SlideShare ist ein Scribd-Unternehmen logo

TIES 2013 Education Technology Conference

Evan Francen
Evan Francen

Presentation delivered by FRSecure's President Evan Francen on 12/17/13 at the TIES 2013 Education Technology Conference

TechnologieBildung
1 von 24
With respect to information security
Topics  Introduction  Is K-12 Doing What We Should?  Protecting Private Data  Preparing Kids Well  You probably came to see something cool  Let‟s Work Together
Introduction – Evan Francen • Co-founder of FRSecure • Information security expert with 20 years of experience • Areas of expertise include information security governance, risk management, social engineering, compliance, and the things nobody else likes to do • Information security evangelist • Nickname is “the truth”
Introduction – About FRSecure • Information Security is all we do… • Methodologies; we create and use a ton of „em • Project Leaders all have 15+ years of experience • Transparent; we value knowledge transfer • Product agnostic means we can more easily serve your needs without conflict
Protecting Private Data • Types of data that K-12 is responsible for • Types of people using our technology How are we doing?
Protecting Private Data
Since 2005, there have been 716 breaches of educational institutions involving more than 13 million private records* (Source: Privacy Rights Clearinghouse - https://www.privacyrights.org/databreach/new) These are the breaches that we know about
Protecting Private Data • People are the greatest risk • We can‟t fix people with technology How comfortable are you with the mundane? (people want the new cool thing, but how “cool” is policy?)
Protecting Private Data – Three Things Every school should do these three things well. • Information security governance • Information security training & awareness • Information security incident response How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security governance – what are the rules? • Management commitment • Information security policies • Information security processes How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security training & awareness – people need to know the rules • Training & awareness are two separate, but related initiatives • Training – teaching the audience how to do something specific • Awareness – keeping a specific topic “top of mind” How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security incident response – what do you do if someone breaks the rules or if the rules are ineffective? • If you don‟t know of an incident, it doesn‟t mean that one hasn‟t happened • Incident response should be a formalized, step-by-step process • An incident doesn‟t mean a breach How comfortable are you with the mundane?
Protecting Private Data – Three Things Common deficiencies Information security governance • Everybody seems to think that information security is an IT issue • If a school has policies, they are often ineffective and critical processes are sometimes missed • Compliance is not measured and/or enforced How comfortable are you with the mundane?
Protecting Private Data – Three Things Common deficiencies Information security training & awareness • There isn‟t a formal training & awareness program • People assume that there‟s common sense • Training is confused with awareness or vice versa How comfortable are you with the mundane?
Preparing Kids Well For a career in information security We have a huge shortage of good information security professionals, and the problem is only expected to get worse.
Preparing Kids Well For a career in information security
Preparing Kids Well For a career in information security • Is there an opportunity to teach the kids real-world information security skills in the classroom? • Is there an opportunity to teach the kids real-world information security skills after school?
Preparing Kids Well For life • Are the kids taught about identity theft and how to protect themselves? • Are the kids taught about regulatory compliance, policies, password management, etc.?
Preparing Kids Well Opportunity FRSecure is very willing and able to work with K-12 to help • Can we develop courses for the students? • Can we develop after school activities for students? How about a “Hacking Club”?
You probably came to see something cool Didn‟t you? Pretty basic, but still pretty cool. 1. ARP poisoning for passwords 2. Bypassing Website filtering
You probably came to see something cool ARP Poisoning We use ARP poisoning to audit networks, the bad guys use it to steal passwords. Using Cain & Abel Want step-by-step instructions? Give me your business card and I‟ll email you.
You probably came to see something cool Bypassing your Web filtering Works (almost) all the time. Using Tor Want step-by-step instructions? Give me your business card and I‟ll email you.
Let’s work together! FRSecure exists to solve difficult information security challenges with our clients & friends. We don’t have to do business together in order to work together. Two things: 1. Helping you secure your information 2. Helping equip students
Questions? FRSecure 141 West Main Street Waconia, MN 55387 Evan Francen – evan@frsecure.com

Empfohlen

Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention emilyensign
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementaryemilyensign
 
Online Security for Kids
Online Security for KidsOnline Security for Kids
Online Security for KidsPatrick Laverty
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutirysefreed
 
Digital citizenship project[1]
Digital citizenship project[1]Digital citizenship project[1]
Digital citizenship project[1]lackl
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
The 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship SuccessThe 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship Successemilyensign
 
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Louise Jones
 

Empfohlen

Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention emilyensign
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementaryemilyensign
 
Online Security for Kids
Online Security for KidsOnline Security for Kids
Online Security for KidsPatrick Laverty
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutirysefreed
 
Digital citizenship project[1]
Digital citizenship project[1]Digital citizenship project[1]
Digital citizenship project[1]lackl
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
The 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship SuccessThe 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship Successemilyensign
 
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Louise Jones
 
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Curtis A. Carver Jr.
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015emilyensign
 
Ethics for IT Professionals
Ethics for IT ProfessionalsEthics for IT Professionals
Ethics for IT ProfessionalsProf. Erwin Globio
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
The HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachThe HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachLouise Jones
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?Kevin O'Connor
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Enhance Systems Pvt. Ltd.
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Security Conference
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenshipbigblackschlong
 
eSafety Presentation
eSafety PresentationeSafety Presentation
eSafety PresentationMr_Elliott
 
Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525chadolivard
 
Question 1
Question 1Question 1
Question 1thamt5
 
Considerations for ICT in Learning
Considerations for ICT in Learning Considerations for ICT in Learning
Considerations for ICT in Learning Louise Jones
 
Making the Most out of Social Media!
Making the Most out of Social Media!Making the Most out of Social Media!
Making the Most out of Social Media!Louise Jones
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with securityStephen Cobb
 
Big Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingBig Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingDATAVERSITY
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentationCasey McDaniel
 
Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)Ruth Magaly Atanacio Romero
 
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014Leanskill.com
 

Weitere ähnliche Inhalte

Was ist angesagt?

ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Curtis A. Carver Jr.
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015emilyensign
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
The HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachThe HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachLouise Jones
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?Kevin O'Connor
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Enhance Systems Pvt. Ltd.
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
 
eSafety Presentation
eSafety PresentationeSafety Presentation
eSafety PresentationMr_Elliott
 
Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525chadolivard
 
Question 1
Question 1Question 1
Question 1thamt5
 
Considerations for ICT in Learning
Considerations for ICT in Learning Considerations for ICT in Learning
Considerations for ICT in Learning Louise Jones
 
Making the Most out of Social Media!
Making the Most out of Social Media!Making the Most out of Social Media!
Making the Most out of Social Media!Louise Jones
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with securityStephen Cobb
 
Big Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingBig Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingDATAVERSITY
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentationCasey McDaniel
 

Was ist angesagt? (20)

ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015
 
Ethics for IT Professionals
Ethics for IT ProfessionalsEthics for IT Professionals
Ethics for IT Professionals
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updated
 
The HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachThe HIghland Council E-Safety Approach
The HIghland Council E-Safety Approach
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || Keynote
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenship
 
eSafety Presentation
eSafety PresentationeSafety Presentation
eSafety Presentation
 
Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525
 
Question 1
Question 1Question 1
Question 1
 
Considerations for ICT in Learning
Considerations for ICT in Learning Considerations for ICT in Learning
Considerations for ICT in Learning
 
Making the Most out of Social Media!
Making the Most out of Social Media!Making the Most out of Social Media!
Making the Most out of Social Media!
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
 
Big Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingBig Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data Modeling
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentation
 

Andere mochten auch

SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014Leanskill.com
 
Maneras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digitalManeras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digitalfarfan93
 
Evolución del derecho colectivo
Evolución del derecho colectivoEvolución del derecho colectivo
Evolución del derecho colectivoMarbelis Perez
 
Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados Dr. Cristóbal Longton
 
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad TécnicaDocumentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad TécnicaProyecto Red Eureka
 
Diseño instruccional
Diseño instruccionalDiseño instruccional
Diseño instruccionalpsicdaniel13
 
Desforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatríaDesforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatríaSebastian Villegas
 
IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00) IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00) Bill Tai
 
Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule Dr. Cristóbal Longton
 
Microencapsulation presentation
Microencapsulation presentationMicroencapsulation presentation
Microencapsulation presentationMSPalan
 
Kuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple inKuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple inZuzan Michael Japang
 
Introduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfortIntroduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfortSu Butcher
 

Andere mochten auch (20)

Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)
 
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
 
Maneras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digitalManeras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digital
 
Evolución del derecho colectivo
Evolución del derecho colectivoEvolución del derecho colectivo
Evolución del derecho colectivo
 
Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados
 
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad TécnicaDocumentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
 
Diseño instruccional
Diseño instruccionalDiseño instruccional
Diseño instruccional
 
Alemanha
AlemanhaAlemanha
Alemanha
 
5.guia amplificacion y reduccion
5.guia amplificacion y reduccion5.guia amplificacion y reduccion
5.guia amplificacion y reduccion
 
Desforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatríaDesforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatría
 
IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00) IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00)
 
Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule
 
Microencapsulation presentation
Microencapsulation presentationMicroencapsulation presentation
Microencapsulation presentation
 
TECNOLOGÍA DE SELLADO DE VASOS
TECNOLOGÍA DE SELLADO DE VASOSTECNOLOGÍA DE SELLADO DE VASOS
TECNOLOGÍA DE SELLADO DE VASOS
 
Kuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple inKuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple in
 
Introduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfortIntroduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfort
 
Manejo de paciente quemado
Manejo de paciente quemadoManejo de paciente quemado
Manejo de paciente quemado
 
La Evaluacion en el Aula
La Evaluacion en el AulaLa Evaluacion en el Aula
La Evaluacion en el Aula
 
Electroplating
ElectroplatingElectroplating
Electroplating
 
STS Resume DEC 3
STS Resume DEC 3STS Resume DEC 3
STS Resume DEC 3
 

Ähnlich wie TIES 2013 Education Technology Conference

People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
Data Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveData Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveTargetX
 
Online safety Ofsted 2015
Online safety Ofsted 2015Online safety Ofsted 2015
Online safety Ofsted 2015bellla33
 
Information Security & Manufacturing
Information Security & ManufacturingInformation Security & Manufacturing
Information Security & ManufacturingEvan Francen
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online securityPaul Berryman
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1FRSecure
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT IssueEvan Francen
 
Esafety for Ofsted
Esafety for OfstedEsafety for Ofsted
Esafety for Ofstedbellla33
 
In Class Learning Activity
In Class Learning ActivityIn Class Learning Activity
In Class Learning Activityguest09fcd1
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
Managing Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceManaging Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceEvan Francen
 
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...mulingoh
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureCraig McGill
 

Ähnlich wie TIES 2013 Education Technology Conference (20)

People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
Common ethical issues
Common ethical issuesCommon ethical issues
Common ethical issues
 
Data Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveData Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a Positive
 
Online safety Ofsted 2015
Online safety Ofsted 2015Online safety Ofsted 2015
Online safety Ofsted 2015
 
Information Security & Manufacturing
Information Security & ManufacturingInformation Security & Manufacturing
Information Security & Manufacturing
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online security
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
 
Assessing Your security
Assessing Your securityAssessing Your security
Assessing Your security
 
Esafety for Ofsted
Esafety for OfstedEsafety for Ofsted
Esafety for Ofsted
 
In Class Learning Activity
In Class Learning ActivityIn Class Learning Activity
In Class Learning Activity
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
 
Managing Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceManaging Risk or Reacting to Compliance
Managing Risk or Reacting to Compliance
 
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
 
Group1 Ppt
Group1 PptGroup1 Ppt
Group1 Ppt
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security culture
 
Online Safety
Online SafetyOnline Safety
Online Safety
 

Mehr von Evan Francen

WANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemWANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemEvan Francen
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasEvan Francen
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Evan Francen
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 
Step Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksStep Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksEvan Francen
 
Simple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment FraudSimple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment FraudEvan Francen
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017Evan Francen
 
AFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionAFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionEvan Francen
 
Mobile Information Security
Mobile Information SecurityMobile Information Security
Mobile Information SecurityEvan Francen
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance WorldEvan Francen
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderEvan Francen
 
FRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByFRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByEvan Francen
 
Meaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisEvan Francen
 
An Introduction to Information Security
An Introduction to Information SecurityAn Introduction to Information Security
An Introduction to Information SecurityEvan Francen
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 

Mehr von Evan Francen (17)

WANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemWANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language Problem
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware Dallas
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk Effectively
 
Step Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksStep Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party Risks
 
Simple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment FraudSimple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment Fraud
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017
 
AFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionAFCOM - Information Security State of the Union
AFCOM - Information Security State of the Union
 
Mobile Information Security
Mobile Information SecurityMobile Information Security
Mobile Information Security
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environment
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance World
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a Leader
 
FRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByFRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) By
 
Meaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk Analysis
 
An Introduction to Information Security
An Introduction to Information SecurityAn Introduction to Information Security
An Introduction to Information Security
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 

Kürzlich hochgeladen

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Kürzlich hochgeladen (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

TIES 2013 Education Technology Conference

  • 1. With respect to information security
  • 2. Topics  Introduction  Is K-12 Doing What We Should?  Protecting Private Data  Preparing Kids Well  You probably came to see something cool  Let‟s Work Together
  • 3. Introduction – Evan Francen • Co-founder of FRSecure • Information security expert with 20 years of experience • Areas of expertise include information security governance, risk management, social engineering, compliance, and the things nobody else likes to do • Information security evangelist • Nickname is “the truth”
  • 4. Introduction – About FRSecure • Information Security is all we do… • Methodologies; we create and use a ton of „em • Project Leaders all have 15+ years of experience • Transparent; we value knowledge transfer • Product agnostic means we can more easily serve your needs without conflict
  • 5. Protecting Private Data • Types of data that K-12 is responsible for • Types of people using our technology How are we doing?
  • 7. Since 2005, there have been 716 breaches of educational institutions involving more than 13 million private records* (Source: Privacy Rights Clearinghouse - https://www.privacyrights.org/databreach/new) These are the breaches that we know about
  • 8. Protecting Private Data • People are the greatest risk • We can‟t fix people with technology How comfortable are you with the mundane? (people want the new cool thing, but how “cool” is policy?)
  • 9. Protecting Private Data – Three Things Every school should do these three things well. • Information security governance • Information security training & awareness • Information security incident response How comfortable are you with the mundane?
  • 10. Protecting Private Data – Three Things Every school should do these three things well. Information security governance – what are the rules? • Management commitment • Information security policies • Information security processes How comfortable are you with the mundane?
  • 11. Protecting Private Data – Three Things Every school should do these three things well. Information security training & awareness – people need to know the rules • Training & awareness are two separate, but related initiatives • Training – teaching the audience how to do something specific • Awareness – keeping a specific topic “top of mind” How comfortable are you with the mundane?
  • 12. Protecting Private Data – Three Things Every school should do these three things well. Information security incident response – what do you do if someone breaks the rules or if the rules are ineffective? • If you don‟t know of an incident, it doesn‟t mean that one hasn‟t happened • Incident response should be a formalized, step-by-step process • An incident doesn‟t mean a breach How comfortable are you with the mundane?
  • 13. Protecting Private Data – Three Things Common deficiencies Information security governance • Everybody seems to think that information security is an IT issue • If a school has policies, they are often ineffective and critical processes are sometimes missed • Compliance is not measured and/or enforced How comfortable are you with the mundane?
  • 14. Protecting Private Data – Three Things Common deficiencies Information security training & awareness • There isn‟t a formal training & awareness program • People assume that there‟s common sense • Training is confused with awareness or vice versa How comfortable are you with the mundane?
  • 15. Preparing Kids Well For a career in information security We have a huge shortage of good information security professionals, and the problem is only expected to get worse.
  • 16. Preparing Kids Well For a career in information security
  • 17. Preparing Kids Well For a career in information security • Is there an opportunity to teach the kids real-world information security skills in the classroom? • Is there an opportunity to teach the kids real-world information security skills after school?
  • 18. Preparing Kids Well For life • Are the kids taught about identity theft and how to protect themselves? • Are the kids taught about regulatory compliance, policies, password management, etc.?
  • 19. Preparing Kids Well Opportunity FRSecure is very willing and able to work with K-12 to help • Can we develop courses for the students? • Can we develop after school activities for students? How about a “Hacking Club”?
  • 20. You probably came to see something cool Didn‟t you? Pretty basic, but still pretty cool. 1. ARP poisoning for passwords 2. Bypassing Website filtering
  • 21. You probably came to see something cool ARP Poisoning We use ARP poisoning to audit networks, the bad guys use it to steal passwords. Using Cain & Abel Want step-by-step instructions? Give me your business card and I‟ll email you.
  • 22. You probably came to see something cool Bypassing your Web filtering Works (almost) all the time. Using Tor Want step-by-step instructions? Give me your business card and I‟ll email you.
  • 23. Let’s work together! FRSecure exists to solve difficult information security challenges with our clients & friends. We don’t have to do business together in order to work together. Two things: 1. Helping you secure your information 2. Helping equip students
  • 24. Questions? FRSecure 141 West Main Street Waconia, MN 55387 Evan Francen – evan@frsecure.com