SlideShare ist ein Scribd-Unternehmen logo

I’ve Been Hacked  The Essential Steps to Take Next

Als PPTX, PDF herunterladen
Brian Pichman
Brian Pichman

Brian Pichman provides guidance on steps to take after a hack or data breach for both individuals and organizations. For organizations, key steps include communicating with impacted parties, investigating the scope of the incident, resolving vulnerabilities, and preventing future attacks. For individuals, important actions are changing passwords, monitoring accounts for suspicious activity, and being aware of best security practices. Moving forward, organizations and individuals should focus on training, policy enforcement, and purchasing cyber insurance to mitigate risks.

Bildung
1 von 61
I’ve Been Hacked The Essential Steps to Take Next BRIAN PICHMAN | EVOLVE PROJECT
 Description: It happens. A place you shop at frequently gets its data stolen. Someone was able to get access to one of your accounts. Or a system you manage gets compromised. Either way, it is important to be prepared ahead of time before the worst happens. Join Brian Pichman as he helps you put a proactive plan in place and what to do after you or your organization has been hacked.
Myths  I’m not worth being attacked.  Hackers won’t guess my password.  I have anti-virus software.  I’ll know if I been compromised.
Understanding Breaches and Hacks  A hack involves a person or group to gain authorized access to a protected computer or network  A breach typically indicates a release of confidential data (including those done by accident)  Both of these require different responses if breaches/hacks occur.
Agenda  General Terms and understanding impact.  What you (as a organization) should do if you’re hacked or compromised*  What you (as a person) should do if you’re hacked or compromised.  Protecting yourself from future attacks *Always seek legal advice before moving forward on any action – from how you communicate to what parties you involve during a breach.
Terms to Know  BYOD – Bring Your Own Device  The idea that an IT environment allows people to connect their own personal devices to the network and utilize resources such as internet, file shares, servers, etc.  This is a RISK because those personal devices can be infected with viruses, might not be secure, or contain software that do damage to your organization.  CIA –Confidentiality, Integrity and Availability  Frequently called to as the CIA triad - including three fundamental principles of information security.  ‘confidentiality’ describes the need for information to be accessible only to those that are allowed to view or access it  ‘integrity’ is the promise that the information is trustworthy and accurate  ‘availability’ is a guarantee of information being available to those users that require it, when they require it.
More Terms to Know…  Encryption  Using an algorithm and a secret code, you can “scramble” data to make it unreadable…unless you have the “secret code” or “key”.  Web browsers will encrypt text automatically when connected to a secure server, as indicated by a web address beginning with https.  Worm  A malicious program that replicates itself over a computer network…and waits to show its malicious intent.  Bots / Zombies  When an infected machine is used to run processes, access websites, or remotely controlled to do something the owner is unaware of or cannot control.  Sniffing  A tool that can be used by a hacker to steal information off a network, and is increasingly used for the purpose of stealing a user’s password or credit card number  Security Audit  Identifying access control, encryption, intrusion detection systems, and monitoring account creation or server activity.
Assets + Threat + Vulnerability = Risk  Asset – People, property, and information  An asset is is something to protect  Threat – Anything that can intentionally or accidentally, and obtain, damage, or destroy an asset.  A threat is what you protect against.  Vulnerability – Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.  A vulnerability is a weakness or gap in our protection efforts.  Risk – The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability.  You can never remove all risk – only mitigate.  Risk is a function of threats exploiting vulnerabilities to obtain, damage or destroy assets.  Thus, threats (actual, conceptual, or inherent) may exist, but if there are no vulnerabilities then there is little/no risk.  You have threat for the building catching on fire – however you’re asset is located in a fire safe.  You can have a vulnerability- but if you have no threat - then you have little/no risk.  You have a security system that doesn’t operate at low temperatures but you live in California.
Why do People Attack?  Financial Gain  Stocks  Getting Paid  Selling of information  Data Theft  For a single person  For a bundle of people  Just Because  Malicious
Examples of Hacks/Breaches  An employee/family member allows a hacker to access their machine through:  Email Attachments  Social Engineering  Walking away from their computer unattended  An employee/family member sends information to someone thinking they are someone else  “Hi, I’m the CFO assistant, he needs me to collect all the W2s”  Or more intrusive –  There is an attack on a database or server that then allowed a hacker in (SQL Injection)  There is a brute force attack or someone guessed the password on a key admin account, on servers/networks, etc.
The Costs Of Breaches  This year’s study found the average consolidated total cost of a data breach is 9.4 million dollars [IBM 2022 ibm.com/reports/data-breach  Data Breached Companies Experience…  People lose faith in your brand  Loss in business  Financial Costs  Government Requirements, Penalties, Fees, etc.  Sending of Notifications  Payment of Identity Protection or repercussions. https://betanews.com/2016/02/10/the-economic-cost-of-being-hacked/
What People Pay For Your Data
You as a Organization - Obligations  You are obligated to protect the data and privacy of:  Employees  Customers  Business Partners/Vendors/Etc.  Sometimes, we forget we house a lot of personal and identifying information about our employees and customers.  Employees Social/Payroll/HR  Customer Records/Accounts/History  What employees/customers are accessing on the web  A sniffing tool, key logger, or fake DNS redirects can monitor not only the sites people are accessing but what they use for their username / password
Steps – Communication and Speed!  Communicate  People will ask “How long did you know XYZ happened” - know this information before communicating to them an attack occurred.  If you discover a breach, hack, or any other compromise that may have the impact of data being stolen or viewed, you MUST communicate quickly and effectively.  While every scenario is different and has different factors – groups that move faster with the information they know (as soon as they know it) they are generally better off long term (ie don’t’ wait months as you “investigate” the issue. Give people time to protect themselves)  Don’t over communicate and have one spokesperson  Be clear and concise. Too many details can be harmful.
Other Points on Communication  Once you know a breach has occurred, by law you are required to inform customers if their data has been compromised.  Some states have deadlines of when the announcement has to be made  Every impacted person must be told that a data breach has occurred, when it occurred, and what kind of information was compromised.  Answer: what are you doing to provide a remedy and should they do  (next slide)
what are you doing to provide a remedy and should they do You as the Organization  Build a website with information about the breach  Offer a Toll Free number people to call in for questions  If the possibility of social information provide contact information for Equifax, Experian and Transunion, and the quick links for fraud protection. Them as Impacted Parties  Fraud Protection (if necessary)  Request them to change their passwords if their password was compromised  Highlight if they use this password on OTHER sites to change those passwords too
Step 2 - Investigate  You will most likely need to hire an outside cyber security firm – they have the tools and resources to track what might have been stolen and who stole it.  Solve which computers and accounts were compromised, which data was accessed (viewed) or stolen (copied) and whether any other parties – such as clients, customers, business partners, users, employees. Was the stolen data encrypted or unencrypted?  Also involve folks from the people you pay for services (depending on where the breach occurred) such as ISPs, Web Hosting Providers, Security Software, Firewall Vendors, etc.  Contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance
Step 3 – More Communication and Follow Up  If you notify more than 500 impacted people from a breach, many states will also require you to file a notice with your state attorney general’s office.  HIPPA, FERPA, CIPA, and all those other scary acronyms have requirements and regulations – make sure none of those rules are violated.
Legal Stuff  There are a lot of laws that help a certain level of security standards. The landscape of these laws is evolving as the level of threats increase.  There is compliance standards that organizations should reach for security as well – as a precaution and preventive measure to mitigate risk.  The ISO/IEC 27000 family of standards helps organizations keep information assets secure.  https://www.iso.org/isoiec-27001- information-security.html
 CIPA - Children's Internet Protection Act  The Children's Internet Protection Act (CIPA) requires that K–12 schools and libraries in the United States use Internet filters and implement other measures to protect children from harmful online content as a condition for federal funding  SOX - Sarbanes–Oxley Act  CEO and CFO of publicly traded companies to certify the effectiveness of their organization's internal controls as they relate to the accuracy of financial information and maintaining records of financial data.  FERPA – Family Education Rights and Privacy Act  Federal law that protects students’ educational records from public and third party exposure. Failure to meet these demands will result in loosing federal funding.  HIPPA – Health Insurance Portability and Accountability Act  Act that requires employers, insurance plans, and healthcare providers to setting up physical and technical security  PCI-DSS - Payment Card Industry Data Security Standard  PCI compliance regulations require anyone who store, process, or transmit credit card information to protect cardholder data regardless of its location.  FISMA – Federal Information Security Management Act  This act recognized the information security as matters of national security. Thus, it mandates that all federal agencies develop a method of protecting the information systems.
Step 4 Solve It  Through the investigation and hiring of consultants and engagement of local/state/federal groups – find out what happened and how to prevent it from happening again  Removing infected computers or servers (if it was from a virus/malware)  Consider reformatting hacked computers and restoring data with clean backups or replacements  Removing access from the outside world to your network (or specific applications)  If the breach occurred because of non patch system or software – patch it, then put a policy in place to check patches.  If the breach was done through a stolen or weak passwords, secure those accounts and set new, complex passwords that will be hard to crack.  Communicate the resolution to the users impacted
Repercussions  Depending on the severity of the hack and type of hack you may:  Need to pay a fine/penalty from a governing body if it was because of lack of security or no reasonable efforts to defend users data  Pay for identity protection for those impacted users (usually at least a year)  Pay a settlement
Moving Forward / Prevention  Make sure your security defenses are running properly and that data is being backed up securely.  You should run activity logs and tracking on all network devices and public facing servers. These logs should be checked and monitored for unwanted access or sudden activity.  Follow up with vendors to see what they are doing to protect your/their data – and share with customers best practices for their own security (like strong passwords).  Create a disaster recovery plan and train employees so everyone can respond quickly and calmly if they know of an attack or see something that could be indicative of being attacked.
cyber-insurance  Policies can be purchased from most major insurance carriers for between $5,000 and $10,000 per $1 million in protection.  Policies will generally cover:  Legal Fees  Forensic Fees  Costs for providing customer credit monitoring for those impacted  Any court costs related to civil litigation and class actions.  Some policies include access to portals/support so if and when an attack occurs, you can get guidance and support on what to do.
Training for Staff  Not installing software on the machine  You could put secure rules in place to prevent installations  Not opening attachments or clicking on links from senders you don’t recognize.  Teach staff that IT support will only email communications in a specific template from a specific address. Any other emailing claiming to be “IT” isn’t them.  Have staff either take an assessment after training and/or sign a document agreeing to practice best practices for security.  Simulate attacks with tools like KnowBe4  Checking Non-Work Related Functions (like emails) – caution users from accessing personal email or personal information while at work – as the IT team will not be monitoring that email for malicious messages.
You – As A Person (If Infected Machine)  If you think you infected your machine (through an email, virus, etc)  Disconnect it from the internet.  Immediately shut down the computer  If you notice an odd message take a photo first so an IT person (or you) could do more research  You can remove your drive from your computer and using another computer (that’s not network connected) run scans on the drive.  Depending on the severity – you may need to wipe your computer.  If this is a work computer – always inform IT Security or IT. They rather have a false alarm than an actual issue leak to the entire organization.
If Your Personal Accounts Got Hijacked  If its your personal email or social media accounts  Send an email to all your contacts letting them know (if a fake message was sent out) that it wasn’t you who sent the message and to delete it.  Change your email password.  Google will tell you what sites you have connected your Google Account too:  https://myaccount.google.com/intro/secureaccount  If it’s your work email  Inform IT / Security – and ask them the best course of action.
You Heard Of A Breach  Change Your Passwords!!  And I’m hoping you don’t use the same password for all your accounts  Do some investigatory work of your own  Do you use this username on other systems?  Check to see if other sites you use have you logging in when you haven’t  Many websites allow you to get an audit of when and where you’ve logged in. Contact those sites support pages for details.
Tips N Tricks
Your Organization  Administrative Accounts are easy to figure out if they are something like “administrator” ”root” or “power users”. At the same time, no employee should have their account as a full admin.  Instead, give them their own username for admin access (like brian.admin)  Change the default “login” pages for sites to something that’s not www.mysitename.com/login. Bots look for this and attack.  My Drupal Site login page is www.evolveproject.org/catpower  User Awareness is key to any secure organization. Teach users how to identify potential threats and how to respond quickly.  Avoid shared accounts. One account should only be used by one person.
You  Sites to protect yourself all the time (not free)  IdentiyGuard.com  LifeLock.com  Sites to monitor when breached data gets related (this is free)  Haveibeenpwned.com  Password Management Sites (like lastpass.com)  Don’t have the same password for all your sites.  Don’t write your passwords down on a post-it-note and leave it at your desk
Dual Factor Authentication  After logging in; verify login via Email, SMS, or an app with a code.
Credit Card Tools for Online Shopping  Check out Privacy.Com  https://privacy.com/join/473XB shameless plug
Other tricks for anonymity  10 Minute Email  https://10minutemail.com/10MinuteMail/index.html  Temporarily get an email box that’s anonymous and disappears after 10 minutes  Dr Cleaner (Mac) or Eraser (Win) can overwrite files on your computer with “blank” data to make file recovery near impossible.  Tools like Recuva is free software to allow you to restore deleted files.
“Cool” Hardware https://krebsonsecurity.com/2016/08/road-warriors-beware-of-video- jacking/ Be careful when plugging your device in o public USB Outlet… Either read the data on your device OR Record your screen ->
Credit Card Skimmers
Basic Tips  Accept only people you know to personal and professional accounts  Never click on links from people you don’t know.  Especially if they are using a url shortner: bit.ly, tinyurl.com, etc  https://www.urlvoid.com/ - test the website to see if its safe  https://www.site-shot.com/ get a screenshot of what will load on site  https://pagescreen.io/ another paid tool that works pretty well  If there are people claiming to be you on social media, it’s best to get your account “verified” on those social media platforms  This lets users distinguish that you’re the actual official account
Checking Your Accounts / Name Online  Use this site to check your usernames: https://namechk.com/  The next is a tool searches through your email with things you may have signed up for (I've paid for their premium service as well, not really worth it, the free does just fine) https://brandyourself.com/privacy-overview.  This tool: https://email-lookup.online/index.php searches public searches to see what links. Its similar to https://www.spokeo.com/email-search.
Your Security is as Strong As the Weakest Link
Contact Me!  Brian Pichman  Bpichman@evolveproject.org  Twitter: @bpichman  Slideshare.net/bpichman
Why have a policy? Staring Will Ferrell ….
Increases Efficiency  Having a security policy allows you to be consistent in your approach to issues and how processes should work.  It should outline how and what to do, and repeatable across your organization.  Everyone is doing XYZ the same way and on the same page.
Accountability, Discipline, and Penalties  Think of it as a contract – for legal purposes – that you have taken the steps needed to secure your organization.  Need to define penalties when violations occur. People need to know the consequences are for failure to comply – both from a legal and HR standpoint or even access permissions.  Policies and procedures provide what the expectation is and how to achieve that expectation. It should define what the consequence are for failure to adhere.
Education For Employees  By reading these policies (and signing them), it helps educate your employees (and users) the sense of ownership for assets and data.  Everything from advice on choosing the proper passwords, to providing guidelines for file transfers and data storage, internet access and rules, will help to increase employees’ overall awareness of security and how it can be strengthened
Addresses Threats and Risks  A good policy should address all threats, strategies to decrease the vulnerabilities of those threats, and how to recover if those threats became actionable.  This makes the “what do we do if someone hacks our network” a defined process already and who to call and what to do to mitigate further damage.
Access Definitions and Permissions  A good policy would outline who accesses what and why. This makes reporting a security violation easier and streamlined.  Policies are like bouncers at a night club  It states who has access to the VIP section of the club, why, and any reasons to allow entry.  Without these rules, VIP wouldn’t be really VIP.

Empfohlen

I’ve been hacked  the essential steps to take next
I’ve been hacked  the essential steps to take nextI’ve been hacked  the essential steps to take next
I’ve been hacked  the essential steps to take nextBrian Pichman
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security BriefingMarshall Frett Jr.
 

Empfohlen

I’ve been hacked  the essential steps to take next
I’ve been hacked  the essential steps to take nextI’ve been hacked  the essential steps to take next
I’ve been hacked  the essential steps to take nextBrian Pichman
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideThe Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice GuideInspiring Women
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security BriefingMarshall Frett Jr.
 
Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerceBosco Technical Training Society, Don Bosco Technical School (Aff. GGSIP University, New Delhi)
 
Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Craig Rispin
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptxMohammedYaseen638128
 
Mobile security
Mobile securityMobile security
Mobile securityTapan Khilar
 
Information security
Information securityInformation security
Information securityLaxmiprasad Bansod
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 
Data Security for Nonprofits
Data Security for NonprofitsData Security for Nonprofits
Data Security for NonprofitsNPowerCR
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
cybersecurity-101_4
cybersecurity-101_4cybersecurity-101_4
cybersecurity-101_4Pasquale Tursi
 
information, people $ threats
information, people $ threatsinformation, people $ threats
information, people $ threats07Deeps
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdfCRO Cyber Rights Organization
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDFBan Selvakumar
 
How to protect your company from cyber attacks
How to protect your company from cyber attacksHow to protect your company from cyber attacks
How to protect your company from cyber attacksCompany
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 
AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)Brian Pichman
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 

Weitere ähnliche Inhalte

Ähnlich wie I’ve Been Hacked  The Essential Steps to Take Next

Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Craig Rispin
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 
Data Security for Nonprofits
Data Security for NonprofitsData Security for Nonprofits
Data Security for NonprofitsNPowerCR
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
information, people $ threats
information, people $ threatsinformation, people $ threats
information, people $ threats07Deeps
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
How to protect your company from cyber attacks
How to protect your company from cyber attacksHow to protect your company from cyber attacks
How to protect your company from cyber attacksCompany
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 

Ähnlich wie I’ve Been Hacked  The Essential Steps to Take Next (20)

Security issue in e commerce
Security issue in e commerceSecurity issue in e commerce
Security issue in e commerce
 
Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!Security Scare - Cybersecurity & What to Do About It!
Security Scare - Cybersecurity & What to Do About It!
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
Mobile security
Mobile securityMobile security
Mobile security
 
Information security
Information securityInformation security
Information security
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdf
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptx
 
Data Security for Nonprofits
Data Security for NonprofitsData Security for Nonprofits
Data Security for Nonprofits
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
cybersecurity-101_4
cybersecurity-101_4cybersecurity-101_4
cybersecurity-101_4
 
information, people $ threats
information, people $ threatsinformation, people $ threats
information, people $ threats
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
How to protect your company from cyber attacks
How to protect your company from cyber attacksHow to protect your company from cyber attacks
How to protect your company from cyber attacks
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 

Mehr von Brian Pichman

AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)Brian Pichman
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024Brian Pichman
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024Brian Pichman
 
Community Health & Welfare: Seniors & Memory Care
Community Health & Welfare: Seniors & Memory CareCommunity Health & Welfare: Seniors & Memory Care
Community Health & Welfare: Seniors & Memory CareBrian Pichman
 
Robotics in Libraries - Education and Automation
Robotics in Libraries - Education and AutomationRobotics in Libraries - Education and Automation
Robotics in Libraries - Education and AutomationBrian Pichman
 
NCompass Live - Pretty Sweet Tech - Evolve Project
NCompass Live - Pretty Sweet Tech - Evolve ProjectNCompass Live - Pretty Sweet Tech - Evolve Project
NCompass Live - Pretty Sweet Tech - Evolve ProjectBrian Pichman
 
AI tools in Scholarly Research and Publishing
AI tools in Scholarly Research and PublishingAI tools in Scholarly Research and Publishing
AI tools in Scholarly Research and PublishingBrian Pichman
 
Tech Trends 2024 and Beyond - AI and VR and MOre
Tech Trends 2024 and Beyond - AI and VR and MOreTech Trends 2024 and Beyond - AI and VR and MOre
Tech Trends 2024 and Beyond - AI and VR and MOreBrian Pichman
 
Content Creation and Social Media Tools for Libraries
Content Creation and Social Media Tools for LibrariesContent Creation and Social Media Tools for Libraries
Content Creation and Social Media Tools for LibrariesBrian Pichman
 
Artificial Intelligence (AI) – Powering Data and Conversations.pptx
Artificial Intelligence (AI) – Powering Data and Conversations.pptxArtificial Intelligence (AI) – Powering Data and Conversations.pptx
Artificial Intelligence (AI) – Powering Data and Conversations.pptxBrian Pichman
 
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter StyleCybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter StyleBrian Pichman
 
NCompass Live: AI: The Modern Day Pandora's Box
NCompass Live: AI: The Modern Day Pandora's BoxNCompass Live: AI: The Modern Day Pandora's Box
NCompass Live: AI: The Modern Day Pandora's BoxBrian Pichman
 
Lets Chat AI - and Not Just ChatGPT
Lets Chat AI - and Not Just ChatGPTLets Chat AI - and Not Just ChatGPT
Lets Chat AI - and Not Just ChatGPTBrian Pichman
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Lets Chat AI – And Not Just ChatGPT
Lets Chat AI – And Not Just ChatGPTLets Chat AI – And Not Just ChatGPT
Lets Chat AI – And Not Just ChatGPTBrian Pichman
 
STEM Programming Ideas at the Library.pdf
STEM Programming Ideas at the Library.pdfSTEM Programming Ideas at the Library.pdf
STEM Programming Ideas at the Library.pdfBrian Pichman
 
Getting Started With Using AI In Libraries (PLAN)
Getting Started With Using AI In Libraries (PLAN)Getting Started With Using AI In Libraries (PLAN)
Getting Started With Using AI In Libraries (PLAN)Brian Pichman
 

Mehr von Brian Pichman (20)

AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)AI Coding, Tools for Building AI (TBLC AI Conference)
AI Coding, Tools for Building AI (TBLC AI Conference)
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024
 
Community Health & Welfare: Seniors & Memory Care
Community Health & Welfare: Seniors & Memory CareCommunity Health & Welfare: Seniors & Memory Care
Community Health & Welfare: Seniors & Memory Care
 
Robotics in Libraries - Education and Automation
Robotics in Libraries - Education and AutomationRobotics in Libraries - Education and Automation
Robotics in Libraries - Education and Automation
 
NCompass Live - Pretty Sweet Tech - Evolve Project
NCompass Live - Pretty Sweet Tech - Evolve ProjectNCompass Live - Pretty Sweet Tech - Evolve Project
NCompass Live - Pretty Sweet Tech - Evolve Project
 
AI tools in Scholarly Research and Publishing
AI tools in Scholarly Research and PublishingAI tools in Scholarly Research and Publishing
AI tools in Scholarly Research and Publishing
 
Tech Trends 2024 and Beyond - AI and VR and MOre
Tech Trends 2024 and Beyond - AI and VR and MOreTech Trends 2024 and Beyond - AI and VR and MOre
Tech Trends 2024 and Beyond - AI and VR and MOre
 
Content Creation and Social Media Tools for Libraries
Content Creation and Social Media Tools for LibrariesContent Creation and Social Media Tools for Libraries
Content Creation and Social Media Tools for Libraries
 
Artificial Intelligence (AI) – Powering Data and Conversations.pptx
Artificial Intelligence (AI) – Powering Data and Conversations.pptxArtificial Intelligence (AI) – Powering Data and Conversations.pptx
Artificial Intelligence (AI) – Powering Data and Conversations.pptx
 
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter StyleCybersecurity - Defense Against The Dark Arts Harry Potter Style
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
 
40 Day Challenge
40 Day Challenge40 Day Challenge
40 Day Challenge
 
NCompass Live: AI: The Modern Day Pandora's Box
NCompass Live: AI: The Modern Day Pandora's BoxNCompass Live: AI: The Modern Day Pandora's Box
NCompass Live: AI: The Modern Day Pandora's Box
 
Lets Chat AI - and Not Just ChatGPT
Lets Chat AI - and Not Just ChatGPTLets Chat AI - and Not Just ChatGPT
Lets Chat AI - and Not Just ChatGPT
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
CES 2023
CES 2023CES 2023
CES 2023
 
Lets Chat AI – And Not Just ChatGPT
Lets Chat AI – And Not Just ChatGPTLets Chat AI – And Not Just ChatGPT
Lets Chat AI – And Not Just ChatGPT
 
STEM Programming Ideas at the Library.pdf
STEM Programming Ideas at the Library.pdfSTEM Programming Ideas at the Library.pdf
STEM Programming Ideas at the Library.pdf
 
Getting Started With Using AI In Libraries (PLAN)
Getting Started With Using AI In Libraries (PLAN)Getting Started With Using AI In Libraries (PLAN)
Getting Started With Using AI In Libraries (PLAN)
 

Kürzlich hochgeladen

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 

Kürzlich hochgeladen (20)

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 

I’ve Been Hacked  The Essential Steps to Take Next

  • 1. I’ve Been Hacked The Essential Steps to Take Next BRIAN PICHMAN | EVOLVE PROJECT
  • 2.  Description: It happens. A place you shop at frequently gets its data stolen. Someone was able to get access to one of your accounts. Or a system you manage gets compromised. Either way, it is important to be prepared ahead of time before the worst happens. Join Brian Pichman as he helps you put a proactive plan in place and what to do after you or your organization has been hacked.
  • 3.
  • 4. Myths  I’m not worth being attacked.  Hackers won’t guess my password.  I have anti-virus software.  I’ll know if I been compromised.
  • 5. Understanding Breaches and Hacks  A hack involves a person or group to gain authorized access to a protected computer or network  A breach typically indicates a release of confidential data (including those done by accident)  Both of these require different responses if breaches/hacks occur.
  • 6. Agenda  General Terms and understanding impact.  What you (as a organization) should do if you’re hacked or compromised*  What you (as a person) should do if you’re hacked or compromised.  Protecting yourself from future attacks *Always seek legal advice before moving forward on any action – from how you communicate to what parties you involve during a breach.
  • 7. Terms to Know  BYOD – Bring Your Own Device  The idea that an IT environment allows people to connect their own personal devices to the network and utilize resources such as internet, file shares, servers, etc.  This is a RISK because those personal devices can be infected with viruses, might not be secure, or contain software that do damage to your organization.  CIA –Confidentiality, Integrity and Availability  Frequently called to as the CIA triad - including three fundamental principles of information security.  ‘confidentiality’ describes the need for information to be accessible only to those that are allowed to view or access it  ‘integrity’ is the promise that the information is trustworthy and accurate  ‘availability’ is a guarantee of information being available to those users that require it, when they require it.
  • 8. More Terms to Know…  Encryption  Using an algorithm and a secret code, you can “scramble” data to make it unreadable…unless you have the “secret code” or “key”.  Web browsers will encrypt text automatically when connected to a secure server, as indicated by a web address beginning with https.  Worm  A malicious program that replicates itself over a computer network…and waits to show its malicious intent.  Bots / Zombies  When an infected machine is used to run processes, access websites, or remotely controlled to do something the owner is unaware of or cannot control.  Sniffing  A tool that can be used by a hacker to steal information off a network, and is increasingly used for the purpose of stealing a user’s password or credit card number  Security Audit  Identifying access control, encryption, intrusion detection systems, and monitoring account creation or server activity.
  • 9. Assets + Threat + Vulnerability = Risk  Asset – People, property, and information  An asset is is something to protect  Threat – Anything that can intentionally or accidentally, and obtain, damage, or destroy an asset.  A threat is what you protect against.  Vulnerability – Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.  A vulnerability is a weakness or gap in our protection efforts.  Risk – The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability.  You can never remove all risk – only mitigate.  Risk is a function of threats exploiting vulnerabilities to obtain, damage or destroy assets.  Thus, threats (actual, conceptual, or inherent) may exist, but if there are no vulnerabilities then there is little/no risk.  You have threat for the building catching on fire – however you’re asset is located in a fire safe.  You can have a vulnerability- but if you have no threat - then you have little/no risk.  You have a security system that doesn’t operate at low temperatures but you live in California.
  • 10. Why do People Attack?  Financial Gain  Stocks  Getting Paid  Selling of information  Data Theft  For a single person  For a bundle of people  Just Because  Malicious
  • 11. Examples of Hacks/Breaches  An employee/family member allows a hacker to access their machine through:  Email Attachments  Social Engineering  Walking away from their computer unattended  An employee/family member sends information to someone thinking they are someone else  “Hi, I’m the CFO assistant, he needs me to collect all the W2s”  Or more intrusive –  There is an attack on a database or server that then allowed a hacker in (SQL Injection)  There is a brute force attack or someone guessed the password on a key admin account, on servers/networks, etc.
  • 12.
  • 13.
  • 14. The Costs Of Breaches  This year’s study found the average consolidated total cost of a data breach is 9.4 million dollars [IBM 2022 ibm.com/reports/data-breach  Data Breached Companies Experience…  People lose faith in your brand  Loss in business  Financial Costs  Government Requirements, Penalties, Fees, etc.  Sending of Notifications  Payment of Identity Protection or repercussions. https://betanews.com/2016/02/10/the-economic-cost-of-being-hacked/
  • 15.
  • 16.
  • 17. What People Pay For Your Data
  • 18.
  • 19.
  • 20. You as a Organization - Obligations  You are obligated to protect the data and privacy of:  Employees  Customers  Business Partners/Vendors/Etc.  Sometimes, we forget we house a lot of personal and identifying information about our employees and customers.  Employees Social/Payroll/HR  Customer Records/Accounts/History  What employees/customers are accessing on the web  A sniffing tool, key logger, or fake DNS redirects can monitor not only the sites people are accessing but what they use for their username / password
  • 21. Steps – Communication and Speed!  Communicate  People will ask “How long did you know XYZ happened” - know this information before communicating to them an attack occurred.  If you discover a breach, hack, or any other compromise that may have the impact of data being stolen or viewed, you MUST communicate quickly and effectively.  While every scenario is different and has different factors – groups that move faster with the information they know (as soon as they know it) they are generally better off long term (ie don’t’ wait months as you “investigate” the issue. Give people time to protect themselves)  Don’t over communicate and have one spokesperson  Be clear and concise. Too many details can be harmful.
  • 22. Other Points on Communication  Once you know a breach has occurred, by law you are required to inform customers if their data has been compromised.  Some states have deadlines of when the announcement has to be made  Every impacted person must be told that a data breach has occurred, when it occurred, and what kind of information was compromised.  Answer: what are you doing to provide a remedy and should they do  (next slide)
  • 23. what are you doing to provide a remedy and should they do You as the Organization  Build a website with information about the breach  Offer a Toll Free number people to call in for questions  If the possibility of social information provide contact information for Equifax, Experian and Transunion, and the quick links for fraud protection. Them as Impacted Parties  Fraud Protection (if necessary)  Request them to change their passwords if their password was compromised  Highlight if they use this password on OTHER sites to change those passwords too
  • 24.
  • 25.
  • 26. Step 2 - Investigate  You will most likely need to hire an outside cyber security firm – they have the tools and resources to track what might have been stolen and who stole it.  Solve which computers and accounts were compromised, which data was accessed (viewed) or stolen (copied) and whether any other parties – such as clients, customers, business partners, users, employees. Was the stolen data encrypted or unencrypted?  Also involve folks from the people you pay for services (depending on where the breach occurred) such as ISPs, Web Hosting Providers, Security Software, Firewall Vendors, etc.  Contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance
  • 27. Step 3 – More Communication and Follow Up  If you notify more than 500 impacted people from a breach, many states will also require you to file a notice with your state attorney general’s office.  HIPPA, FERPA, CIPA, and all those other scary acronyms have requirements and regulations – make sure none of those rules are violated.
  • 28. Legal Stuff  There are a lot of laws that help a certain level of security standards. The landscape of these laws is evolving as the level of threats increase.  There is compliance standards that organizations should reach for security as well – as a precaution and preventive measure to mitigate risk.  The ISO/IEC 27000 family of standards helps organizations keep information assets secure.  https://www.iso.org/isoiec-27001- information-security.html
  • 29.  CIPA - Children's Internet Protection Act  The Children's Internet Protection Act (CIPA) requires that K–12 schools and libraries in the United States use Internet filters and implement other measures to protect children from harmful online content as a condition for federal funding  SOX - Sarbanes–Oxley Act  CEO and CFO of publicly traded companies to certify the effectiveness of their organization's internal controls as they relate to the accuracy of financial information and maintaining records of financial data.  FERPA – Family Education Rights and Privacy Act  Federal law that protects students’ educational records from public and third party exposure. Failure to meet these demands will result in loosing federal funding.  HIPPA – Health Insurance Portability and Accountability Act  Act that requires employers, insurance plans, and healthcare providers to setting up physical and technical security  PCI-DSS - Payment Card Industry Data Security Standard  PCI compliance regulations require anyone who store, process, or transmit credit card information to protect cardholder data regardless of its location.  FISMA – Federal Information Security Management Act  This act recognized the information security as matters of national security. Thus, it mandates that all federal agencies develop a method of protecting the information systems.
  • 30. Step 4 Solve It  Through the investigation and hiring of consultants and engagement of local/state/federal groups – find out what happened and how to prevent it from happening again  Removing infected computers or servers (if it was from a virus/malware)  Consider reformatting hacked computers and restoring data with clean backups or replacements  Removing access from the outside world to your network (or specific applications)  If the breach occurred because of non patch system or software – patch it, then put a policy in place to check patches.  If the breach was done through a stolen or weak passwords, secure those accounts and set new, complex passwords that will be hard to crack.  Communicate the resolution to the users impacted
  • 31. Repercussions  Depending on the severity of the hack and type of hack you may:  Need to pay a fine/penalty from a governing body if it was because of lack of security or no reasonable efforts to defend users data  Pay for identity protection for those impacted users (usually at least a year)  Pay a settlement
  • 32. Moving Forward / Prevention  Make sure your security defenses are running properly and that data is being backed up securely.  You should run activity logs and tracking on all network devices and public facing servers. These logs should be checked and monitored for unwanted access or sudden activity.  Follow up with vendors to see what they are doing to protect your/their data – and share with customers best practices for their own security (like strong passwords).  Create a disaster recovery plan and train employees so everyone can respond quickly and calmly if they know of an attack or see something that could be indicative of being attacked.
  • 33. cyber-insurance  Policies can be purchased from most major insurance carriers for between $5,000 and $10,000 per $1 million in protection.  Policies will generally cover:  Legal Fees  Forensic Fees  Costs for providing customer credit monitoring for those impacted  Any court costs related to civil litigation and class actions.  Some policies include access to portals/support so if and when an attack occurs, you can get guidance and support on what to do.
  • 34. Training for Staff  Not installing software on the machine  You could put secure rules in place to prevent installations  Not opening attachments or clicking on links from senders you don’t recognize.  Teach staff that IT support will only email communications in a specific template from a specific address. Any other emailing claiming to be “IT” isn’t them.  Have staff either take an assessment after training and/or sign a document agreeing to practice best practices for security.  Simulate attacks with tools like KnowBe4  Checking Non-Work Related Functions (like emails) – caution users from accessing personal email or personal information while at work – as the IT team will not be monitoring that email for malicious messages.
  • 35.
  • 36. You – As A Person (If Infected Machine)  If you think you infected your machine (through an email, virus, etc)  Disconnect it from the internet.  Immediately shut down the computer  If you notice an odd message take a photo first so an IT person (or you) could do more research  You can remove your drive from your computer and using another computer (that’s not network connected) run scans on the drive.  Depending on the severity – you may need to wipe your computer.  If this is a work computer – always inform IT Security or IT. They rather have a false alarm than an actual issue leak to the entire organization.
  • 37. If Your Personal Accounts Got Hijacked  If its your personal email or social media accounts  Send an email to all your contacts letting them know (if a fake message was sent out) that it wasn’t you who sent the message and to delete it.  Change your email password.  Google will tell you what sites you have connected your Google Account too:  https://myaccount.google.com/intro/secureaccount  If it’s your work email  Inform IT / Security – and ask them the best course of action.
  • 38.
  • 39. You Heard Of A Breach  Change Your Passwords!!  And I’m hoping you don’t use the same password for all your accounts  Do some investigatory work of your own  Do you use this username on other systems?  Check to see if other sites you use have you logging in when you haven’t  Many websites allow you to get an audit of when and where you’ve logged in. Contact those sites support pages for details.
  • 41. Your Organization  Administrative Accounts are easy to figure out if they are something like “administrator” ”root” or “power users”. At the same time, no employee should have their account as a full admin.  Instead, give them their own username for admin access (like brian.admin)  Change the default “login” pages for sites to something that’s not www.mysitename.com/login. Bots look for this and attack.  My Drupal Site login page is www.evolveproject.org/catpower  User Awareness is key to any secure organization. Teach users how to identify potential threats and how to respond quickly.  Avoid shared accounts. One account should only be used by one person.
  • 42.
  • 43. You  Sites to protect yourself all the time (not free)  IdentiyGuard.com  LifeLock.com  Sites to monitor when breached data gets related (this is free)  Haveibeenpwned.com  Password Management Sites (like lastpass.com)  Don’t have the same password for all your sites.  Don’t write your passwords down on a post-it-note and leave it at your desk
  • 44.
  • 45. Dual Factor Authentication  After logging in; verify login via Email, SMS, or an app with a code.
  • 46. Credit Card Tools for Online Shopping  Check out Privacy.Com  https://privacy.com/join/473XB shameless plug
  • 47. Other tricks for anonymity  10 Minute Email  https://10minutemail.com/10MinuteMail/index.html  Temporarily get an email box that’s anonymous and disappears after 10 minutes  Dr Cleaner (Mac) or Eraser (Win) can overwrite files on your computer with “blank” data to make file recovery near impossible.  Tools like Recuva is free software to allow you to restore deleted files.
  • 48. “Cool” Hardware https://krebsonsecurity.com/2016/08/road-warriors-beware-of-video- jacking/ Be careful when plugging your device in o public USB Outlet… Either read the data on your device OR Record your screen ->
  • 50. Basic Tips  Accept only people you know to personal and professional accounts  Never click on links from people you don’t know.  Especially if they are using a url shortner: bit.ly, tinyurl.com, etc  https://www.urlvoid.com/ - test the website to see if its safe  https://www.site-shot.com/ get a screenshot of what will load on site  https://pagescreen.io/ another paid tool that works pretty well  If there are people claiming to be you on social media, it’s best to get your account “verified” on those social media platforms  This lets users distinguish that you’re the actual official account
  • 51. Checking Your Accounts / Name Online  Use this site to check your usernames: https://namechk.com/  The next is a tool searches through your email with things you may have signed up for (I've paid for their premium service as well, not really worth it, the free does just fine) https://brandyourself.com/privacy-overview.  This tool: https://email-lookup.online/index.php searches public searches to see what links. Its similar to https://www.spokeo.com/email-search.
  • 52.
  • 53. Your Security is as Strong As the Weakest Link
  • 54.
  • 55. Contact Me!  Brian Pichman  Bpichman@evolveproject.org  Twitter: @bpichman  Slideshare.net/bpichman
  • 56. Why have a policy? Staring Will Ferrell ….
  • 57. Increases Efficiency  Having a security policy allows you to be consistent in your approach to issues and how processes should work.  It should outline how and what to do, and repeatable across your organization.  Everyone is doing XYZ the same way and on the same page.
  • 58. Accountability, Discipline, and Penalties  Think of it as a contract – for legal purposes – that you have taken the steps needed to secure your organization.  Need to define penalties when violations occur. People need to know the consequences are for failure to comply – both from a legal and HR standpoint or even access permissions.  Policies and procedures provide what the expectation is and how to achieve that expectation. It should define what the consequence are for failure to adhere.
  • 59. Education For Employees  By reading these policies (and signing them), it helps educate your employees (and users) the sense of ownership for assets and data.  Everything from advice on choosing the proper passwords, to providing guidelines for file transfers and data storage, internet access and rules, will help to increase employees’ overall awareness of security and how it can be strengthened
  • 60. Addresses Threats and Risks  A good policy should address all threats, strategies to decrease the vulnerabilities of those threats, and how to recover if those threats became actionable.  This makes the “what do we do if someone hacks our network” a defined process already and who to call and what to do to mitigate further damage.
  • 61. Access Definitions and Permissions  A good policy would outline who accesses what and why. This makes reporting a security violation easier and streamlined.  Policies are like bouncers at a night club  It states who has access to the VIP section of the club, why, and any reasons to allow entry.  Without these rules, VIP wouldn’t be really VIP.