Presentation is loading. Please wait.

Presentation is loading. Please wait.

That could never happen to me! Think again.

Published byCamilla York Modified over 6 years ago

Similar presentations

Presentation on theme: "That could never happen to me! Think again."— Presentation transcript:

1 That could never happen to me! Think again.
Microsoft reports the ransomware attack rate in Canada is 4x higher than any other country A recent Anti-Phishing Working Group study states there are more phishing attacks “than at any other time in history” with incidents rising by a massive 250% in 2016. In the media… February 2016 – University of Florida reported that as many as 63,000 records were exposed. March Concordia University found hardware devices called keyloggers on some of its workstations. April Anonymous attacks Dalhousie University website and others May 2016 – University of Calgary suffers a substantial cybersecurity breach June 2016 –University of Regina attacked September Cyberattack cripples Appalaches school board, cancer support group; Data breaches on the scale of Yahoo are the security equivalent of ecological disasters; Four years after a data breach at cloud storage service Dropbox, details of more than 68 million user accounts have reportedly been leaked.

2 Cybersecurity ISAT Student Advisory Committee
October 3, 2016 Today we will talk a bit about my first 100 days at Queen’s, cyberattacks and prevention, the new cybersecurity program and how each of you can help effect change. Denise Ernst, ISO Office of the CIO

3 Information Security Officer – Denise Ernst
Champion the Information Security Program to reduce risk to Queen’s technology and digital information Promote a security aware culture through awareness campaigns, and community engagement, and process integration. Integrate security throughout Queen’s Events during my first 100 days: BOTS Vulnerabilities Ransomware Network attacks Phishing s Copyright violations I hate passwords I’m from Ottawa where I worked primarily in the Finance sector most recently at the Bank of Canada on their cybersecurity program. 25 years experience in IT with 15 years in Information Security in the Public and Private sectors Certified instructor with Safe and Secure Online love sports and all animals, enjoy reading, hate passwords! Of interest, - ½ FTE ITS dedicated to copyright violations. When we receive formal notification of a violation, we will be required by law to inform the person of their violation. The answer…well I can do this will no longer fly. - We detect 800 compromised accounts annually. May not sound like a big number but it takes but 1 to compromise the network

4 Types of cyberattacks Definition
Malicious software designed to block access to a computer system until a sum of money is paid. A network of computers commonly used to launch cyber attacks , including denial of service attacks or steal information. Tricking people into giving away account credentials usually through , phone, or text. Attack type BOTNET RANSOMWARE PHISHING Primary ways the attacks infect a computer: Obtain account credentials through malicious (e.g. phishing) Drive-by download Exploitation of a system vulnerability Payload from another malware Messages look like they are coming from trusted businesses, like banks, government agencies or even from Queen's University. Your credentials may be used to gain access to your device and possibly to commit crimes.

5 Be the human shield – report oddities
Don’t provide account information online unless absolutely necessary. Don’t click. ITS will never ask for your NetID password through or text Use different passwords for each device, website, and application. Use 2-factor authentication Install reputable security software and apps from reputable sites. Turn on restrictions. Don’t ignore updates. Install them as soon as possible. Turn on features to remotely locate and wipe a mobile device. Encrypt your devices. ITS offers free encryption service. Never automatically connect to WiFi. Use only trusted, encrypted networks. If you don’t trust the network use a VPN or trusted hotspot How much time do you spend thinking about security? Probably not as much as you should. We are all vulnerable to attack. It’s a virtual wildwest The home computer used to be the main point of attack but smartphones and tablets are just as likely to be targeted. Humans are the weakest link in information security. We are vulnerable to social engineering. We can be scammed. Follow the security principle of trust and verify. Celebrity sites often contain viruses. Be wary of s and links even though they may appear to come from a reputable business or trusted friend. Reputable companies will provide a contact number. Call and verify.

6 Enhancing cybersecurity @Queen’s
Queen’s is making changes to the security of their networks and systems to reduce the risk of a cyberattack. Stage /2017 Enhance technical capabilities to prevent and detect IT hijack Improve peoples’ ability to protect themselves against security threats Begin to foster a security-aware culture Stage 2 – 2017+ Transition overall cybersecurity practices from REACTIVE to PREVENTATIVE ITS is seeking your support and leadership by example This year’s program is designed to mitigated the top 3 global threats: 1. Exploitation of system vulnerabilities 2. Malware infection 3. Social engineering attack Focus areas: a. Enhance Network Security b. Improve Security c. End-point security d. Security awareness

7 Help champion change Promote security tips and tricks, events, course material on the ITS website: Follow ITS on Share and understand the Queen’s security policy and standards: Attend and promote upcoming security information sessions Reach out, ask questions: Other ideas?? While championing change, try to think about the different student roles and types of sensitive information they are entrusted to protect for instance: Students = protection of their personal information, physical identity, digital identity, social identity Student employees = stewards of Queen’s business information and third party, student, information list services. Grad students = in addition to their personal information and identity, they may be stewards of student academic information such as grades. Entrusted with safeguarding the information

Download ppt "That could never happen to me! Think again."

Similar presentations

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
Protecting Yourself Online (Information Assurance)

Protecting Yourself Online (Information Assurance)
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crimes.

Cyber Crimes.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Online Safety and Awareness. Introductions We are students at UNM We are taking an Information Security course this semester. It is our mission to teach.

Online Safety and Awareness. Introductions We are students at UNM We are taking an Information Security course this semester. It is our mission to teach.
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
Information Systems Services How to Protect Yourself On-Line – Keeping Safe At Home Neil Jowsey, IT Security Team 25 th September 2013.

Information Systems Services How to Protect Yourself On-Line – Keeping Safe At Home Neil Jowsey, IT Security Team 25 th September 2013.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.

Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Module 2.2 1. 2  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Https://www.youtube.com/watch?v=1hpU_Neg1KA. INTRODUCTION & QUESTIONS.

INTRODUCTION & QUESTIONS.

Similar presentations

Ads by Google