SlideShare ist ein Scribd-Unternehmen logo

TIES 2013 Education Technology Conference

Evan Francen
Evan Francen

Presentation delivered by FRSecure's President Evan Francen on 12/17/13 at the TIES 2013 Education Technology Conference

TechnologieBildung
1 von 24
With respect to information security
Topics  Introduction  Is K-12 Doing What We Should?  Protecting Private Data  Preparing Kids Well  You probably came to see something cool  Let‟s Work Together
Introduction – Evan Francen • Co-founder of FRSecure • Information security expert with 20 years of experience • Areas of expertise include information security governance, risk management, social engineering, compliance, and the things nobody else likes to do • Information security evangelist • Nickname is “the truth”
Introduction – About FRSecure • Information Security is all we do… • Methodologies; we create and use a ton of „em • Project Leaders all have 15+ years of experience • Transparent; we value knowledge transfer • Product agnostic means we can more easily serve your needs without conflict
Protecting Private Data • Types of data that K-12 is responsible for • Types of people using our technology How are we doing?
Protecting Private Data
Since 2005, there have been 716 breaches of educational institutions involving more than 13 million private records* (Source: Privacy Rights Clearinghouse - https://www.privacyrights.org/databreach/new) These are the breaches that we know about
Protecting Private Data • People are the greatest risk • We can‟t fix people with technology How comfortable are you with the mundane? (people want the new cool thing, but how “cool” is policy?)
Protecting Private Data – Three Things Every school should do these three things well. • Information security governance • Information security training & awareness • Information security incident response How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security governance – what are the rules? • Management commitment • Information security policies • Information security processes How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security training & awareness – people need to know the rules • Training & awareness are two separate, but related initiatives • Training – teaching the audience how to do something specific • Awareness – keeping a specific topic “top of mind” How comfortable are you with the mundane?
Protecting Private Data – Three Things Every school should do these three things well. Information security incident response – what do you do if someone breaks the rules or if the rules are ineffective? • If you don‟t know of an incident, it doesn‟t mean that one hasn‟t happened • Incident response should be a formalized, step-by-step process • An incident doesn‟t mean a breach How comfortable are you with the mundane?
Protecting Private Data – Three Things Common deficiencies Information security governance • Everybody seems to think that information security is an IT issue • If a school has policies, they are often ineffective and critical processes are sometimes missed • Compliance is not measured and/or enforced How comfortable are you with the mundane?
Protecting Private Data – Three Things Common deficiencies Information security training & awareness • There isn‟t a formal training & awareness program • People assume that there‟s common sense • Training is confused with awareness or vice versa How comfortable are you with the mundane?
Preparing Kids Well For a career in information security We have a huge shortage of good information security professionals, and the problem is only expected to get worse.
Preparing Kids Well For a career in information security
Preparing Kids Well For a career in information security • Is there an opportunity to teach the kids real-world information security skills in the classroom? • Is there an opportunity to teach the kids real-world information security skills after school?
Preparing Kids Well For life • Are the kids taught about identity theft and how to protect themselves? • Are the kids taught about regulatory compliance, policies, password management, etc.?
Preparing Kids Well Opportunity FRSecure is very willing and able to work with K-12 to help • Can we develop courses for the students? • Can we develop after school activities for students? How about a “Hacking Club”?
You probably came to see something cool Didn‟t you? Pretty basic, but still pretty cool. 1. ARP poisoning for passwords 2. Bypassing Website filtering
You probably came to see something cool ARP Poisoning We use ARP poisoning to audit networks, the bad guys use it to steal passwords. Using Cain & Abel Want step-by-step instructions? Give me your business card and I‟ll email you.
You probably came to see something cool Bypassing your Web filtering Works (almost) all the time. Using Tor Want step-by-step instructions? Give me your business card and I‟ll email you.
Let’s work together! FRSecure exists to solve difficult information security challenges with our clients & friends. We don’t have to do business together in order to work together. Two things: 1. Helping you secure your information 2. Helping equip students
Questions? FRSecure 141 West Main Street Waconia, MN 55387 Evan Francen – evan@frsecure.com

Empfohlen

Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention
emilyensign
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementary
emilyensign
 
Online Security for Kids
Online Security for KidsOnline Security for Kids
Online Security for Kids
Patrick Laverty
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutiry
sefreed
 
Digital citizenship project[1]
Digital citizenship project[1]Digital citizenship project[1]
Digital citizenship project[1]
lackl
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014
emilyensign
 
The 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship SuccessThe 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship Success
emilyensign
 
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Louise Jones
 

Empfohlen

Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention
emilyensign
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementary
emilyensign
 
Online Security for Kids
Online Security for KidsOnline Security for Kids
Online Security for Kids
Patrick Laverty
 
O'leary Cyber Secutiry
O'leary Cyber SecutiryO'leary Cyber Secutiry
O'leary Cyber Secutiry
sefreed
 
Digital citizenship project[1]
Digital citizenship project[1]Digital citizenship project[1]
Digital citizenship project[1]
lackl
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014
emilyensign
 
The 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship SuccessThe 6 Pillars of Digital Citizenship Success
The 6 Pillars of Digital Citizenship Success
emilyensign
 
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Scottish Government Ministerial Summit December 2013 Emerging issues for E-Sa...
Louise Jones
 
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2
Curtis A. Carver Jr.
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015
emilyensign
 
Ethics for IT Professionals
Ethics for IT ProfessionalsEthics for IT Professionals
Ethics for IT Professionals
Prof. Erwin Globio
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updated
Advent IM Ltd
 
The HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachThe HIghland Council E-Safety Approach
The HIghland Council E-Safety Approach
Louise Jones
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?
Kevin O'Connor
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
Stephen Cobb
 
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Enhance Systems Pvt. Ltd.
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || Keynote
BlueHat Security Conference
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
Evan Francen
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenship
bigblackschlong
 
eSafety Presentation
eSafety PresentationeSafety Presentation
eSafety Presentation
Mr_Elliott
 
Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525
chadolivard
 
Question 1
Question 1Question 1
Question 1
thamt5
 
Considerations for ICT in Learning
Considerations for ICT in Learning Considerations for ICT in Learning
Considerations for ICT in Learning
Louise Jones
 
Making the Most out of Social Media!
Making the Most out of Social Media!Making the Most out of Social Media!
Making the Most out of Social Media!
Louise Jones
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
Stephen Cobb
 
Big Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingBig Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data Modeling
DATAVERSITY
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentation
Casey McDaniel
 
Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)
Ruth Magaly Atanacio Romero
 
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
Leanskill.com
 

Weitere ähnliche Inhalte

Was ist angesagt?

Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525
chadolivard
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentation
Casey McDaniel
 

Was ist angesagt? (20)

ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
ConnectSafely's One Good Thing presentation for InSafe Vilnius meeting 2014
 
Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2Innovation, agility, and a fight for survival a love storyv2
Innovation, agility, and a fight for survival a love storyv2
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015
 
Ethics for IT Professionals
Ethics for IT ProfessionalsEthics for IT Professionals
Ethics for IT Professionals
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updated
 
The HIghland Council E-Safety Approach
The HIghland Council E-Safety ApproachThe HIghland Council E-Safety Approach
The HIghland Council E-Safety Approach
 
Any of these folks work with you?
Any of these folks work with you?Any of these folks work with you?
Any of these folks work with you?
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
Intellectual Security, Learning for the learning industry from the Yahoo Cybe...
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || Keynote
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Digital citizenship
Digital citizenshipDigital citizenship
Digital citizenship
 
eSafety Presentation
eSafety PresentationeSafety Presentation
eSafety Presentation
 
Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525Chad olivard internet safety powerpoint presentation itc 525
Chad olivard internet safety powerpoint presentation itc 525
 
Question 1
Question 1Question 1
Question 1
 
Considerations for ICT in Learning
Considerations for ICT in Learning Considerations for ICT in Learning
Considerations for ICT in Learning
 
Making the Most out of Social Media!
Making the Most out of Social Media!Making the Most out of Social Media!
Making the Most out of Social Media!
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
 
Big Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data ModelingBig Challenges in Data Modeling: Ethical Data Modeling
Big Challenges in Data Modeling: Ethical Data Modeling
 
Digital citizenship presentation
Digital citizenship presentationDigital citizenship presentation
Digital citizenship presentation
 

Andere mochten auch

Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad TécnicaDocumentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Proyecto Red Eureka
 
Kuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple inKuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple in
Zuzan Michael Japang
 

Andere mochten auch (20)

Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)Diapositivas ruth 01 (1)
Diapositivas ruth 01 (1)
 
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
SENSUS INDUSTRI KREATIF DIGITAL KOTA MAKASSAR 2014
 
Maneras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digitalManeras de transferir conocimiento de forma digital
Maneras de transferir conocimiento de forma digital
 
Evolución del derecho colectivo
Evolución del derecho colectivoEvolución del derecho colectivo
Evolución del derecho colectivo
 
Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados Características de la Población de Quemados Adultos Hospitalizados
Características de la Población de Quemados Adultos Hospitalizados
 
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad TécnicaDocumentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
Documentación Proyecto # 62 Premios Eureka 2011 Mención Innovatividad Técnica
 
Diseño instruccional
Diseño instruccionalDiseño instruccional
Diseño instruccional
 
Alemanha
AlemanhaAlemanha
Alemanha
 
5.guia amplificacion y reduccion
5.guia amplificacion y reduccion5.guia amplificacion y reduccion
5.guia amplificacion y reduccion
 
Desforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatríaDesforramiento de extremidades inferiores en pediatría
Desforramiento de extremidades inferiores en pediatría
 
IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00) IPOs from the "Tech Bubble" ('99 - '00)
IPOs from the "Tech Bubble" ('99 - '00)
 
Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule Colaboración en Revista médica del Maule
Colaboración en Revista médica del Maule
 
Microencapsulation presentation
Microencapsulation presentationMicroencapsulation presentation
Microencapsulation presentation
 
TECNOLOGÍA DE SELLADO DE VASOS
TECNOLOGÍA DE SELLADO DE VASOSTECNOLOGÍA DE SELLADO DE VASOS
TECNOLOGÍA DE SELLADO DE VASOS
 
Kuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple inKuliah 2 teori otak triune teori split brain dan multiple in
Kuliah 2 teori otak triune teori split brain dan multiple in
 
Introduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfortIntroduction to Phase Change Materials #PSBPcomfort
Introduction to Phase Change Materials #PSBPcomfort
 
Manejo de paciente quemado
Manejo de paciente quemadoManejo de paciente quemado
Manejo de paciente quemado
 
La Evaluacion en el Aula
La Evaluacion en el AulaLa Evaluacion en el Aula
La Evaluacion en el Aula
 
Electroplating
ElectroplatingElectroplating
Electroplating
 
STS Resume DEC 3
STS Resume DEC 3STS Resume DEC 3
STS Resume DEC 3
 

Ähnlich wie TIES 2013 Education Technology Conference

People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
Evan Francen
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online security
Paul Berryman
 
In Class Learning Activity
In Class Learning ActivityIn Class Learning Activity
In Class Learning Activity
guest09fcd1
 

Ähnlich wie TIES 2013 Education Technology Conference (20)

People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
Common ethical issues
Common ethical issuesCommon ethical issues
Common ethical issues
 
Data Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a PositiveData Protection – How Not to Panic and Make it a Positive
Data Protection – How Not to Panic and Make it a Positive
 
Online safety Ofsted 2015
Online safety Ofsted 2015Online safety Ofsted 2015
Online safety Ofsted 2015
 
Information Security & Manufacturing
Information Security & ManufacturingInformation Security & Manufacturing
Information Security & Manufacturing
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online security
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1Slide Deck - CISSP Mentor Program Class Session 1
Slide Deck - CISSP Mentor Program Class Session 1
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
 
Assessing Your security
Assessing Your securityAssessing Your security
Assessing Your security
 
Esafety for Ofsted
Esafety for OfstedEsafety for Ofsted
Esafety for Ofsted
 
In Class Learning Activity
In Class Learning ActivityIn Class Learning Activity
In Class Learning Activity
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
 
Managing Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceManaging Risk or Reacting to Compliance
Managing Risk or Reacting to Compliance
 
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
ET 509 Portfolio Assignment Internet Safety PPT Presentation for Staff Profes...
 
Group1 Ppt
Group1 PptGroup1 Ppt
Group1 Ppt
 
ISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security cultureISACA talk - cybersecurity and security culture
ISACA talk - cybersecurity and security culture
 
Online Safety
Online SafetyOnline Safety
Online Safety
 

Mehr von Evan Francen

Mehr von Evan Francen (17)

WANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemWANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language Problem
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware Dallas
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk Effectively
 
Step Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksStep Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party Risks
 
Simple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment FraudSimple Training for Information Security and Payment Fraud
Simple Training for Information Security and Payment Fraud
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017
 
AFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionAFCOM - Information Security State of the Union
AFCOM - Information Security State of the Union
 
Mobile Information Security
Mobile Information SecurityMobile Information Security
Mobile Information Security
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environment
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance World
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a Leader
 
FRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByFRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) By
 
Meaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk Analysis
 
An Introduction to Information Security
An Introduction to Information SecurityAn Introduction to Information Security
An Introduction to Information Security
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Kürzlich hochgeladen (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

TIES 2013 Education Technology Conference

  • 1. With respect to information security
  • 2. Topics  Introduction  Is K-12 Doing What We Should?  Protecting Private Data  Preparing Kids Well  You probably came to see something cool  Let‟s Work Together
  • 3. Introduction – Evan Francen • Co-founder of FRSecure • Information security expert with 20 years of experience • Areas of expertise include information security governance, risk management, social engineering, compliance, and the things nobody else likes to do • Information security evangelist • Nickname is “the truth”
  • 4. Introduction – About FRSecure • Information Security is all we do… • Methodologies; we create and use a ton of „em • Project Leaders all have 15+ years of experience • Transparent; we value knowledge transfer • Product agnostic means we can more easily serve your needs without conflict
  • 5. Protecting Private Data • Types of data that K-12 is responsible for • Types of people using our technology How are we doing?
  • 7. Since 2005, there have been 716 breaches of educational institutions involving more than 13 million private records* (Source: Privacy Rights Clearinghouse - https://www.privacyrights.org/databreach/new) These are the breaches that we know about
  • 8. Protecting Private Data • People are the greatest risk • We can‟t fix people with technology How comfortable are you with the mundane? (people want the new cool thing, but how “cool” is policy?)
  • 9. Protecting Private Data – Three Things Every school should do these three things well. • Information security governance • Information security training & awareness • Information security incident response How comfortable are you with the mundane?
  • 10. Protecting Private Data – Three Things Every school should do these three things well. Information security governance – what are the rules? • Management commitment • Information security policies • Information security processes How comfortable are you with the mundane?
  • 11. Protecting Private Data – Three Things Every school should do these three things well. Information security training & awareness – people need to know the rules • Training & awareness are two separate, but related initiatives • Training – teaching the audience how to do something specific • Awareness – keeping a specific topic “top of mind” How comfortable are you with the mundane?
  • 12. Protecting Private Data – Three Things Every school should do these three things well. Information security incident response – what do you do if someone breaks the rules or if the rules are ineffective? • If you don‟t know of an incident, it doesn‟t mean that one hasn‟t happened • Incident response should be a formalized, step-by-step process • An incident doesn‟t mean a breach How comfortable are you with the mundane?
  • 13. Protecting Private Data – Three Things Common deficiencies Information security governance • Everybody seems to think that information security is an IT issue • If a school has policies, they are often ineffective and critical processes are sometimes missed • Compliance is not measured and/or enforced How comfortable are you with the mundane?
  • 14. Protecting Private Data – Three Things Common deficiencies Information security training & awareness • There isn‟t a formal training & awareness program • People assume that there‟s common sense • Training is confused with awareness or vice versa How comfortable are you with the mundane?
  • 15. Preparing Kids Well For a career in information security We have a huge shortage of good information security professionals, and the problem is only expected to get worse.
  • 16. Preparing Kids Well For a career in information security
  • 17. Preparing Kids Well For a career in information security • Is there an opportunity to teach the kids real-world information security skills in the classroom? • Is there an opportunity to teach the kids real-world information security skills after school?
  • 18. Preparing Kids Well For life • Are the kids taught about identity theft and how to protect themselves? • Are the kids taught about regulatory compliance, policies, password management, etc.?
  • 19. Preparing Kids Well Opportunity FRSecure is very willing and able to work with K-12 to help • Can we develop courses for the students? • Can we develop after school activities for students? How about a “Hacking Club”?
  • 20. You probably came to see something cool Didn‟t you? Pretty basic, but still pretty cool. 1. ARP poisoning for passwords 2. Bypassing Website filtering
  • 21. You probably came to see something cool ARP Poisoning We use ARP poisoning to audit networks, the bad guys use it to steal passwords. Using Cain & Abel Want step-by-step instructions? Give me your business card and I‟ll email you.
  • 22. You probably came to see something cool Bypassing your Web filtering Works (almost) all the time. Using Tor Want step-by-step instructions? Give me your business card and I‟ll email you.
  • 23. Let’s work together! FRSecure exists to solve difficult information security challenges with our clients & friends. We don’t have to do business together in order to work together. Two things: 1. Helping you secure your information 2. Helping equip students
  • 24. Questions? FRSecure 141 West Main Street Waconia, MN 55387 Evan Francen – evan@frsecure.com