identity Theft

Identity Theft Task Force

Strategy – 4 key areas  keeping sensitive consumer data out of the hands of identity thieves through better data security and more accessible education;  making it more difficult for identity thieves who obtain consumer data to use it to steal identities;  assisting the victims of identity theft in recovering from the crime; and  deterring identity theft by more aggressive prosecution and punishment of those who commit the crime

Consumer and Business Education  Guidance to Business  Consumer Education  Communicating effectively

OnGuardOnline

En Español

Spam

Spyware

Identity Theft

1.Take stock. 2.Scale down. 3.Lock it. 4.Pitch it. 5.Plan ahead. "Protecting PERSONAL INFORMATION: A Guide for Business" Five Key Principles

Additional Resources National Institute of Standards and Technology (NIST) Computer Security Resource Center. NIST’s Risk Management Guide for Information Technology Systems. Department of Homeland Security’s National Strategy to Secure Cyberspace. SANS (SysAdmin, Audit, Network, Security) Institute’s Twenty Most Critical Internet Security Vulnerabilities. United States Computer Emergency Readiness Team (US-CERT). cert.govwww.us- cert.gov Carnegie Mellon Software Engineering Institute’s CERT Coordination Center. Center for Internet Security (CIS). The Open Web Application Security Project. Institute for Security Technology Studies. OnGuard Online.

Thank you Yael Weinman Counsel for International Consumer Protection Office of International Affairs U.S. Federal Trade

Questions? Thank You Joseph Richardson 10/19/10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.