Security Mindset Lesson Introduction Why is cyber security important?

Slides:



Advertisements
Similar presentations
Introduction and Overview of Digital Crime and Digital Terrorism
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
OWASP Principles for GIS Data Security Keeping your GIS data secure.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Note1 (Intr1) Security Problems in Computing. Overview of Computer Security2 Outline Characteristics of computer intrusions –Terminology, Types Security.
1 An Overview of Computer Security computer security.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.
Maritime Cyber Risks – What is real, what is fiction?
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Anderson School of Management University of New Mexico.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
The Next Generation Identity Verification and Assured Rights Management Preventing Cybercrime and Protecting Privacy.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
-Tyler. Social/Ethical Concern Security -Sony’s Playstation Network (PSN) hacked in April Hacker gained access to personal information -May have.
Cyber Security Nevada Businesses Overview June, 2014.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Information Systems Security
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.
Intro to Computer Security For COP3502, Intro to Computer Science Lecture 1 1.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Computer Security By Duncan Hall.
INTRODUCTION & QUESTIONS.
ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
CYBER SECURITY PRACTICES: AN EXPERT PANEL DISCUSSION February 12, 2015 Harvard Business School Association of Boston.
5 different ways to get tricked on the internet. 1. Viruses A virus is a computer malware program that copies it’s files to the computer. This may allow.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.
Scott Hervoyavich December 6 th, 2011 CYBERCRIME.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Information Management System Ali Saeed Khan 29 th April, 2016.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
CS457 Introduction to Information Security Systems
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
3.6 Fundamentals of cyber security
Cybersecurity Awareness
Risk of the Internet At Home
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
Chapter 1: Introduction
Chapter 1: The Need for Cybersecurity
Information Systems for Health:
How to Mitigate the Consequences What are the Countermeasures?
Protecting Your Company’s Most Valuable Asset
Forensic and Investigative Accounting
Presentation transcript:

Security Mindset Lesson Introduction Why is cyber security important? How do we understand cyber security? What needs to be done to address cyber security?

Why Cyber Security? We worry about security when... ...we have something of value and there is a risk it could be harmed.

Why Cyber Security? Individuals store a lot of sensitive data online if stolen, criminals can profit from it Societies rely on the internet nefarious parties could profit by controlling it

Why Cyber Security? Smart Grids rely on cyber systems whoever controls the grid controls the community infrastructure Business and government proprietary information is often stored on the internet unauthorized access could be economically or politically disasterous

Security Impact Quiz Home Depot Facebook Ebay Apple JP Morgan Chase Each of these organizations suffered data breaches of more than 30,000 records. Check the companies that you have patronized: Home Depot Facebook Ebay Apple JP Morgan Chase Snapchat Anthem Target Twitter UPS Mozilla Nintendo

Cyber Assets at Risk How do we understand the risk to our online information and systems? We need to develop a security mindset What is the security mindset? Threats, vulnerabilities and attacks

Cyber Assets at Risk Threat source: who wants to do harm to us in our online lives Hacktivists: activists who do not like something you are or something you do. Cybercriminals: want to profit from our sensitive data for financial gain. Nation-states: Countries do it for political advantage or for espionage.

Vulnerabilities and Attacks threat actors exploit vulnerabilities to launch attacks attacks lead to compromises or security breaches vulnerabilities can be found in software, networks, and humans.

Vulnerabilities and Attacks Time to take a break!

Vulnerabilities and Attacks

Vulnerabilities and Attacks A few hours later...

Vulnerabilities and Attacks FAIL Muahaha! FAIL

A Real World Example:

Black Market Prices Quiz What is your hacked/stolen data worth on the Black Market (as of March 2015)? Enter dollar amounts in the boxes next to the data. 3 digit security code on your credit card Credit card information PayPal/Ebay account Health information 3-digit: $2 CC: $5-$45 Paypal: $27 Health: $10

Sony Pictures Quiz The threat source was: With regards to the “The Interview” (2014) related hack, answer the following questions. Put the number of the correct answer in the box next to the question: The threat source was: [1] cybercriminals, [2] Hacktivists, or [3] Nation-State Goal of the attack was: [1] Monetize stolen information, [2] Stop Sony from releasing the movie “interview”), [3] Extort money from Sony What did the attack accomplish: [1] Disclosed sensitive data, [2] Destroyed Sony computers

Revisiting Threats, Vulnerabilities, Attacks, and Risk Relationship of Key Cyber Security Concepts

What Should We do in Cyber Security? Make threats go away (crime should not pay) Reduce vulnerabilities Strive to meet security requirements of sensitive information: Confidentiality Integrity Availability Other consequences (stuxnet, physical) CIA (not the intelligence agency)

What should the Good Guys Do? Prevention Detection Response Recovery and remediation Policy (what) vs. mechanism (how)

How Do We Address Cyber Security? Reduce vulnerabilities by following basic design principles for secure systems: Complexity is the enemy (economy of mechanism) Fail-safe defaults Complete mediation Open Design Least Privilege Psychological acceptability ......

Mindset Quiz #1 What is the estimated value of world-wide losses due to cybercrime? Less than $10 Billion (US) Close to $500 Billion (US) Trillions of US Dollars

Mindset Quiz #2 Data breaches violate which of the following security requirements? Integrity Availability Confidentiality

Mindset Quiz #3 What security weakness was exploited to enable Stuxnet malware to compromise Iran's nuclear plan networks? Out of date anti-virus system Disloyal employees or poor judgment by humans Weak security controls, such as easy to guess passwords

Security Mindset Lesson Summary Cyber Security: HUGE problem for people, governments, companies, etc Enhance the level of assurance of systems Security mindset requires we know: threats actors/motivations how they successfully attack

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.