Presentation is loading. Please wait.

Presentation is loading. Please wait.

Las Positas College Flex Day

Published byJudith May Modified over 5 years ago

Similar presentations

Presentation on theme: "Las Positas College Flex Day"— Presentation transcript:

1 Las Positas College Flex Day
Data Security Las Positas College Flex Day

2 Starting Point #1: What do we mean by IT Security?

3 IT Security tries to achieve three things

4 IT Security tries to achieve three things
Maintain Confidentiality

5 IT Security tries to achieve three things
Confidentiality IT Security tries to achieve three things Maintain Data Integrity

6 IT Security tries to achieve three things
Integrity Confidentiality IT Security tries to achieve three things Maintain Availability

7 IT Security tries to do three things
Availability Integrity Confidentiality IT Security tries to do three things C. I. A.

8 Confidentiality Today’s Focus -

9 Starting Point #2: What Is Personally Identifiable Information?

10 Personally Identifiable Information (PII) Is…
More than just SSN Varies by state A combination of data elements…

11 What Is Personally Identifiable Information?
An individual’s first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted: (A) Social security number. (B) Driver’s license number or California identification card number. (C) Account number or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account. (D) Medical information. (E) Health insurance information. (F) Information or data collected through the use or operation of an automated license plate recognition system, as defined in Section (2) A user name or address, in combination with a password or security question and answer that would permit access to an online account. (i) (1) For purposes of this section, “personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.*

12 Some Bad News The number of reported PII breaches in 2017 was up 88% from 2016 2.5 BILLION records were exposed Source: gemalto.com

13 At Least We Aren’t in “Financial Services” or “Health Care”
Percentage of data breaches by industry Healthcare 27% Financial Services 12% Education 11% Government 11% Source: gemalto.com

14

15 Higher Education is enticing…
We handle LOTS of PII We tend to promote open access Our cyber-security tends to be underfunded compared to other industries

16 Recent Breaches – Higher Ed

17 Recent Breaches - Higher Ed

18 Recent Breaches – Higher Ed

19 Recent Breaches – Higher Ed
Augusta University August 16, 2018: The protected health information of 417,000 people has been exposed after a cyberattack on Augusta University. This data breach occurred after several accounts were compromised in a phishing attack. The individuals affected are primarily patients of Augusta University Health, Augusta University Medical Center, Children’s Hospital of Georgia, and more than 80 outpatient clinics around the state

20 Biggest Breaches – Of Interest

21 Biggest Breaches – Of Interest

22 Biggest Breaches – Of Interest
Equifax In 2017 Cybercriminals penetrated Equifax, one of the largest credit bureaus, in July and stole the personal data of 145 million people. It was considered among the worst breaches of all time because of the amount of sensitive information exposed, including Social Security numbers. The company only revealed the hack two months later. It could have an impact for years because the stolen data could be used for identity theft.

23 Biggest Breaches – Of Interest
Apollo October 2, 2018: A startup sales engagement company Apollo suffered a hack that exposed more than 200 million contact records from its prospect database. Names, addresses, company names, and other business contact information was included in the data. No financial or Social Security information was compromised.

24 How are breaches happening?

25 How are breaches happening?

26 Biggest Threats To Us In Higher Ed
Phishing – Stealing a password via Viruses – Malicious software Ransomware – Encrypt a person’s files and demand payment to get them back Data Loss – Devices with personal data are lost or stolen (phones, laptops, etc)

27 PHISHING

28 Phishing No Amount of Cyber Security Works
Firewalls Anti-Virus Activity Monitoring If someone gives away their username and password, or if someone can guess your password, they are YOU on our network.

29 YOU ARE THE MOST IMPORTANT PART OF OUR CYBER DEFENSES!
Phishing No Amount of Cyber Security Works Firewalls Anti-Virus Activity Monitoring If someone gives away their username and password, or if someone can guess your password they are YOU on our network. YOU ARE THE MOST IMPORTANT PART OF OUR CYBER DEFENSES!

30 We Interrupt This Broadcast For An Important Message

31 Passwords Change your password regularly, but not too often
Use a long, complex password where possible We are working on changing this for Classweb. Never log someone in under your credentials And, of course, never give it to anyone via or over the phone.

32 Worst Passwords of 2018 According to Osterman Research, Inc. the typical information worker spends 153 minutes per day working in and 51 minutes in social media – 42.5 percent of a typical eight - hour day – not to mention the various work - related and personal use of the web that takes place on a daily basis. Consequently, security for all of these tools must be of paramount concern for decision makers because of the substantial opportunity that they represent for ingress of malware and other threats. For example, our research found that during just the last 12 months: 74 percent of organizations have been infiltrated with malware through Websurfing 64 percent have experienced malware infiltration through . 22 percent have experienced an accidental or malicious leak of sensitive or confidential data through 14 percent of organizations have had malware enter the corporate network through social media or other Web 2.0 apps ial_Media_Security_Trustwave.pdf

33 Viruses

34 Viruses - The Good Ol’ Days
Hackers wanted to show how smart they were Glorified “pranks” with no monetary incentive Fueled by “nerd rage” – the Melissa Virus

35 Viruses - Not So Long Ago
Pop-up and “Adware” Hackers wanted to “take over” your computer Computer becomes a “Zombie” and is used to generate spam Zombies also used for attacks on businesses and government Money starting to creep in…

36 Viruses - Today Used to steal or gain access to information which can be sold Stealing passwords Stealing data directly off the computer Gaining access to other systems Mining for dollars, and…

37

38 Ransomware A newer form of Virus - Extortion
Encrypts all or most of the files on a computer or server Victims are sent messages directing them to pay for access to the files One Southern California College paid ~$30k to unlock 1700 PCs

39 Data Loss & Theft

40 Data Loss / Theft PII lives in MANY places PC’s and Laptops
Phones and Tablets Thumb Drives Hardcopy Files

41 So what are we able to do? Be vigilant for Phishing attacks
Be “smart” with your passwords Password123 needs to be changed. ITS is implementing a security framework CIS 20 Controls

42

43 Questions

Download ppt "Las Positas College Flex Day"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Parachute Neighborhood Watch Presentation February 9, 2010.

Parachute Neighborhood Watch Presentation February 9, 2010.
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.

Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
CYBER CRIME.

CYBER CRIME.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.

Internet Security Breach & Its Impact on Business Operations Kim Nguyen Manish Shirke Wa Mo Saravanan Velrajan.
Topic 5: Basic Security.

Topic 5: Basic Security.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. Cyber.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. Cyber.
Data Security at Duke DECEMBER 2015. What happened: “At this time, we have no indication that research data or personal data managed by Harvard systems.

Data Security at Duke DECEMBER What happened: “At this time, we have no indication that research data or personal data managed by Harvard systems.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
Https://www.youtube.com/watch?v=1hpU_Neg1KA. INTRODUCTION & QUESTIONS.

INTRODUCTION & QUESTIONS.

Similar presentations

Ads by Google