SlideShare ist ein Scribd-Unternehmen logo

Hiroshima University Information Security & Compliance 2017

I
imc-isec-comp

This document provides an overview of information security and compliance. It discusses recent threats like phishing scams and viruses, important routine measures such as using antivirus software and strong passwords, and additional good behaviors. Specific threats covered include phishing emails, ransomware viruses, and unauthorized access. The document recommends countermeasures like updating software and behaviors to avoid like inadvertently clicking suspicious links. The goal is to revise and enhance knowledge of information security best practices.

Bildung
1 von 37
Downloaden Sie, um offline zu lesen
Information Security & Compliance 2017
Introduction Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors 2 Improving your knowledge of information security
3 1.Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
Risks of phishing scams The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 4 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
How to identify suspicious emails: Point (1) 5 Email address is suspicious. Strange domain ending in “ru” Attached file name is suspicious. This is a real email which we have received. If an email seems suspicious, it can be helpful to do a web search.
How to identify suspicious emails: Point (2) 6 Email address is suspiciously long URL is suspicious. “http” instead of “https” This is a real email which we have received. Check URL before inadvertently clicking.
Example of clever phishing site Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. 7 It’s difficult to tell if a site is fake!
Countermeasures and Behaviors against phishing scams 8 Check that your devices are not used without your knowledge. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
Risks of virus infections The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? 9 An infected PC or files on the PC are encrypted to make them unusable. à You are asked to pay a “ransom” to regain access to your PC or files. Files are encrypted, so they cannot be used!
Examples of ransomware 10 Infection screen of “CryptoLocker” Infection screen of “AndroidOS_Locker” Online banking information was also stolen! Nonexistent organization, “National Security Department”
If you are infected by ransomware • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. 11 restore Make regular backups in case this ever happens!
Virus infection routes 12 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs
Countermeasures and Behaviors against virus infections 13 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
Damage due to unauthorized access 14 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites Unauthorized access is access to computers and systems from a network by someone not intended to have access privileges Viewing, modifying, and deleting files Viewing, modifying, and deleting emails
Things that increase the risk of unauthorized access 15 Continuing to use old versions of OS and applications Using easy-to-guess passwords Repeatedly using the same passwordConnecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts active Letting someone else use your smartphone Not checking the usage status of your services
Countermeasures and Behaviors against unauthorized access 16 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
17 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
Antivirus software New computer viruses are discovered every day. Set your antivirus software to update automatically! 18 It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
Updating software • Set the “automatic updates” option! • Update your OS as well as your applications! 19 Always use the latest version!
Strong passwords The common password for your Hiroshima University ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string 20 It is dangerous to repeatedly use the same password!
Regular backups 21 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. ※ You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
Knowing the latest threats and attack methods Make the effort to keep informed about the latest security threats. 22 http://www.ipa.go.jp/security/kokokara/study/international.html
23 3. Additional good behaviors • Do not attach files to emails • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
Do not attach files to emails 24 Virus infections caused by opening a file attachment are increasingly common. When exchanging files, avoid email file attachments as far as possible. Instead, place the file in the cloud and send a link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20170401ver1.docx
Use the cloud to exchange files 25 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
Use multi-factor authentication To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. 26 When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in… Something doesn’t seem right. I better change my password.
Share information with people you know 27 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
PC starts sending spam emails. unauthorized access Data leaks virus infections Symptoms that indicate a security incident 28 PC starts suddenly malfunctioning. Nothing happens when clicking on an email file attachment. Virus detection window appears. It suddenly becomes impossible to open folder or file.
Promptly reporting security incidents 29 This handy card lists emergency contacts and precautions. The cards are distributed free of charge by the Media Center. Carry one with you, together with your student/staff ID! E-mail: sec-kikou@ml.hiroshima-u.ac.jp TEL: 082-424-6082,080-1906-2982 When you find an incident, http://www.hiroshima-u.ac.jp/en Contact your affiliated faculty / graduate school or CSIRT, immediately! Information Security Quick Guide ・My web site seems to be tampered. ・My laptop was stolen. ・Suddenly my file has become inaccessible. ・I lost my USB memory containing personal   information. ・I received a complaint saying“I received a junk e-mail from your address”. Computer Security Incident Response Team (CSIRT) Knowing emergency contacts at all times is a useful security measure .
Other precautions (1) 30 Use of file sharing software is prohibited at Hiroshima University! Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended! Let's encrypt
Other precautions (2) 31 When using social media, take care not to post inappropriate content or leak sensitive information! Using public Wi-Fi networks puts you at risk of unauthorized access! Avoid using them as far as possible! Free Wi-Fi
Countermeasures and behaviors 32 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 countermeasures 5 behaviors
5 countermeasures 33 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
5 behaviors 34 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check that your devices are not used without your knowledge. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
Conclusion We are at the end of this online workshop. After this, you must take an evaluation test. 16 correct answers out of 20 questions is a pass. If you pass the evaluation test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year 35
Reference documents and materials • “Top 10 Threats to Information Security 2017,” IPA https://www.ipa.go.jp/security/vuln/10threats2017.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/ 36
37 Issued in April, 2017 Information Media Center, Hiroshima University Attribution 4.0 International

Empfohlen

Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
Home cyber security
Home cyber securityHome cyber security
Home cyber securityMichael File
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safetyMOHAMMADZAINULABIDEE3
 
Mozilla - Let's take back the web
Mozilla - Let's take back the webMozilla - Let's take back the web
Mozilla - Let's take back the webViral Parmar
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber securitySannith Reddy
 

Empfohlen

Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
Home cyber security
Home cyber securityHome cyber security
Home cyber securityMichael File
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safetyMOHAMMADZAINULABIDEE3
 
Mozilla - Let's take back the web
Mozilla - Let's take back the webMozilla - Let's take back the web
Mozilla - Let's take back the webViral Parmar
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber securitySannith Reddy
 
cyber security
cyber securitycyber security
cyber securityBasineniUdaykumar
 
Security awareness
Security awarenessSecurity awareness
Security awarenessJosh Chandler
 
Cyber security
Cyber security Cyber security
Cyber security Sachith Lekamge
 
Cyber security
Cyber securityCyber security
Cyber securityTaimoorArshad5
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber SecurityIRJET Journal
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppWeSecureApp
 
Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017PhishingBox
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Understanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber SecurityUnderstanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber SecurityNeil Parker
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptBushra22
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismShivam Lohiya
 
Cyber security
Cyber securityCyber security
Cyber securityMurugesanMurugesan12
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityimtnoida112
 
cyber security
cyber securitycyber security
cyber securitykm. nahid
 
Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber SecurityIRJET Journal
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppWeSecureApp
 
Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017PhishingBox
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Understanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber SecurityUnderstanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber SecurityNeil Parker
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptBushra22
 
cyber security
cyber securitycyber security
cyber securitykm. nahid
 

Was ist angesagt? (20)

cyber security
cyber securitycyber security
cyber security
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017Verizon Data Breach Investigations Report (DBIR) 2017
Verizon Data Breach Investigations Report (DBIR) 2017
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me"
 
Cyber security
Cyber securityCyber security
Cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security
Cyber securityCyber security
Cyber security
 
Understanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber SecurityUnderstanding the Risk & Challenges of Cyber Security
Understanding the Risk & Challenges of Cyber Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomware
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
cyber security
cyber securitycyber security
cyber security
 

Ähnlich wie Hiroshima University Information Security & Compliance 2017

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101Travis Good
 
6 Cyber Security Introduction - sec101-idtheft .pptx
6 Cyber Security Introduction - sec101-idtheft .pptx6 Cyber Security Introduction - sec101-idtheft .pptx
6 Cyber Security Introduction - sec101-idtheft .pptxDevenderDahiya9
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Symptai Consulting Limited
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxMustafa Amiri
 
End user security awareness
End user security awarenessEnd user security awareness
End user security awarenessKanishk Raj
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety Sadaf Walliyani
 
An introduction to cyber security by cyber security infotech pvt ltd(csi)
An introduction to cyber security by cyber security infotech pvt ltd(csi)An introduction to cyber security by cyber security infotech pvt ltd(csi)
An introduction to cyber security by cyber security infotech pvt ltd(csi)Cyber Security Infotech
 
Online access and computer security.pptx_S.Gautham
Online access and computer security.pptx_S.GauthamOnline access and computer security.pptx_S.Gautham
Online access and computer security.pptx_S.GauthamJoelGautham
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businessesB2BPlanner Ltd.
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxbinowe
 

Ähnlich wie Hiroshima University Information Security & Compliance 2017 (20)

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
 
6 Cyber Security Introduction - sec101-idtheft .pptx
6 Cyber Security Introduction - sec101-idtheft .pptx6 Cyber Security Introduction - sec101-idtheft .pptx
6 Cyber Security Introduction - sec101-idtheft .pptx
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
End user security awareness
End user security awarenessEnd user security awareness
End user security awareness
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
An introduction to cyber security by cyber security infotech pvt ltd(csi)
An introduction to cyber security by cyber security infotech pvt ltd(csi)An introduction to cyber security by cyber security infotech pvt ltd(csi)
An introduction to cyber security by cyber security infotech pvt ltd(csi)
 
Online access and computer security.pptx_S.Gautham
Online access and computer security.pptx_S.GauthamOnline access and computer security.pptx_S.Gautham
Online access and computer security.pptx_S.Gautham
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy Basics
 
Cyber security
Cyber securityCyber security
Cyber security
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 

Mehr von imc-isec-comp

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019imc-isec-comp
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018imc-isec-comp
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017imc-isec-comp
 

Mehr von imc-isec-comp (6)

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017
 

Kürzlich hochgeladen

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxAmanpreet Kaur
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfssuserdda66b
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 

Kürzlich hochgeladen (20)

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 

Hiroshima University Information Security & Compliance 2017

  • 2. Introduction Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors 2 Improving your knowledge of information security
  • 3. 3 1.Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
  • 4. Risks of phishing scams The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 4 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
  • 5. How to identify suspicious emails: Point (1) 5 Email address is suspicious. Strange domain ending in “ru” Attached file name is suspicious. This is a real email which we have received. If an email seems suspicious, it can be helpful to do a web search.
  • 6. How to identify suspicious emails: Point (2) 6 Email address is suspiciously long URL is suspicious. “http” instead of “https” This is a real email which we have received. Check URL before inadvertently clicking.
  • 7. Example of clever phishing site Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. 7 It’s difficult to tell if a site is fake!
  • 8. Countermeasures and Behaviors against phishing scams 8 Check that your devices are not used without your knowledge. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
  • 9. Risks of virus infections The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? 9 An infected PC or files on the PC are encrypted to make them unusable. à You are asked to pay a “ransom” to regain access to your PC or files. Files are encrypted, so they cannot be used!
  • 10. Examples of ransomware 10 Infection screen of “CryptoLocker” Infection screen of “AndroidOS_Locker” Online banking information was also stolen! Nonexistent organization, “National Security Department”
  • 11. If you are infected by ransomware • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. 11 restore Make regular backups in case this ever happens!
  • 12. Virus infection routes 12 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs
  • 13. Countermeasures and Behaviors against virus infections 13 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
  • 14. Damage due to unauthorized access 14 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites Unauthorized access is access to computers and systems from a network by someone not intended to have access privileges Viewing, modifying, and deleting files Viewing, modifying, and deleting emails
  • 15. Things that increase the risk of unauthorized access 15 Continuing to use old versions of OS and applications Using easy-to-guess passwords Repeatedly using the same passwordConnecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts active Letting someone else use your smartphone Not checking the usage status of your services
  • 16. Countermeasures and Behaviors against unauthorized access 16 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
  • 17. 17 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
  • 18. Antivirus software New computer viruses are discovered every day. Set your antivirus software to update automatically! 18 It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
  • 19. Updating software • Set the “automatic updates” option! • Update your OS as well as your applications! 19 Always use the latest version!
  • 20. Strong passwords The common password for your Hiroshima University ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string 20 It is dangerous to repeatedly use the same password!
  • 21. Regular backups 21 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. ※ You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
  • 22. Knowing the latest threats and attack methods Make the effort to keep informed about the latest security threats. 22 http://www.ipa.go.jp/security/kokokara/study/international.html
  • 23. 23 3. Additional good behaviors • Do not attach files to emails • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
  • 24. Do not attach files to emails 24 Virus infections caused by opening a file attachment are increasingly common. When exchanging files, avoid email file attachments as far as possible. Instead, place the file in the cloud and send a link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20170401ver1.docx
  • 25. Use the cloud to exchange files 25 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
  • 26. Use multi-factor authentication To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. 26 When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in… Something doesn’t seem right. I better change my password.
  • 27. Share information with people you know 27 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
  • 28. PC starts sending spam emails. unauthorized access Data leaks virus infections Symptoms that indicate a security incident 28 PC starts suddenly malfunctioning. Nothing happens when clicking on an email file attachment. Virus detection window appears. It suddenly becomes impossible to open folder or file.
  • 29. Promptly reporting security incidents 29 This handy card lists emergency contacts and precautions. The cards are distributed free of charge by the Media Center. Carry one with you, together with your student/staff ID! E-mail: sec-kikou@ml.hiroshima-u.ac.jp TEL: 082-424-6082,080-1906-2982 When you find an incident, http://www.hiroshima-u.ac.jp/en Contact your affiliated faculty / graduate school or CSIRT, immediately! Information Security Quick Guide ・My web site seems to be tampered. ・My laptop was stolen. ・Suddenly my file has become inaccessible. ・I lost my USB memory containing personal   information. ・I received a complaint saying“I received a junk e-mail from your address”. Computer Security Incident Response Team (CSIRT) Knowing emergency contacts at all times is a useful security measure .
  • 30. Other precautions (1) 30 Use of file sharing software is prohibited at Hiroshima University! Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended! Let's encrypt
  • 31. Other precautions (2) 31 When using social media, take care not to post inappropriate content or leak sensitive information! Using public Wi-Fi networks puts you at risk of unauthorized access! Avoid using them as far as possible! Free Wi-Fi
  • 32. Countermeasures and behaviors 32 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 countermeasures 5 behaviors
  • 33. 5 countermeasures 33 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
  • 34. 5 behaviors 34 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check that your devices are not used without your knowledge. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
  • 35. Conclusion We are at the end of this online workshop. After this, you must take an evaluation test. 16 correct answers out of 20 questions is a pass. If you pass the evaluation test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year 35
  • 36. Reference documents and materials • “Top 10 Threats to Information Security 2017,” IPA https://www.ipa.go.jp/security/vuln/10threats2017.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/ 36
  • 37. 37 Issued in April, 2017 Information Media Center, Hiroshima University Attribution 4.0 International