electronic information security · 2016. 12. 14. · viruses & malware • a computer virus is...
TRANSCRIPT
![Page 1: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/1.jpg)
Cybersecurity Overview
WYCCC December 14, 2016
![Page 2: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/2.jpg)
Mark Mellas Vice President
Commercial Lending
Tim Tewksbury Senior Vice President
Chief Information Officer
![Page 3: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/3.jpg)
Where did we come from?
![Page 4: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/4.jpg)
Data Availability, Integrity, Authentication,
Authorization • Provide safeguards to ensure data is available when
we need it. • Ensuring accuracy and consistency to data stored
electronically. • Provide methods to verify credentials of those trying
to access data. • Provide mechanisms to determine access levels or
privileges to electronic data.
![Page 5: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/5.jpg)
Natural Disasters
Flooding
Tornados
Fire
![Page 6: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/6.jpg)
Cybersecurity ˌ /sībərsiˈkyo͝orədē/
• noun
• noun: cybersecurity • the state of being protected against the criminal or unauthorized use
of electronic data, or the measures taken to achieve this.
![Page 7: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/7.jpg)
The “Be Afraid” Slide
![Page 8: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/8.jpg)
The “Be Afraid” Slide #2
![Page 9: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/9.jpg)
Threat Actors
![Page 10: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/10.jpg)
Threats
• Physical Datacenter breach. • Disaster situations • Electronic Data Breach • Viruses and Malware including things like crypto locker algorithms. • Key loggers • Social Engineering
![Page 11: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/11.jpg)
Physical Safeguards
• Redundant data centers – servers, connectivity, and environmental • Restricted access to physical systems and electronic data • If outsourcing computer resources, review your vendor’s protocols,
know where your data is! (SSAE16) • Dual controls for administration of systems • Off network/ off site backups!! (tape, USB drives, outsourced
backups) • Remember your individual PCs and laptops!!!
![Page 12: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/12.jpg)
Electronic Safeguards
Firewalls – a component on the network or PC designed to block unauthorized access while
permitting outward communication.
Cisco, Meraki, and Microsoft Windows Firewall
![Page 13: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/13.jpg)
Viruses & Malware
• A computer virus is a type of malicious software program that, when executed, replicates by reproducing itself or infecting other computer programs by modifying them.
• Installation mechanisms: • SPAM (unsolicited email) - email attachments or links in emails, Trojan horse
software • Fake websites or links to these sites • Access to computer systems that are unpatched/out of date.
![Page 14: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/14.jpg)
Viruses & Malware
• Effects: • Performance degradation on your PC (adware) • Can steal personal information saved on your system or anything you have
access to. • Can corrupt system files making the PC or server unusable. • Keyloggers - has the capability to record every keystroke you make to a log file • CryptoLockers - encrypts files on an affected system and demands ransom for
recovering the data. Can spread to any file to which you have “write access”.
![Page 15: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/15.jpg)
Email examples
• Emails with dangerous links – False Amazon, UPS, Fedex, or IRS emails asking you to click on an embedded link.
• Attachments (especially .zip or .exe files) – similar sources but asks you to run the attached files. Some purport to be invoices, IRS letters, or a document for you to review.
![Page 16: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/16.jpg)
Protect Yourself!
• Install an antivirus/antimalware package on ALL servers and PCs (Symantec, Norton, McAfee, Malwarebytes Antimalware)
• Verify that this software is getting regular updates from the vendor • Install an email AntiSpam solution (Symantec, AppRiver)
• ~70% of email is Spam! • Consider quarantining email attachments with .zip and .exe
extensions • Use a quality firewall and make sure it stays updated. • Keep electronic systems up to date – install latest patches, retire older
software.
![Page 17: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/17.jpg)
Time to upgrade your System(s)?
![Page 18: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/18.jpg)
Additionally, Protect Yourself by:
• Making sure you choose an adequate user name and password that mixes in small case letters, upper case letters, numbers and special characters
• Periodically change your password (90 days) • Safeguarding your username and password
![Page 19: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/19.jpg)
Password Reminders….
![Page 20: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/20.jpg)
Risks related to online transactions that you may face
• Passwords being written down and left out in the open • The use of old or inadequate passwords • Possibility of internal fraud or theft • Delays in terminating the rights of former employees • Lack of dual controls or other checks and balances over individual
access to online transaction capabilities.
![Page 21: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/21.jpg)
STUPID SPAM!!!!!!!
![Page 22: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/22.jpg)
![Page 23: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/23.jpg)
What is Social Engineering?
• Social engineering is the act of manipulating people so they give up
confidential information. • The types of information criminals are seeking can vary, but can
include your passwords, bank information, or access to your computer.
• Criminals use social engineering tactics because it is usually easier to exploit your natural inclination to trust then to hack your accounts.
• This could be SPAM email, phone calls, physical mail, impersonators…
![Page 24: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/24.jpg)
Flash/Thumb Drives
• Passwords - Use password protection on all flash drives • Encryption - Turn on encryption • Access - consider turning off access for flash drives
![Page 25: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/25.jpg)
So, I found this Flash Drive…
![Page 26: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/26.jpg)
Don’t Be a Victim!
• Slow down. Spammers want you to act first and think later - never let their urgency influence your careful review.
• Research the facts. Be suspicious of any unsolicited messages. • Delete any request for financial information or passwords. • Beware of any download. If you don’t know the sender personally AND
expect a file from them, downloading anything is a mistake. • Curiosity leads to careless clicking–if you don’t know what the email is
about, clicking links or using enclosed phone numbers is a poor choice. • Don’t let a link control where you land. Hovering over links in email will
show the actual URL at the bottom.
![Page 27: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/27.jpg)
Cyber Risk Management
Incident Response and resilience • Preparation Incident response plan and policy Incident response team
• Escalation: internal • Notification: external
![Page 28: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/28.jpg)
![Page 29: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/29.jpg)
Passwords are like underwear…
1. Change them often
2. Don’t share them
3. Don’t leave them out where others can see them
![Page 30: Electronic Information Security · 2016. 12. 14. · Viruses & Malware • A computer virus is a type of malicious software program that, when executed, replicates by reproducing](https://reader035.vdocuments.net/reader035/viewer/2022071014/5fcd770d84c05c62001a50b6/html5/thumbnails/30.jpg)
Summary
You are one of the most important links to keeping your customers’ information safe.