SlideShare a Scribd company logo

Rothke Sia 2006

Download as PPT, PDF
Ben Rothke
Ben Rothke

Presentation from SIA 2006 What Every Employee Needs to Know About Information Security by Ben Rothke

Technology
1 of 41
What Every Employee Needs to Know About Information Security Ben Rothke, CISSP
About me ,[object Object],[object Object],[object Object],[object Object]
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A word from the lawyers ,[object Object],[object Object],[object Object]
The need for information security ,[object Object],[object Object],[object Object]
Universal Goals of Information Security Confidentiality Integrity Authentication Interception Modification Fabrication Are my communications private? Has my communication been altered? Who am I dealing with?
Today’s security threats include Lost backup tapes Hackers Risk matrix Software Patches Power grid Data center Poor token management Political Malicious end-users Angry Customers Regulatory compliance Contractors Telco Poor revocation processes Terrorists Legal liability Unions External Environmental DR/BCP Internal External Unhappy customers Physical security Disgruntled employees Consultants Third-party Clients Operational Audit Lack of budget Vendor bankruptcy Software vulnerabilities Forensics Crypto keys Lack of staff Fraud Poor risk assessment Hactivists Spyware Blogs Insecure software Wireless Google No documentation Organized crime China India Illegal downloads Web-scripting Viruses Worms Malicious software Laptop stolen Phishing Identity theft DoS BlackBerry Social engineering Competition Information leakage E-mail
The risks are real
What is security awareness? ,[object Object],[object Object]
Why do we need security awareness? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Awareness ,[object Object],[object Object],[object Object],[object Object],[object Object]
Your role within information security ,[object Object],[object Object],[object Object]
Knowledge Is Power ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Core Awareness Areas ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The most overlooked person ,[object Object],[object Object]
Executive level ,[object Object],[object Object],[object Object],[object Object]
Viruses ,[object Object],[object Object]
Effects of a virus ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Spyware, but call it crimeware ,[object Object],[object Object],[object Object],[object Object]
E-mail safety ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
E-mail safety ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Corporate email policies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
E-mail safety
Physical security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Physical security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Laptops ,[object Object],[object Object],[object Object],[object Object],[object Object]
Passwords ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Choosing effective passwords ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Poor passwords ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Social engineering ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Social engineering ,[object Object],[object Object],[object Object],[object Object]
Phishing ,[object Object],[object Object],[object Object],[object Object],[object Object]
Phishing
Phishing
Phishing
Acceptable Use ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incidental use ,[object Object],[object Object],[object Object],[object Object]
Conclusions
Keep things in context ,[object Object],[object Object],[object Object],[object Object],[object Object]
Keep things in context ,[object Object],[object Object],[object Object],[object Object]
Ben Rothke CISSP, CISM brothke@gmail.com

Recommended

Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber Safety
Harsh Tekriwal
 
Cyber safety 101
Cyber safety 101Cyber safety 101
Cyber safety 101
Manjula Sridhar
 
Internet safety v 4 slides and notes
Internet safety v 4 slides and notesInternet safety v 4 slides and notes
Internet safety v 4 slides and notes
Linda Barron
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
Shubham Kala
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Terms
mikel_l
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safety
Jana Jiwan Secondary School, Khairahani-2, Chainpur
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
sajeena81
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
Core Security
 

Recommended

Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber Safety
Harsh Tekriwal
 
Cyber safety 101
Cyber safety 101Cyber safety 101
Cyber safety 101
Manjula Sridhar
 
Internet safety v 4 slides and notes
Internet safety v 4 slides and notesInternet safety v 4 slides and notes
Internet safety v 4 slides and notes
Linda Barron
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
Shubham Kala
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Terms
mikel_l
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safety
Jana Jiwan Secondary School, Khairahani-2, Chainpur
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
sajeena81
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
Core Security
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safety
MOHAMMADZAINULABIDEE3
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
zahid_ned
 
Online safety and malwares
Online safety and malwaresOnline safety and malwares
Online safety and malwares
Fersie Ann Malacas
 
Internet security
Internet securityInternet security
Internet security
at1211
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
Hafizra Mas
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Depankar Chakrabarty
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
Hem Pokhrel
 
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesCyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Parsons Behle & Latimer
 
Hacking
HackingHacking
Hacking
sajeena81
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
mfaheemakhtar
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
patelripal99
 
Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanism
CAS
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
Srikanth VNV
 
The History of Hacking in 5minutes (for dummie)
The History of Hacking in 5minutes (for dummie)The History of Hacking in 5minutes (for dummie)
The History of Hacking in 5minutes (for dummie)
Stu Sjouwerman
 
ICT Form 4: Hacking
ICT Form 4: HackingICT Form 4: Hacking
ICT Form 4: Hacking
Qhaiyum Shah
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
Angelito Quiambao
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
Juan Miguel Palero
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and security
jovellconde1
 
Evaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC AssessmentEvaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC Assessment
Jay McLaughlin
 
Regulatory Cybersecurity Assessment
Regulatory Cybersecurity AssessmentRegulatory Cybersecurity Assessment
Regulatory Cybersecurity Assessment
Mitchell Grooms
 

More Related Content

What's hot

Internet security
Internet securityInternet security
Internet security
at1211
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
Hafizra Mas
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
Hem Pokhrel
 

What's hot (20)

Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safety
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Online safety and malwares
Online safety and malwaresOnline safety and malwares
Online safety and malwares
 
Internet security
Internet securityInternet security
Internet security
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
 
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data BreachesCyber Security Update: How to Train Your Employees to Prevent Data Breaches
Cyber Security Update: How to Train Your Employees to Prevent Data Breaches
 
Hacking
HackingHacking
Hacking
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
 
Internet security
Internet securityInternet security
Internet security
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanism
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
 
The History of Hacking in 5minutes (for dummie)
The History of Hacking in 5minutes (for dummie)The History of Hacking in 5minutes (for dummie)
The History of Hacking in 5minutes (for dummie)
 
ICT Form 4: Hacking
ICT Form 4: HackingICT Form 4: Hacking
ICT Form 4: Hacking
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and security
 

Viewers also liked

Evaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC AssessmentEvaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC Assessment
Jay McLaughlin
 
Regulatory Cybersecurity Assessment
Regulatory Cybersecurity AssessmentRegulatory Cybersecurity Assessment
Regulatory Cybersecurity Assessment
Mitchell Grooms
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Government Technology and Services Coalition
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Investorideas.com
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 

Viewers also liked (20)

Evaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC AssessmentEvaluating your Cybersecurity Preparedness - FFIEC Assessment
Evaluating your Cybersecurity Preparedness - FFIEC Assessment
 
Regulatory Cybersecurity Assessment
Regulatory Cybersecurity AssessmentRegulatory Cybersecurity Assessment
Regulatory Cybersecurity Assessment
 
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...
 
Cyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersCyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency Managers
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Solving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity DilemmaSolving the CIO’s Cybersecurity Dilemma
Solving the CIO’s Cybersecurity Dilemma
 
Threat Based Risk Assessment
Threat Based Risk AssessmentThreat Based Risk Assessment
Threat Based Risk Assessment
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
Speaker Kiersten E. Todt, President and Managing Partner, Liberty Group Ventu...
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)Cyber-Risk-Management-Assessment (1)
Cyber-Risk-Management-Assessment (1)
 
Introducing vsRisk 2.6
Introducing vsRisk 2.6Introducing vsRisk 2.6
Introducing vsRisk 2.6
 
NIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross ReferenceNIST Cybersecurity Framework Cross Reference
NIST Cybersecurity Framework Cross Reference
 
Enterprise Architecture: The role of the Design Authority
Enterprise Architecture: The role of the Design AuthorityEnterprise Architecture: The role of the Design Authority
Enterprise Architecture: The role of the Design Authority
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 

Similar to Rothke Sia 2006

Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
WeSecureApp
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
leahg118
 

Similar to Rothke Sia 2006 (20)

Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
7 Small Business Security Tips
7 Small Business Security Tips7 Small Business Security Tips
7 Small Business Security Tips
 
Intro to Information Security.ppt
Intro to Information Security.pptIntro to Information Security.ppt
Intro to Information Security.ppt
 
Security awareness-checklist 2019
Security awareness-checklist 2019Security awareness-checklist 2019
Security awareness-checklist 2019
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 
Data security
Data security Data security
Data security
 
Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies Cybersecurity Awareness E-book by Propelled Technologies
Cybersecurity Awareness E-book by Propelled Technologies
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security School Workshop
Cyber Security School WorkshopCyber Security School Workshop
Cyber Security School Workshop
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Security
 
information security and backup system
information security and backup systeminformation security and backup system
information security and backup system
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
cyber crime, Cyber Security, Introduction, Umakant Bhaskar Gohatre
 
User security awareness
User security awarenessUser security awareness
User security awareness
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 

More from Ben Rothke

Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
Ben Rothke
 

More from Ben Rothke (20)

Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
 
Rothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsRothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizations
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
Lessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comLessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity com
 
Lessons from ligatt
Lessons from ligattLessons from ligatt
Lessons from ligatt
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
Infosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperInfosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. Hooper
 
Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
 
Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
 
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceWebinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS Compliance
 
La nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftLa nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswift
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White Paper
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 

Recently uploaded

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Recently uploaded (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 

Rothke Sia 2006

  • 1. What Every Employee Needs to Know About Information Security Ben Rothke, CISSP
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Universal Goals of Information Security Confidentiality Integrity Authentication Interception Modification Fabrication Are my communications private? Has my communication been altered? Who am I dealing with?
  • 7. Today’s security threats include Lost backup tapes Hackers Risk matrix Software Patches Power grid Data center Poor token management Political Malicious end-users Angry Customers Regulatory compliance Contractors Telco Poor revocation processes Terrorists Legal liability Unions External Environmental DR/BCP Internal External Unhappy customers Physical security Disgruntled employees Consultants Third-party Clients Operational Audit Lack of budget Vendor bankruptcy Software vulnerabilities Forensics Crypto keys Lack of staff Fraud Poor risk assessment Hactivists Spyware Blogs Insecure software Wireless Google No documentation Organized crime China India Illegal downloads Web-scripting Viruses Worms Malicious software Laptop stolen Phishing Identity theft DoS BlackBerry Social engineering Competition Information leakage E-mail
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 36.
  • 37.
  • 39.
  • 40.
  • 41. Ben Rothke CISSP, CISM brothke@gmail.com