SlideShare ist ein Scribd-Unternehmen logo

ProTom Cyber Hygiene

Als PPTX, PDF herunterladen
S
Sam Skip Sailors
1 von 32
Cyber Con 2016
Hackersare getting more Sophisticated… and more Effective! “Stay secure my friends!” • Cyber Security is a individual problem, not a technical problem – you have to solve it as one • Hackers run successful international enterprises, leveraging an agile and adaptable business model • They benefit from your lack of attention to cyber security and poor investment in protecting your data – the statistics say it’s working for them – and not for us • They train to hack you for a living – that’s all they do and they’re very good at it • You train in running your lifestyle and not in protecting it – they win
Map of the Internet No borders Who’s laws apply? Where is that web server? Where did that email come from?
Purpose Criminal Penalties Criminal provisions HITECH - Harsher Financial Penalties Healthcare information is extremely valuable!
“When you upload…you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works…communicate, publish, publically perform, publically display, and distribute…”
HACKERS use “Brute- Force” Password Crackers • Bad passwords • Good passwords • Cracked 2700 “bad” passwords in 30 seconds • Crack Program ran for 48 hours more and did not crack the 250 remaining “good” passwords
Good and Bad Passwords BAD: OK: BEST: Reduce your risk: Use two-factor authentication Use a Password Manager: Last Pass 3.0 Dashlane 3 Intuitive Password 2.9
• “click here” emails Personal Associate Connections Social Engineering: “Urgent Game Change! Please see Tommy's new soccer schedule!! Download the .pdf!”
www.wsgmd.com Would you click here?
Link from Facebook orTwitter “READTHIS!” Link to HACKER site Malicious Software Private Information
JP Morgan Chase hacker got customer emails – “76 million households” and “7 million small businesses” Chase Instructions to Clients the week after: 1. Change online and mobile app passwords 2. Watch accounts like a hawk…use text alerts. 3. If you notice unusual activity, contact bank immediately and request new debit or credit card. 4. You’re likely to get email supposedly coming from Chase. If you get any email that asks you to click a link or download a file, it's a scam just delete it.
• Fake emails seeking to get credentials • Financial assets: 76% of targets • Targeted by individual name • Just at Work???? Red Flag Words: account locked, suspended, verification required, suspicious transaction, protect your computer, funds due to you Source: Symantec study 2007 Countermeasure: • Don’t click on emailed links and attachments • ONE careless person can compromise the whole family • Keep a careful eye on the email address, look for swapped letters • Pay attention to misspellings in the email body – could be an indicator • Don’t remove visible extensions in settings • Pass – code or 2 factor verification before clicking or sending a link
Q7BS8 linksys cisco HP-Print LP292 Valarie’s Guest Network <none>
Home WPA2 And MAC address filtering Check to see who is connected Bad 1 • Connects to your wireless network • Consumes your bandwidth Bad 2 • Connects to your wireless network • Watches your network traffic • Sniffs passwords when possible
Only 63% of polled Americans maintain updated Anti-Virus and Firewall settings at homeannual Travelers Consumer Risk Index
“Who are you talking to?” Net Nanny WebWatcher McAfee Safe Eyes Countermeasure: • Supervision • Filtering Software • Managed user accounts • GET THEM INVOLVED
Countermeasure: • Use an online profile vs a real life profile • Take time to configure – avoid defaults • Check “Location” permissions • Keep personal information personal • Be aware of PII surveys and posts • Know what action to take if you see abuse • Know who your friends are and manage your friends list • Be honest if you’re uncomfortable
Countermeasure: • Use a pre-paid cc for online purchases • Check for https • PayPal?? • Careful consideration during high traffic shopping days
Free wifi is cool!
What can go wrong? “Starbucks” “Free-airport-wifi” Rogue Hotspot Hacker intercepts your data Recent FBI / InfraGard briefing provided strong insights into “Free Wifi” spots in San Diego County!
Countermeasure: • Use cell phone network for sensitive data • 3g, 4g, LTE • Make sure to turn BT and WiFi off when not needed!
many products are not securable by architecture – who is wearing a smart watch?
Sales@LP3.com www.LP3-SecurIT.com www.ProtectingTomorrow.org “Striking the critical balance between protection and performance”
Thankyou! From the LP3 family of companies and divisions!

Empfohlen

Cửa cuốn trong suốt
Cửa cuốn trong suốtCửa cuốn trong suốt
Cửa cuốn trong suốthttp://songviet-jsc.com/
 
Guida alla creazione di un nuovo profilo per la prova colore
Guida alla creazione di un nuovo profilo per la prova coloreGuida alla creazione di un nuovo profilo per la prova colore
Guida alla creazione di un nuovo profilo per la prova coloreLeonardo Saponti
 
Midnight Rollers
Midnight RollersMidnight Rollers
Midnight RollersYessicaavella15
 
Bill ackman's Herbalife Presentation
Bill ackman's Herbalife PresentationBill ackman's Herbalife Presentation
Bill ackman's Herbalife PresentationTal Ziv
 
Brochure ORIS Flexpack 2016
Brochure ORIS Flexpack 2016Brochure ORIS Flexpack 2016
Brochure ORIS Flexpack 2016Leonardo Saponti
 
Bullying in ecuador
Bullying in ecuadorBullying in ecuador
Bullying in ecuadorTomas Molina
 
Gerencia de proyectos de tecnología educativa
Gerencia de proyectos de tecnología educativaGerencia de proyectos de tecnología educativa
Gerencia de proyectos de tecnología educativaJorge Alexander Gallego
 
Cửa cuốn công nghệ đức
Cửa cuốn công nghệ đứcCửa cuốn công nghệ đức
Cửa cuốn công nghệ đứchttp://songviet-jsc.com/
 

Empfohlen

Cửa cuốn trong suốt
Cửa cuốn trong suốtCửa cuốn trong suốt
Cửa cuốn trong suốthttp://songviet-jsc.com/
 
Guida alla creazione di un nuovo profilo per la prova colore
Guida alla creazione di un nuovo profilo per la prova coloreGuida alla creazione di un nuovo profilo per la prova colore
Guida alla creazione di un nuovo profilo per la prova coloreLeonardo Saponti
 
Midnight Rollers
Midnight RollersMidnight Rollers
Midnight RollersYessicaavella15
 
Bill ackman's Herbalife Presentation
Bill ackman's Herbalife PresentationBill ackman's Herbalife Presentation
Bill ackman's Herbalife PresentationTal Ziv
 
Brochure ORIS Flexpack 2016
Brochure ORIS Flexpack 2016Brochure ORIS Flexpack 2016
Brochure ORIS Flexpack 2016Leonardo Saponti
 
Bullying in ecuador
Bullying in ecuadorBullying in ecuador
Bullying in ecuadorTomas Molina
 
Gerencia de proyectos de tecnología educativa
Gerencia de proyectos de tecnología educativaGerencia de proyectos de tecnología educativa
Gerencia de proyectos de tecnología educativaJorge Alexander Gallego
 
Cửa cuốn công nghệ đức
Cửa cuốn công nghệ đứcCửa cuốn công nghệ đức
Cửa cuốn công nghệ đứchttp://songviet-jsc.com/
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Weitere ähnliche Inhalte

Empfohlen

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Empfohlen (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

ProTom Cyber Hygiene

  • 2.
  • 3. Hackersare getting more Sophisticated… and more Effective! “Stay secure my friends!” • Cyber Security is a individual problem, not a technical problem – you have to solve it as one • Hackers run successful international enterprises, leveraging an agile and adaptable business model • They benefit from your lack of attention to cyber security and poor investment in protecting your data – the statistics say it’s working for them – and not for us • They train to hack you for a living – that’s all they do and they’re very good at it • You train in running your lifestyle and not in protecting it – they win
  • 4.
  • 5. Map of the Internet No borders Who’s laws apply? Where is that web server? Where did that email come from?
  • 6.
  • 7. Purpose Criminal Penalties Criminal provisions HITECH - Harsher Financial Penalties Healthcare information is extremely valuable!
  • 8.
  • 9. “When you upload…you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works…communicate, publish, publically perform, publically display, and distribute…”
  • 10. HACKERS use “Brute- Force” Password Crackers • Bad passwords • Good passwords • Cracked 2700 “bad” passwords in 30 seconds • Crack Program ran for 48 hours more and did not crack the 250 remaining “good” passwords
  • 11. Good and Bad Passwords BAD: OK: BEST: Reduce your risk: Use two-factor authentication Use a Password Manager: Last Pass 3.0 Dashlane 3 Intuitive Password 2.9
  • 12. • “click here” emails Personal Associate Connections Social Engineering: “Urgent Game Change! Please see Tommy's new soccer schedule!! Download the .pdf!”
  • 14.
  • 15. Link from Facebook orTwitter “READTHIS!” Link to HACKER site Malicious Software Private Information
  • 16.
  • 17. JP Morgan Chase hacker got customer emails – “76 million households” and “7 million small businesses” Chase Instructions to Clients the week after: 1. Change online and mobile app passwords 2. Watch accounts like a hawk…use text alerts. 3. If you notice unusual activity, contact bank immediately and request new debit or credit card. 4. You’re likely to get email supposedly coming from Chase. If you get any email that asks you to click a link or download a file, it's a scam just delete it.
  • 18. • Fake emails seeking to get credentials • Financial assets: 76% of targets • Targeted by individual name • Just at Work???? Red Flag Words: account locked, suspended, verification required, suspicious transaction, protect your computer, funds due to you Source: Symantec study 2007 Countermeasure: • Don’t click on emailed links and attachments • ONE careless person can compromise the whole family • Keep a careful eye on the email address, look for swapped letters • Pay attention to misspellings in the email body – could be an indicator • Don’t remove visible extensions in settings • Pass – code or 2 factor verification before clicking or sending a link
  • 19.
  • 20.
  • 22. Home WPA2 And MAC address filtering Check to see who is connected Bad 1 • Connects to your wireless network • Consumes your bandwidth Bad 2 • Connects to your wireless network • Watches your network traffic • Sniffs passwords when possible
  • 23. Only 63% of polled Americans maintain updated Anti-Virus and Firewall settings at homeannual Travelers Consumer Risk Index
  • 24. “Who are you talking to?” Net Nanny WebWatcher McAfee Safe Eyes Countermeasure: • Supervision • Filtering Software • Managed user accounts • GET THEM INVOLVED
  • 25. Countermeasure: • Use an online profile vs a real life profile • Take time to configure – avoid defaults • Check “Location” permissions • Keep personal information personal • Be aware of PII surveys and posts • Know what action to take if you see abuse • Know who your friends are and manage your friends list • Be honest if you’re uncomfortable
  • 26. Countermeasure: • Use a pre-paid cc for online purchases • Check for https • PayPal?? • Careful consideration during high traffic shopping days
  • 27. Free wifi is cool!
  • 28. What can go wrong? “Starbucks” “Free-airport-wifi” Rogue Hotspot Hacker intercepts your data Recent FBI / InfraGard briefing provided strong insights into “Free Wifi” spots in San Diego County!
  • 29. Countermeasure: • Use cell phone network for sensitive data • 3g, 4g, LTE • Make sure to turn BT and WiFi off when not needed!
  • 30. many products are not securable by architecture – who is wearing a smart watch?
  • 32. Thankyou! From the LP3 family of companies and divisions!