SlideShare ist ein Scribd-Unternehmen logo

Making Information Security Fun

•Als PPTX, PDF herunterladen•
•
Ben Woelk, CISSP, CPTC
Ben Woelk, CISSP, CPTC

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

TechnologieBildung
1 von 16
Making Information Security Fun Ben Woelk Policy and Awareness Analyst Information Security Office Rochester Institute of Technology 585.475.4122 Ben.woelk@rit.edu
Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
Avert Labs Malware Research 3 Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
Solution •We needed a plan – Systematic repeatable – Goals – Proactive
Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
Branding Consistency
Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
Social Media • Meet students where they are • Post directly from Facebook to Twitter
Private Information Management
Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
Orientation
Faculty • Participate in faculty events • Hit hot topics
Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16

Empfohlen

Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Ei Lab4
Ei Lab4Ei Lab4
Ei Lab4rolandv
 
IT Security Human Resources
IT Security Human ResourcesIT Security Human Resources
IT Security Human Resourcesbudi rahardjo
 
Welcome To Computers
Welcome To ComputersWelcome To Computers
Welcome To Computersconnerk
 
Network security ppt
Network security pptNetwork security ppt
Network security pptKristi DeRoche
 
Embedding learning technology into practice
Embedding learning technology into practiceEmbedding learning technology into practice
Embedding learning technology into practiceRebecca Ferriday
 
ekongresume
ekongresumeekongresume
ekongresumeEkong Etuk
 

Empfohlen

Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Ei Lab4
Ei Lab4Ei Lab4
Ei Lab4rolandv
 
IT Security Human Resources
IT Security Human ResourcesIT Security Human Resources
IT Security Human Resourcesbudi rahardjo
 
Welcome To Computers
Welcome To ComputersWelcome To Computers
Welcome To Computersconnerk
 
Network security ppt
Network security pptNetwork security ppt
Network security pptKristi DeRoche
 
Embedding learning technology into practice
Embedding learning technology into practiceEmbedding learning technology into practice
Embedding learning technology into practiceRebecca Ferriday
 
ekongresume
ekongresumeekongresume
ekongresumeEkong Etuk
 
Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network pptKristi DeRoche
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? IWMW
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009Scott Le Duc
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - PosterAndrew Kerr
 
Tech&writing at
Tech&writing atTech&writing at
Tech&writing atScott Kimball
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer TechniquesFrederick Lane
 
The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information SecuritySecurity BSides London
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshootingricharddxd
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterAtlantic Training, LLC.
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaAtlantic Training, LLC.
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsDuarte, Inc.
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpointIan Trimble
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsSketchBubble
 
Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Ben Woelk, CISSP, CPTC
 

Weitere ähnliche Inhalte

Was ist angesagt?

Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network pptKristi DeRoche
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? IWMW
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009Scott Le Duc
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - PosterAndrew Kerr
 
Tech&writing at
Tech&writing atTech&writing at
Tech&writing atScott Kimball
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer TechniquesFrederick Lane
 

Was ist angesagt? (6)

Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network ppt
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities?
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - Poster
 
Tech&writing at
Tech&writing atTech&writing at
Tech&writing at
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer Techniques
 

Andere mochten auch

The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information SecuritySecurity BSides London
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshootingricharddxd
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterAtlantic Training, LLC.
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaAtlantic Training, LLC.
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsDuarte, Inc.
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpointIan Trimble
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsSketchBubble
 

Andere mochten auch (15)

The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information Security
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurity
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshooting
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique Passwords
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana Chapter
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by Pedraza
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in Presentations
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpoint
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery Tips
 

Ähnlich wie Making Information Security Fun

Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Ben Woelk, CISSP, CPTC
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
Use of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsUse of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsTony Ratcliffe
 
The Ethics of Digital Scholarship
The Ethics of Digital ScholarshipThe Ethics of Digital Scholarship
The Ethics of Digital ScholarshipMartin Weller
 
Ethical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerEthical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerThe Higher Education Academy
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...Damir Delija
 
Know you Digital Literacies
Know you Digital LiteraciesKnow you Digital Literacies
Know you Digital LiteraciesNeil Witt
 
QR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolQR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolJordan Hudson
 
Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Grainne Conole
 
Keeping learners safe online presentation
Keeping learners safe online presentationKeeping learners safe online presentation
Keeping learners safe online presentationJisc
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastJisc
 
Expertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesExpertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesEFSA EU
 
Social media March 2013
Social media March 2013Social media March 2013
Social media March 2013Timothy Holden
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?Phil Agcaoili
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Donald E. Hester
 

Ähnlich wie Making Information Security Fun (20)

Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013
 
Jisc e-safety
Jisc e-safety Jisc e-safety
Jisc e-safety
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
Digital Self Defense
Digital Self DefenseDigital Self Defense
Digital Self Defense
 
Use of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsUse of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionals
 
The Ethics of Digital Scholarship
The Ethics of Digital ScholarshipThe Ethics of Digital Scholarship
The Ethics of Digital Scholarship
 
Ethical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerEthical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin Weller
 
Digital Self Defense at RIT
Digital Self Defense at RITDigital Self Defense at RIT
Digital Self Defense at RIT
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...
 
Know you Digital Literacies
Know you Digital LiteraciesKnow you Digital Literacies
Know you Digital Literacies
 
QR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolQR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting Tool
 
Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015
 
Keeping learners safe online presentation
Keeping learners safe online presentationKeeping learners safe online presentation
Keeping learners safe online presentation
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher Education
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - Mimecast
 
Expertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesExpertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologies
 
Social media March 2013
Social media March 2013Social media March 2013
Social media March 2013
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009
 

Mehr von Ben Woelk, CISSP, CPTC

Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceBen Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxBen Woelk, CISSP, CPTC
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesBen Woelk, CISSP, CPTC
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesBen Woelk, CISSP, CPTC
 
We're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessBen Woelk, CISSP, CPTC
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessBen Woelk, CISSP, CPTC
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBen Woelk, CISSP, CPTC
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipBen Woelk, CISSP, CPTC
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18Ben Woelk, CISSP, CPTC
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityBen Woelk, CISSP, CPTC
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfBen Woelk, CISSP, CPTC
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to LeadershipBen Woelk, CISSP, CPTC
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarBen Woelk, CISSP, CPTC
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsBen Woelk, CISSP, CPTC
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsBen Woelk, CISSP, CPTC
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and VolunteeringBen Woelk, CISSP, CPTC
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Ben Woelk, CISSP, CPTC
 

Mehr von Ben Woelk, CISSP, CPTC (20)

Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
 
We're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security Awareness
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
 
Digital self defense 101 me rit
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminar
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR Professionals
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
 
A Techcomm Bestiary Summit14
A Techcomm Bestiary Summit14A Techcomm Bestiary Summit14
A Techcomm Bestiary Summit14
 
A Techcomm Bestiary Spectrum14
A Techcomm Bestiary Spectrum14A Techcomm Bestiary Spectrum14
A Techcomm Bestiary Spectrum14
 

KĂźrzlich hochgeladen

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂşjo
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

KĂźrzlich hochgeladen (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Making Information Security Fun

  • 1. Making Information Security Fun Ben Woelk Policy and Awareness Analyst Information Security Office Rochester Institute of Technology 585.475.4122 Ben.woelk@rit.edu
  • 2. Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
  • 3. Avert Labs Malware Research 3 Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
  • 4. Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
  • 5. Solution •We needed a plan – Systematic repeatable – Goals – Proactive
  • 6. Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
  • 7. What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
  • 8. RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
  • 10. Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
  • 11. Social Media • Meet students where they are • Post directly from Facebook to Twitter
  • 13. Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
  • 15. Faculty • Participate in faculty events • Hit hot topics
  • 16. Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16

Hinweis der Redaktion

  1. Per the MarkMonitor Brandjacking Index for Spring 2009:Phish attacks targeting social networks have grown 241 percent from Q1 2008 to Q1 2009 and have grown 1,500-fold since we first started tracking the category in 2007.
  2. University of North Carolina exposed ssn for about 114,000-180,000 women that was part of a multi-year medical research study. The server with this data stored on it was not located behind a firewall, a minimal security precaution. Fingers were pointed back and forth between the researcher and the IT dept. managing the servers.