Step right into a realm where cyber security meets the enchanting world of Harry Potter! Join Brian Pichman, our fearless Defense Against the Dark Arts wizard, as he unveils the secrets to safeguarding our digital realms. Prepare to be captivated as Brian illuminates the spellbinding techniques of encryption, firewalls, and intrusion detection, equipping us to fortify our cherished data against the sinister forces of the digital realm.
But beware! Just like in the magical world, treacherous adversaries prowl the shadows. Brian will expose the dark arts of phishing, ransomware, and social engineering, empowering us to defend our digital castles. Engrossed in tales of peril and armed with ancient cyber security spells, this captivating presentation promises to leave you spellbound and ready to protect yourself in this ever-evolving landscape. So grab your wands and brace yourselves as Brian Pichman conjures a shield of protection, ensuring the safety of our digital realms against the forces of darkness. Together, we shall prevail in this journey of cyber security and magic.
Securing and Safeguarding Your Library SetupBrian Pichman
We will explore various tools, techniques, & procedures to ensure our environment's safety & security. Leave with a list of ideas you can use today within your library.
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
With all the things that go "bump" in the night, nothing worries administrators and even end users more than a security incident. This webinar will focus on building an understanding of IT Security and the tools that can help mitigate risk. Moreover, attendees will leave with a clear understanding of general informational security terms and processes that they can implement in their library same day to help safeguard and better protect their infrastructure and data. Brian Pichman of the Evolve Project will lead us through putting together components for a Security and Risk Plan and how to properly respond to threats and attacks.
Ever wonder, "how can I make my home internet more secure" or "how can I make sure my kids are safely browsing the internet"? Join this cat meme filled presentation on how to secure your home's internet; everything from securing your wireless network to tools that you can use to help keep you and your family safe while surfing the web.
Nicholas Davis gave a presentation on information security in healthcare environments. He discussed HIPAA obligations to protect patient information including confidentiality, integrity and availability. He described common types of controls like technical and administrative controls and ways information can leak, such as through printers or unprotected trash bins. He warned of social engineering threats like pretexting and phishing scams that try to trick users into revealing sensitive information. He provided tips for strong passwords and protecting devices and networks from malware. The talk emphasized the importance of both technical security measures and educating users to identify and avoid social engineering attempts.
How you can protect your online identity, online privacy and VPNsIulia Porneala
A presentation on how to protect your internet identity, become anonymous online and VPNs.
What is encryption, Edward Snowden, NSA scandal, methods of protecting your online identity and statying away from the dangers of the Internet.
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
Ready to avoid crowded stores and online scammers during the holidays? Join Michele Chubirka as she goes through:
-Tips for safe online shopping and securing your banking information
-Protecting yourself from internet scams, phishing and fraud
Safeguard your personal information against identity theft
-How to use Anti-virus and other security software to keep your digital information safe.
Internet fraud involves using the internet to commit fraudulent activities. Common types of internet fraud include credit/debit card fraud, business deceit, and identity theft. To prevent internet fraud, it is important to keep firewalls and antivirus/antispyware software updated, use strong and unique passwords, watch out for phishing scams, and protect personal information.
This document discusses protecting personal privacy and securing online information. It outlines how personal information can be disclosed on many websites and used for identity theft or other crimes. Simple steps are recommended to help protect privacy such as using strong passwords, updating security programs, and installing antivirus software. The document also notes that while identity theft is punishable by law, apprehending violators can be difficult.
Securing and Safeguarding Your Library SetupBrian Pichman
We will explore various tools, techniques, & procedures to ensure our environment's safety & security. Leave with a list of ideas you can use today within your library.
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
With all the things that go "bump" in the night, nothing worries administrators and even end users more than a security incident. This webinar will focus on building an understanding of IT Security and the tools that can help mitigate risk. Moreover, attendees will leave with a clear understanding of general informational security terms and processes that they can implement in their library same day to help safeguard and better protect their infrastructure and data. Brian Pichman of the Evolve Project will lead us through putting together components for a Security and Risk Plan and how to properly respond to threats and attacks.
Ever wonder, "how can I make my home internet more secure" or "how can I make sure my kids are safely browsing the internet"? Join this cat meme filled presentation on how to secure your home's internet; everything from securing your wireless network to tools that you can use to help keep you and your family safe while surfing the web.
Nicholas Davis gave a presentation on information security in healthcare environments. He discussed HIPAA obligations to protect patient information including confidentiality, integrity and availability. He described common types of controls like technical and administrative controls and ways information can leak, such as through printers or unprotected trash bins. He warned of social engineering threats like pretexting and phishing scams that try to trick users into revealing sensitive information. He provided tips for strong passwords and protecting devices and networks from malware. The talk emphasized the importance of both technical security measures and educating users to identify and avoid social engineering attempts.
How you can protect your online identity, online privacy and VPNsIulia Porneala
A presentation on how to protect your internet identity, become anonymous online and VPNs.
What is encryption, Edward Snowden, NSA scandal, methods of protecting your online identity and statying away from the dangers of the Internet.
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
Ready to avoid crowded stores and online scammers during the holidays? Join Michele Chubirka as she goes through:
-Tips for safe online shopping and securing your banking information
-Protecting yourself from internet scams, phishing and fraud
Safeguard your personal information against identity theft
-How to use Anti-virus and other security software to keep your digital information safe.
Internet fraud involves using the internet to commit fraudulent activities. Common types of internet fraud include credit/debit card fraud, business deceit, and identity theft. To prevent internet fraud, it is important to keep firewalls and antivirus/antispyware software updated, use strong and unique passwords, watch out for phishing scams, and protect personal information.
This document discusses protecting personal privacy and securing online information. It outlines how personal information can be disclosed on many websites and used for identity theft or other crimes. Simple steps are recommended to help protect privacy such as using strong passwords, updating security programs, and installing antivirus software. The document also notes that while identity theft is punishable by law, apprehending violators can be difficult.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
This document discusses various cyber threats and provides tips to protect against them. It begins by outlining groups that may want personal information, such as nation states, cyber criminals, and corporate spies. It then details common cyber threats like malware, viruses, worms, spyware, and social engineering. The document provides examples of these threats and discusses how to prevent identity theft, protect sensitive data, use social media securely, and identify phishing attempts. It concludes by offering advice on mobile, wireless, and internet security best practices.
This document discusses how to protect personal privacy and secure online information. It outlines how personal information can be disclosed on many websites and used for identity theft, reputation damage, or blackmail. Some key pieces of information like Social Security Numbers or credit card numbers should never be shared unless the source is completely trustworthy. Methods like phishing, spyware, hacking or simple online searches can be used to access private information without consent. Basic steps to help protect privacy include using strong passwords, updating security programs, and installing antivirus and anti-malware software.
Pichman privacy, the dark web, & hacker devices i school (1)Stephen Abram
This document provides an overview and summary of a presentation on privacy, the dark web, and hacker devices. The presentation discusses tools that provide anonymity such as Tor browsing and VPNs. It also covers common devices and software used on the dark web and defenses against cyber attacks. The document discusses why people attack, how to prevent being tracked, and mitigating risks. It provides tips on anonymity and privacy as well as an overview of hacker tools and techniques. The presentation aims to familiarize audiences with anonymity methods while discouraging illegal use of the information.
Protecting Yourself From Data and Identity TheftMary Lou Roberts
Identity theft is becoming more common and personal data is at risk from many sources. Protecting personal data requires vigilance both offline and online. Some key steps include using strong and unique passwords for all accounts, enabling two-factor authentication whenever possible, keeping software and devices updated, using a password manager to generate and store passwords, and employing a VPN and ad blockers when browsing online. The "Internet of Things" introduces new risks as more devices collect and transmit personal data, so security settings on devices must be carefully reviewed and adjusted. Overall, people need a tailored system for protecting their data and digital lifestyle.
Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.
Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.
This document provides an overview and objectives for an information security awareness training. It covers topics like electronic communication, email viruses, phishing, internet usage, social networking, password management, and physical security. The training aims to help users understand cybersecurity threats, how to safely use technology, and their role in protecting company information assets. It emphasizes the importance of having strong, unique passwords and avoiding opening attachments or clicking links from unknown sources.
This document provides information and best practices for staying safe online. It discusses avoiding common scams like phishing, identity theft, file sharing risks, and using strong passwords. The key recommendations are to use up-to-date security software like antivirus and firewalls, only share information with known entities, and be wary of unsolicited messages asking for personal details. Backing up files and knowing how to respond if malware is suspected are also advised. The overall message is to be cautious online and protect personal information.
Introduction to Cybersecurity - Secondary School_0.pptxShubhamGupta833557
This document provides an introduction to cybersecurity and discusses various cybersecurity topics such as why people hack, phishing and social engineering, securing public networks and cellular data, what to do if hacked, and tips for increasing password security. Specifically, it explains that hackers may target users for financial gain, revenge, or fun; outlines common phishing techniques on personal accounts and social media; recommends using a VPN on public Wi-Fi and avoiding giving personal info on cellular networks; and advises changing passwords and running antivirus scans if hacked.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
1. Contain the breach to prevent further access or theft of data. Isolate compromised systems.
2. Determine the scope of data exposure and who was impacted. Conduct an investigation.
3. Notify impacted individuals as soon as possible of the breach and what data was exposed. Provide guidance on next steps.
4. Offer identity protection services or credit monitoring to impacted individuals. Consider legal obligations for notification.
5. Review security measures and response plans. Patch vulnerabilities and strengthen defenses to prevent future incidents.
Computer Security and Safety, Ethics, and.pptxEigraEmliuqer
This document discusses several privacy and security issues related to information and technology. It covers topics like information privacy, electronic profiles, cookies, spam, phishing, spyware and adware, privacy laws, social engineering, employee monitoring, and content filtering. The key ideas are that personal information is often collected and shared without consent, there are risks of fraud and data theft online, and companies monitor employees' computer usage while also filtering content for inappropriate material.
This document discusses several legal and ethical issues related to e-commerce, including privacy and information rights, property rights, governance issues, and public safety concerns. It outlines India's Information Technology Act of 2000, which provides the legal framework for e-commerce and addresses cybercrime. Specific issues covered include security threats to e-commerce like hacking and viruses; legal issues involving incorporation, trademarks, and transactions; and the regulation of internet gambling. Ethical concepts around responsibility, accountability, and analyzing dilemmas are also examined.
The document discusses various methods of social engineering such as phishing, baiting, and ransomware that aim to manipulate people into divulging private information. It provides examples of common social engineering scams like phishing emails and explains how to identify potential scams and protect personal information. The document also offers advice on what to do if a social engineering attempt was successful, such as immediately contacting IT security and changing passwords.
Cyber safety refers to safely using the internet while protecting personal information. It is important to be aware of potential dangers like identity theft, where someone steals personal details to pose as another person online. Websites can track users using their IP address, browser history, cookies, and other methods to build profiles for targeted advertising. Users should practice safe browsing habits, use private browsing when possible, and adjust privacy settings to control what information is visible to others online to avoid identity fraud or privacy violations. Digital footprints created by all online activities are permanent, so caution is needed regarding what information is shared or posted.
Cyber24x7 Cybersecurity awareness slides to make users aware of company policies , information security issues , phishing emails etc. Well explained crisp information security slides covering 27001 awareness.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
AI Coding, Tools for Building AI (TBLC AI Conference)Brian Pichman
Embark on an engaging journey into the world of AI coding with Brian Pichman from the Evolve Project. This advanced track offers participants hands-on experiences in coding AI, blending theory with practice. Explore the latest games/gadgets/gizmos designed to educate and enhance skills in coding alongside AI. This session is perfect for those who are curious about what's it take to code AI and learn about cutting-edge developments in AI technology
Building Your Own AI Instance (TBLC AI )Brian Pichman
Join Brian Pichman from the Evolve Project in an enlightening session focusing on the creation of a building your own AI chatbot. This advanced track delves into the practical aspects of utilizing the OpenAI API alongside other innovative software products. Participants will gain invaluable insights into the processes and technologies involved inbuilding a custom AI instance. This track is ideal for those seeking adeeper understanding of AI integration and personalization in the realm. of conversational AI.
Weitere ähnliche Inhalte
Ähnlich wie Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
This document discusses various cyber threats and provides tips to protect against them. It begins by outlining groups that may want personal information, such as nation states, cyber criminals, and corporate spies. It then details common cyber threats like malware, viruses, worms, spyware, and social engineering. The document provides examples of these threats and discusses how to prevent identity theft, protect sensitive data, use social media securely, and identify phishing attempts. It concludes by offering advice on mobile, wireless, and internet security best practices.
This document discusses how to protect personal privacy and secure online information. It outlines how personal information can be disclosed on many websites and used for identity theft, reputation damage, or blackmail. Some key pieces of information like Social Security Numbers or credit card numbers should never be shared unless the source is completely trustworthy. Methods like phishing, spyware, hacking or simple online searches can be used to access private information without consent. Basic steps to help protect privacy include using strong passwords, updating security programs, and installing antivirus and anti-malware software.
Pichman privacy, the dark web, & hacker devices i school (1)Stephen Abram
This document provides an overview and summary of a presentation on privacy, the dark web, and hacker devices. The presentation discusses tools that provide anonymity such as Tor browsing and VPNs. It also covers common devices and software used on the dark web and defenses against cyber attacks. The document discusses why people attack, how to prevent being tracked, and mitigating risks. It provides tips on anonymity and privacy as well as an overview of hacker tools and techniques. The presentation aims to familiarize audiences with anonymity methods while discouraging illegal use of the information.
Protecting Yourself From Data and Identity TheftMary Lou Roberts
Identity theft is becoming more common and personal data is at risk from many sources. Protecting personal data requires vigilance both offline and online. Some key steps include using strong and unique passwords for all accounts, enabling two-factor authentication whenever possible, keeping software and devices updated, using a password manager to generate and store passwords, and employing a VPN and ad blockers when browsing online. The "Internet of Things" introduces new risks as more devices collect and transmit personal data, so security settings on devices must be carefully reviewed and adjusted. Overall, people need a tailored system for protecting their data and digital lifestyle.
Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.
Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.
This document provides an overview and objectives for an information security awareness training. It covers topics like electronic communication, email viruses, phishing, internet usage, social networking, password management, and physical security. The training aims to help users understand cybersecurity threats, how to safely use technology, and their role in protecting company information assets. It emphasizes the importance of having strong, unique passwords and avoiding opening attachments or clicking links from unknown sources.
This document provides information and best practices for staying safe online. It discusses avoiding common scams like phishing, identity theft, file sharing risks, and using strong passwords. The key recommendations are to use up-to-date security software like antivirus and firewalls, only share information with known entities, and be wary of unsolicited messages asking for personal details. Backing up files and knowing how to respond if malware is suspected are also advised. The overall message is to be cautious online and protect personal information.
Introduction to Cybersecurity - Secondary School_0.pptxShubhamGupta833557
This document provides an introduction to cybersecurity and discusses various cybersecurity topics such as why people hack, phishing and social engineering, securing public networks and cellular data, what to do if hacked, and tips for increasing password security. Specifically, it explains that hackers may target users for financial gain, revenge, or fun; outlines common phishing techniques on personal accounts and social media; recommends using a VPN on public Wi-Fi and avoiding giving personal info on cellular networks; and advises changing passwords and running antivirus scans if hacked.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
1. Contain the breach to prevent further access or theft of data. Isolate compromised systems.
2. Determine the scope of data exposure and who was impacted. Conduct an investigation.
3. Notify impacted individuals as soon as possible of the breach and what data was exposed. Provide guidance on next steps.
4. Offer identity protection services or credit monitoring to impacted individuals. Consider legal obligations for notification.
5. Review security measures and response plans. Patch vulnerabilities and strengthen defenses to prevent future incidents.
Computer Security and Safety, Ethics, and.pptxEigraEmliuqer
This document discusses several privacy and security issues related to information and technology. It covers topics like information privacy, electronic profiles, cookies, spam, phishing, spyware and adware, privacy laws, social engineering, employee monitoring, and content filtering. The key ideas are that personal information is often collected and shared without consent, there are risks of fraud and data theft online, and companies monitor employees' computer usage while also filtering content for inappropriate material.
This document discusses several legal and ethical issues related to e-commerce, including privacy and information rights, property rights, governance issues, and public safety concerns. It outlines India's Information Technology Act of 2000, which provides the legal framework for e-commerce and addresses cybercrime. Specific issues covered include security threats to e-commerce like hacking and viruses; legal issues involving incorporation, trademarks, and transactions; and the regulation of internet gambling. Ethical concepts around responsibility, accountability, and analyzing dilemmas are also examined.
The document discusses various methods of social engineering such as phishing, baiting, and ransomware that aim to manipulate people into divulging private information. It provides examples of common social engineering scams like phishing emails and explains how to identify potential scams and protect personal information. The document also offers advice on what to do if a social engineering attempt was successful, such as immediately contacting IT security and changing passwords.
Cyber safety refers to safely using the internet while protecting personal information. It is important to be aware of potential dangers like identity theft, where someone steals personal details to pose as another person online. Websites can track users using their IP address, browser history, cookies, and other methods to build profiles for targeted advertising. Users should practice safe browsing habits, use private browsing when possible, and adjust privacy settings to control what information is visible to others online to avoid identity fraud or privacy violations. Digital footprints created by all online activities are permanent, so caution is needed regarding what information is shared or posted.
Cyber24x7 Cybersecurity awareness slides to make users aware of company policies , information security issues , phishing emails etc. Well explained crisp information security slides covering 27001 awareness.
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Ähnlich wie Cybersecurity - Defense Against The Dark Arts Harry Potter Style (20)
AI Coding, Tools for Building AI (TBLC AI Conference)Brian Pichman
Embark on an engaging journey into the world of AI coding with Brian Pichman from the Evolve Project. This advanced track offers participants hands-on experiences in coding AI, blending theory with practice. Explore the latest games/gadgets/gizmos designed to educate and enhance skills in coding alongside AI. This session is perfect for those who are curious about what's it take to code AI and learn about cutting-edge developments in AI technology
Building Your Own AI Instance (TBLC AI )Brian Pichman
Join Brian Pichman from the Evolve Project in an enlightening session focusing on the creation of a building your own AI chatbot. This advanced track delves into the practical aspects of utilizing the OpenAI API alongside other innovative software products. Participants will gain invaluable insights into the processes and technologies involved inbuilding a custom AI instance. This track is ideal for those seeking adeeper understanding of AI integration and personalization in the realm. of conversational AI.
CyberSecurity - Computers In Libraries 2024Brian Pichman
Protecting privacy and security while leveraging technology to accomplish positive change is becoming a serious challenge for individuals, communities, and businesses. This workshop, led by expert leaders and practitioners, covers personal and organizational privacy as well as top security issues for libraries and their communities, especially the implications of AI. If you don’t have a security plan in place, are unsure of where to even start to make sure your library is secure, or have an existing plan in place but want to cross your T’s and dot your I’s, come to this interactive workshop.
AI Workshops at Computers In Libraries 2024Brian Pichman
While AI holds tremendous potential for libraries, it also comes with significant concerns and the potential for harm. We find ourselves sailing uncertain waters; there are few guardrails governing AI's use. Even as we acknowledge this truth, we must also note that library staff are already experimenting with the use of AI chatbots (most commonly ChatGPT), generative AI design tools (like Midjourney), and other variations of AI technology. In short, we have great potential, pitfalls, and a total lack of clarity. It is only through the thoughtful development of policy, procedure, and professionals that we can hope to articulate a vision for the ethical use of AI in our libraries. Join this conversation about new disruptive technology, take a deep breath, and get to work laying a foundation of policy guidelines and staff development to navigate the uncertain road ahead.
This interactive and hands-on workshop allows you to play and experiment with new tools which will spark ideas for the future of your library and community activities. It focuses on OpenAI’s API and how to get started building personalities in AI. It explores various tools to create AI images, videos, and more. Filled with tips, it will definitely be fun!
Community Health & Welfare: Seniors & Memory CareBrian Pichman
Memory care is becoming a huge topic in libraries around the world. How do we support seniors and their caregivers affected by conditions such as Alzheimer's or dementia? This session explores tools, tips, and program ideas to enable your library to include these groups and empower them to use the library in a safe and inviting way.
Robotics in Libraries - Education and AutomationBrian Pichman
Explore how robotics is reshaping various industries and how they may create new possibilities within library environments. This session explores a wide gambit of information — from the basic STEAM toys that can teach coding to industry-level equipment and their applications in libraries, including sorting systems, interactive learning companions, and assistive devices for patrons with disabilities. Gain insights into the benefits and limitations of robotics, and explore future trends in the field.
Key Points:
Overview of robotics technologies and their relevance to libraries.
Benefits and limitations of integrating robotics into library operations.
Various Edutech Products that teach robotics.
Future trends and possibilities for robotics in the library environment.
NCompass Live - Pretty Sweet Tech - Evolve ProjectBrian Pichman
Presentation for NCompass Live
Brian Pichman of the Evolve Project is the man behind the scenes, transforming how libraries engage with technology. Here at the Commission, he helped a lot with the Tech Kits Through the Mail. If you’ve gotten a kit from us, it’s because he tracks tech trends, works with tech gadget startups, and helps build solid strategies to connect communities with transformative technology.
Honestly, he’s helped me a lot over the years. But I can’t be selfish. I decided to share his expertise with you all! Turns out Brian does way more than I ever knew possible.
In this session we will get Brian talking about all the cool things he has going on:
Explore how his pilot programs of new games & gadgets are shaping the future of libraries through makerspaces, innovation spaces, and leading edge programming
Learn how Brian helps libraries embrace AI, VR and AR to revolutionize library services and enhance accessibility and engagement for all.
Discover his passion for open-source solutions to drive positive change, and his recent endeavors with ByWater Solutions, a leading provider of open-source library software.
Dig into his work with libchalk, a web hosting platform designed specifically to help libraries host digital content, websites, courses, and online resource libraries.
The real question is, what doesn’t he do? He can help your library too. Find out how.
AI tools in Scholarly Research and PublishingBrian Pichman
Discover how AI is revolutionizing research methodologies and publishing processes, making data analysis more efficient and streamlining academic workflows. This talk will cover the latest trends, challenges, and future opportunities of integrating AI in academia. Ideal for scholars, publishers, and tech enthusiasts aiming to stay ahead in the digital age. We will also explore new tools and how to build your own environments.
Tech Trends 2024 and Beyond - AI and VR and MOreBrian Pichman
Join Brian Pichman, the tech geek from the Evolve Project, in a
jolly tech-filled sleigh ride through the hottest trends that'll make
this holiday season merrier for librarians! From digital AI elves
to magical augmented reality, this fun-packed presentation will
unwrap the tech wonders that'll keep libraries ahead of the
game in the North Pole of innovation. Don't miss out on the
holiday cheer and the chance to sprinkle some digital snow on
your library's future!
Content Creation and Social Media Tools for LibrariesBrian Pichman
Discover the transformative role of Artificial Intelligence in shaping content creation and social media engagement within library environments. This presentation explores how AI-driven tools are revolutionizing the way libraries share information, curate content, and connect with their communities. Explore practical applications of AI in generating personalized content, automating social media interactions, and enhancing user engagement, all while maintaining the unique character of library services.
Key Points:
Tailoring library content through AI: Customized reading recommendations, curated lists, and more.
Amplifying outreach with AI-powered social media strategies, boosting community interaction.
Ethical considerations in AI-generated content for libraries: Striking the right balance.
Real-world examples of successful AI-driven library campaigns that foster engagement.
Collaborative possibilities: How libraries can work with AI to enhance user experiences.
Future prospects: Navigating the evolving landscape of AI and its integration in library services.
Artificial Intelligence (AI) – Powering Data and Conversations.pptxBrian Pichman
Uncover the potential of Artificial Intelligence in revolutionizing data analysis and enhancing conversational experiences within library contexts. This presentation explores how AI technologies are redefining data management, insights, and user interactions in libraries. Gain insights into how AI-driven data analysis can optimize collection management, resource allocation, and user engagement. Additionally, learn about the implementation of AI-powered conversational interfaces to provide seamless library support and guidance.
Key Points:
- Enhancing library data analysis: From catalog optimization to user behavior insights using AI.
- Leveraging AI to automate routine data-related tasks and enhance decision-making.
- Conversational AI in libraries: Creating virtual assistants and chatbots for user assistance.
- Merging human expertise with AI: Crafting effective user interactions in library services.
- Case studies showcasing libraries streamlining operations and enriching user experiences through AI.
- Future horizons: The evolving role of AI in data management and personalized library interactions.
Join Brian Pichman from the Evolve Project as he shares a new strategy he hopes libraries adopt to strengthen their connection with themselves, their team, and the community. By setting up a 40 Day Challenge (and yes challenges will be shared in this presentation) you can take yourself and your library to a whole new level of librarianship.
NCompass Live: AI: The Modern Day Pandora's BoxBrian Pichman
Artificial intelligence (AI) has brought many opportunities but also challenges and ethical concerns, similar to Pandora's box. The document discusses AI applications and implications, exploring how AI can be used as a force for good or fall short. It also examines industries adopting AI and strategies for responsible integration of AI. The key topics are the multifaceted nature of AI, ethical questions around AI, and how AI can both help and potentially harm individuals and society.
AI can help digest information efficiently, develop creative solutions to complex problems, & more. We will explore using hands-on tools that can be used by marketing teams, tech teams, & more. We will break down what AI is, how it works, & some limitations or challenges.
Join Brian Pichman and his Consumer Electronic Show (CES) recap. CES is the ultimate tech conference that unveils the latest and greatest in tech gadgets and gizmos. Brian will share his findings of the next must-have technology announced at the event, along with some library partnerships that can help evolve your library’s maker spaces. Learn more about tech trends such as AI, Metaverse, Robotics, and more with some hands-on time with the latest and greatest gadgets.
By now, most people have heard of ChatGPT as a conversational AI that can create conversations and answer questions. This flashy technology has helped introduce AI to the masses, yet this type of conversational AI has been around for almost a while in various formats. This session shows some of the less-known things you can do with AI, such as creating content for your blog/website, creating videos, generating marketing material, tweets, and more. Brian Pichman of the Evolve Project will share some access to technology to let participants play and create AI content to bring back to their library.
STEM Programming Ideas at the Library.pdfBrian Pichman
With all the latest gadgets, gizmos, and everything in between, what are the latest programming ideas within library spaces? How can we use AI in different ways to engage our community? What about low costs or low-tech opportunities? Join Brian Pichman of the Evolve Project as he highlights some awesome programming ideas that you can implement within your library spaces! Bring in more patrons, build more collaboration, and improve your community outreach with some out-of-the-box STEM activities that really get your creative minds flowing.
Getting Started With Using AI In Libraries (PLAN)Brian Pichman
This document provides an introduction to artificial intelligence (AI) concepts. It discusses what AI and machine learning are, common applications of AI today, and considerations around its development and use. The document aims to explain AI in an accessible way for newcomers to understand its potential impacts and how it is already integrated into many technologies and industries.
1. The document discusses different programming languages that could be taught in a coding program, including older languages like Cobolt and more modern languages like HTML, PHP, C++, and Python.
2. It covers the importance of coding for job opportunities, building useful tools, and technological advancements that rely on code.
3. The document provides an overview of coding basics like variables, arrays, operators, flow control, and functions to help understand commonly used coding concepts and terms.
Join Brian Pichman and his Consumer Electronic Show (CES) recap. CES is the ultimate tech conference that unveils the latest and greatest in tech gadgets and gizmos. Brian will share his findings of the next must-have technology announced at the event, along with some library partnerships that can help evolve your library's maker spaces.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
7. Cloak of Invisibility
Top reasons why people want to hide their IP address:
1. Hide their geographical location
2. Prevent Web tracking
3. Avoid leaving a digital footprint
4. Bypass any bans or blacklisting of their IP address
5. Perform illegal acts without being detected
8. Onion Routing, Tor Browsing
• Technique for anonymous communication to take place over a network.
The encryption takes place at three different times:
• Entry Node
• Relay Node
• Exit Node
• Tor is made up of volunteers running relay servers. No single router knows
the entire network (only its to and from).
• Tor can bypass internet content filtering, restricted government networks
(like China) or allow people to be anonymous whistle blowers.
• Tor allows you to gain access to “.onion” websites that are not accessible
via a normal web browser.
• Communication on the Dark Web happens, via Web, Telnet, IRC, and other
means of communication being developed daily.
9. Cloak of Invisibility
• How to hide yourself?
• Private VPN
• You want a TOTALLY anonymous service.
• Look for one that keeps no log history (Verify via reviews)
• Look at Bandwidth & Available Servers
• Recommendations:
• Private Internet Access (PIA)
• TorGuard VPN
• Pure VPN
• Opera Web Browser
• Avast AntiVirus (SecureLine)
• Worst Case: Free WIFI
11. Free WiFi
• Sometimes a good alternative if
you need to do something
anonymously
• Nothing is ever 100% anonymous
• Some public wifi does track
websites you access, what you
do, etc.
• Make sure your computer name
you are using doesn’t include your
actual name
12. Best Tips and Practices for being Anonymized
Do
• Use a device that you’ve never
signed into anything ”personal
on”.
• Pro Tip: buy a computer from a
Pawn Shop or Garage Sale
Don’t
• While on a VPN or any other
anonymous tool; don’t sign into
personal accounts (banks, social
media, etc).
• If posting, don’t use anything
that could be associated to you
13. Easy Wins for Privacy
• 10 Minute Email
• https://10minutemail.com/
• Temporarily get an email box that’s anonymous and disappears after 10
minutes
• Dr Cleaner (Mac) or Eraser (Win) can overwrite files on your
computer with “blank” data to make file recovery near impossible.
• Tools like Recuva is free softwares to allow you to restore deleted files.
14. What People Pay For Your Data
• https://www.fortinet.com/blog/industry-trends/the-true-value-of-
data.html
• Credit Card Numbers: 50 cents to 2.50 per card.
• Bank Account Information (logins/information): $1.00 to $70
• Medical Records: $10-$20
21. Tools For Use
• Sites to protect yourself all the time (not free)
• IdentityGuard.com
• LifeLock.com
• Sites to monitor when breached data gets related (this is free)
• Haveibeenpwned.com
• Password Management Sites (like lastpass.com)
• Don’t have the same password for all your sites.
• Don’t write your passwords down on a post-it-note and leave it at your desk
25. Credit Card Tools for Online Shopping
• Check out Privacy.Com
• https://privacy.com/join/473XB
26. Basic Tips
• Accept only people you know to personal and professional accounts
• Never click on links from people you don’t know.
• Especially if they are using a url shortner: bit.ly, tinyurl.com, etc
• https://www.urlvoid.com/ - test the website to see if its safe
• https://www.site-shot.com/ get a screenshot of what will load on site
• If there are people claiming to be you on social media, it’s best to get
your account “verified” on those social media platforms
• This lets users distinguish that you’re the actual official account
• Dual factor authenticate all of your social media logins
27. Checking Your Accounts / Name Online
• Use this site to check your usernames: https://namechk.com/
• The next is a tool searches through your email with things you may
have signed up for (I've paid for their premium service as well, not
really worth it, the free does just
fine) https://brandyourself.com/privacy-overview.
• This tool: https://email-lookup.online/index.php searches public
searches to see what links. Its similar
to https://www.spokeo.com/email-search.
28.
29. Myths
• I’m/my university not worth being attacked.
• Hackers won’t guess my password.
• I/we have anti-virus software.
• I’ll/we know if I/we been compromised.
30. Understanding Breaches and Hacks
• A hack involves a person or group to gain authorized access to a
protected computer or network
• A breach typically indicates a release of confidential data (including
those done by accident)
• Both of these require different responses if breaches/hacks occur.
31. The Costs Of Breaches
• This year’s study found the average consolidated total cost of a data breach
is 4.45 Million – Ones that use AI save 1.76 Million
https://www.ibm.com/reports/data-breach
• Data Breached Companies Experience…
• People loose faith in your brand
• Loss in patrons
• Financial Costs
• Government Requirements,
Penalties, Fees, etc.
• Sending of Notifications
• Payment of Identity Protection or
repercussions.
https://betanews.com/2016/02/10/the-economic-cost-of-being-hacked/
32.
33. You as a Organization - Obligations
• You are obligated to protect the data and privacy of:
• Employees
• Customers
• Business Partners/Vendors/Etc.
• Sometimes, we forget we house a lot of personal and identifying information about our employees and
customers.
• Employees Social/Payroll/HR
• Customer Records/Accounts/History
• What employees/customers are accessing on the web
• A sniffing tool, key logger, or fake DNS redirects can monitor not only the sites people are accessing but what they use
for their username / password
34. Steps – Communication and Speed!
• Communicate
• People will ask “How long did you know XYZ happened” - know this information before communicating to them
an attack occurred.
• If you discover a breach, hack, or any other compromise that may have the impact of data being stolen or
viewed, you MUST communicate quickly and effectively.
• While every scenario is different and has different factors – groups that move faster with the information they
know (as soon as they know it) they are generally better off long term (ie don’t’ wait months as you “investigate”
the issue. Give people time to protect themselves)
• Don’t over communicate and have one spokesperson
• Be clear and concise. Too many details can be harmful.
35. Other Points on Communication
• Once you know a breach has occurred, by law you are required to
inform customers if their data has been compromised.
• Some states have deadlines of when the announcement has to be made
• Every impacted person must be told that a data breach has
occurred, when it occurred, and what kind of information was
compromised.
• Answer: what are you doing to provide a remedy and should they do
• (next slide)
36. what are you doing to provide a remedy and should they do
You as the Organization
• Build a website with information
about the breach
• Offer a Toll Free number people
to call in for questions
• If the possibility of social
information provide contact
information for Equifax, Experian
and Transunion, and the quick
links for fraud protection.
Them as Impacted Parties
• Fraud Protection (if necessary)
• Request them to change their
passwords if their password was
compromised
• Highlight if they use this password
on OTHER sites to change those
passwords too
37.
38.
39. Step 2 - Investigate
• You will most likely need to hire an outside cyber security
firm – they have the tools and resources to track what might
have been stolen and who stole it.
• Solve which computers and accounts were compromised, which
data was accessed (viewed) or stolen (copied) and whether any
other parties – such as clients, customers, business partners, users,
employees. Was the stolen data encrypted or unencrypted?
• Also involve folks from the people you pay for services
(depending on where the breach occurred) such as ISPs, Web
Hosting Providers, Security Software, Firewall Vendors, etc.
• Contact your local, county or state police computer crimes
unit and the FBI, which can do forensic analyses and provide
valuable guidance
40. Step 3 – More Communication and Follow Up
• If you notify more than 500 impacted people from a breach, many
states will also require you to file a notice with your state attorney
general’s office.
• HIPPA, FERPA, CIPA, and all those other scary acronyms have requirements
and regulations – make sure none of those rules are violated.
41. Legal Stuff
• There are a lot of laws that help a
certain level of security standards.
The landscape of these laws is
evolving as the level of threats
increase.
• There is compliance standards that
organizations should reach for
security as well – as a precaution and
preventive measure to mitigate risk.
• The ISO/IEC 27000 family of standards
helps organizations keep information
assets secure.
• https://www.iso.org/isoiec-27001-
information-security.html
46. Spells:
• Man in the Middle
• Sitting between a conversation and either listening or altering the data as its sent
across.
• DNS Spoofing (https://null-byte.wonderhowto.com/how-to/hack-like-pro-spoof-dns-
lan-redirect-traffic-your-fake-website-0151620/) set up a fake website and let people
login to it.
• D/DoS Attack (Distributed/Denial of Service Attack)
• Directing a large amount of traffic to disrupt service to a particular box or an entire
network.
• Could be done via sending bad traffic or data
• That device can be brought down to an unrecoverable state to disrupt business
operations.
• Sniffing Attacks
• Monitoring of data and traffic to determine what people are doing.
47.
48. BackTrack can get you ALOT
• BackTrack was a Linux distribution that focused on security based on
the Knoppix Linux distribution aimed at digital forensics and
penetration testing use. In March 2013, the Offensive Security team
rebuilt BackTrack around the Debian distribution and released it
under the name Kali Linux.
https://en.wikipedia.org/wiki/BackTrack
57. Increases Efficiency
• Having a security policy allows you to be consistent in your approach
to issues and how processes should work.
• It should outline how and what to do, and repeatable across your
organization.
• Everyone is doing XYZ the same way and on the same page.
58. Accountability, Discipline, and Penalties
• Think of it as a contract – for legal purposes – that you have taken the steps
needed to secure your organization.
59. Education For Employees
• By reading these policies (and signing them), it helps educate
employees (and users) the sense of ownership for assets and data.
• Everything from advice on choosing the proper passwords, to
providing guidelines for file transfers and data storage, internet access
and rules, will help to increase employees’ overall awareness of
security and how it can be strengthened
60. Addresses Threats and Risks
• A good policy should address all threats, strategies to decrease the
vulnerabilities of those threats, and how to recover if those threats
became actionable.
• This makes the “what do we do if someone hacks our network” a
defined process already and who to call and what to do to mitigate
further damage.
61. Access Definitions and Permissions
• A good policy would outline who accesses what and why. This makes
reporting a security violation easier and streamlined.
• Policies are like bouncers at a night club
• It states who has access to the VIP section of the club, why, and any reasons
to allow entry.
• Without these rules, VIP wouldn’t be really VIP.
63. Types of Policies
• Organizational (or Master) Policy
• Serves as the foundation or blueprint for the whole organization’s
security policy. It is a strategic plan for how to implement and
maintain security throughout the organization.
• Think of it as a high-level document that includes the vision,
objectives, scope, and expendabilities.
• System-specific Policy
• Is usually concerned with a specific system (such as an ILS) or
computer system. It is meant to outline the approved software,
hardware, and methods to secure that system.
• Issue-specific Policy.
• These are more detailed and focused on a functional aspect of a role,
process, or procedure. This helps detail the required levels of security
as well as instructions for staff (and patrons) to abide by to achieve this
level.
64. To Include
• Security Standards
• Outline the rules, instructions, and actions required to meat the goals and
objectives.
• These can be tied to laws or regulations
• Baselines
• Identify the minimum level of security required – and everything must comply
to that minimum. Exceptions should be minimal if nonexistent. Evaluations
or audits must be routinely done – ideally by a third party consultant or a
security team.
• Guidelines
• Practical instructions and recommendations to meet the standards and
baselines. Usually written as operational guides.
• Procedures
• Usually documented in an appendix. A security policy at a high level contains
general directives, the procedure is very detailed and illustrates step-by-step
of how to do specific tasks.
65. Putting It Together
• Your security policy can include “maintain a malware-free computer
system”.
• The standard would be: all computers must have antivirus installed and
updated.
• The baseline states that the computer must be at minimum fully patched,
antivirus installed, updated within the last 7 days.
• Guidelines could be:
• Don’t open untrusted emails and attachments
• Don’t disable or hinder antivirus protection
• Procedure would document how to install the antivirus, how to maintain
updates, etc.
66. Types of Issue Specific Policies
• Change Management Policy
• What happens when a system is upgraded.
• Physical Security Policy
• Can you take company owned assets off network?
• Can your kids use the equipment?
• Email Policy
• What can be sent out? What can be downloaded?
• Internet Policy
• What can you access and why? What happens if something is blocked?
• Facebook – Allowed for Work? *Facebook can contain malicious links*
67. Must Have Policies:
• Media Disposal Policy / Data Retention Policy
• What do you do with old computer assets?
• How long do you back-up and retain “old” files
• Acceptable Use Policy (very common)
• The ”Do’s and Don’ts” of equipment/internet/etc.
• Access Control Policy (often part of new hire/term processes)
• Who has access to what, how is access controlled, how is access terminated /
created.
• Disaster and Recovery / Incident Response Plans
68. Policies on Websites
• Terms and Conditions
• What will be done with accounts, data, access information
• Privacy Policies and Cookies
• If you use Google Analytics you might want to call attention to it.
• IP Address logging?
• Links to third party websites – who is responsible?
69. Other Policies
• Training Process
• How do you do training on security, how frequently, what scores should there
be?
• Information
• How should information be protected and monitored?
• Vendors
• What kind of access is given to vendors. What is the “approval” process
70. Patrons!
• It’s important to put a policy in place and best practice for patrons –
to help limit liability on the library.
• At the end of the day, access to the internet and computer systems is
a privilege and not a right.
• Asset Usage and Internet Usage:
• Do’s and Don’ts – They have to agree and violations are met with restriction
of usage or removal of access.
• What happens if they use it for “illegal” purposes?
73. Why do People Attack?
• Financial Gain
• Stocks
• Getting Paid
• Selling of information
• Data Theft
• For a single person
• For a bundle of people
• Just Because
• Malicious
74. How to navigate and prevent wrong turns
• Who are the people we’re
trying to avoid?
Hacker Groups
• Lizard Squad. ...
• Anonymous. ...
• LulzSec. ...
• Syrian Electronic Army. ...
• Chaos Computer Club (CCC) ...
• Iran's Tarh Andishan. ...
• The Level Seven Crew. ...
• globalHell.
75. So what Do You Need to Protect?
• Website(s)
• All Stored PII Data
• Employee Computers
• And what they do on them
• User Computers
• And what they do on them
• Network
• And what people do on them
• Stored Data, Files, etc.
• Business Assets
• Personal Assets
• ….anything and everything that is plugged in…
76. Outside
• Modem Router Firewall
Switches
• Servers
End User
• Phones
• Computers
• Laptops
77. Outer Defenses (Routers/Firewalls)
• Site to Site Protection
(Router to Router or Firewall to
Firewall)
• Encrypted over a VPN Connection
• Protection With:
• IDS
• IPS
• Web filtering
• Antivirus at Web Level
• Protecting INBOUND and OUTBOUND
78. Unified Threat Management
• Single Device Security
• All traffic is routed through a unified
threat management device.
79. Areas of Attack On Outer Defense
External Facing Applications
• Anything with an “External IP”
• NAT, ONE to ONE, etc.
• Website
• Custom Built Web Applications
or Services
Internal Applications
• File Shares
• Active Directory (usernames /
passwords)
• User Records
• DNS Routing
• Outbound Network Traffic
• Who is going where
82. IT Admin Tricks for Security
• Administrative Accounts are easy to figure out if they
are something like “administrator” ”root” or “power
users”. At the same time, no employee should have
their account as a full admin.
• Instead, give them their own username for admin access (like
brian.admin)
• Change the default “login” pages for sites to something
that’s not www.mysitename.com/login. Bots look for
this and attack.
• My Drupal Site login page is www.evolveproject.org/catpower
• User Awareness is key to any secure organization. Teach
users how to identify potential threats and how to
respond quickly.
• Avoid shared accounts. One account should only be
used by one person.
83.
84. Updates, Patches, Firmware
• Keeping your system updated is important.
• Being on the latest and greatest
[software/update/firmware] isn’t always
good.
• Need to test and vet all updates before
implementation
• If you can – build a dev environment to
test and validate.
85. Casper Suite / JAMF - https://www.jamf.com/products/jamf-pro/
88. Protecting End Devices
• Protecting Assets
• Business Assets
• Thefts
• Hacking
• Personal Devices
• Security Risk
• Usually pose an INBOUND threat
to your network
89.
90. Dual Factor is the Patronus of Spells
It helps guard your account with one extra layer of protection
against the strongest of dark forces
91. Passwords
• Let’s talk about
Passwords
• Length of Password
• Complexity of
password
requirements
• DO NOT USE POST IT
NOTES
92. Advance Cyber Protection Tools
• MDR / NDR Solutions (Managed Detection Response / Network
Detection Response)
• Network detection and response (NDR) products detect abnormal system behaviors
by applying behavioral analytics to network traffic data.
• Security information and event management, SIEM for short, is
a solution that helps organizations detect, analyze, and respond
to security threats before they harm business operations.
101. Identifying Threats
• “Act of God”
• Tornado, Flood, Fire
• ”Act of Evil”
• Break-ins, Hacking, Physical Damage, Viruses
• “Act of Error”
• Accidental Deletions, Hardware Failure, Software Glitches
• Loss of Services (could be caused by above)
• Internet, Power, Heating/Cooling, Phone, Building Issues
102. Recoverable Risks
• Risks with Provided Services:
• Internet
• Phone
• Power
• Risks with Created Data
• Corruption
• Loss
• Risk with Owned Systems
• Errors or Corruption
• Failure or Loss
103.
104.
105.
106.
107. A Good recovery plan includes
• Monitoring
• Systems need to be actively monitored
• Recoverable Backups and Systems
• Systems need to have data backed up
• Redundancy
• Systems need to be redundant to mitigate risk of device or service failure,
having failover devices and services is important to ensure uptime.
• TESTING
• I’m going to say this a few times.
108. A Disaster Plan Is About
• Ensuring Redundancy and Recovery
• Planning and Preparation:
• Risk Management
• Risk Assessment
• Risk Mitigation
• Business Continuity
• If a Disaster Occurs:
• Response
• Relief
• Recovery
• Restoration
109. ISPs
Modem Firewall Switches
Servers
Computers
Modem Most latest gen firewalls are able to
handle two internet connections and
“round-robin” and do “failover”
Usually pick two different mediums:
Cable
Telephone
Satellite
…
Having two different internet connections across two
different modems will help mitigate risk of a Service
Provider Failure
Other considerations include hardware failure and
redundancy. Having a spare firewall (or using two firewalls
to load balance) can help mitigate risk.
110. Data Is Expensive
• Financial Records for 7 years
• SOX ( Sarbanes–Oxley Act of 2002 )
• Cost of a “data record”
• On average, the cost of such a record containing healthcare information is
$363 (and also employee records are known to be this much if including social
information
• At the end of May 2015, the Ponemon Institute released its annual “Cost of
Data Breach Study.” Researchers estimated that the average cost of each lost
or stolen record containing sensitive and confidential information was $154.
• Verizon has the concept from a per-record perspective, claiming an average
cost of just 58 cents for each lost or stolen file.
111.
112. What can Happen to My Data?
• It can be corrupted!
• Someone makes changes to a file. Accidental deletion, purposeful
manipulation, script goes rouge.
• Can impact system performance
• It can be lost!
• Server goes down, disappears, etc.
• Spreadsheets, employee files, payroll, flyers, data about events
• Website Data, Catalog Data, Hosted Applications…gone!
• Email!
• Hardware failure
114. Monitoring Is Important
• Monitor your servers to prevent issues before they happen. Things to
monitor for:
• Network Drops (means it can be device failure or network issue)
• Temperature of Devices (prevent overheating)
• Server Processes (if a server is running to high for too long something could
be wrong)
• Storage Space (running out of space can corrupt an entire system)
• Memory Usage
• Database Errors
118. Test Your Plan
• Test Your Back Ups
• Do a recovery on a different server
to ensure accuracy and time how
long it takes to recover
• Test Your Redundancy
• Remove a network, server, and
determine if fail over occurs.
• Time these!
• Test Test Test.
121. AI and Cyber Security
• AI is making Phishing Attacks harder to spot -> since AI can clean up
grammar errors, make better call to actions, etc
• How will the use of Chat GPT, etc. impact Cybersecurity?
• How will AI affect libraries and their resources?
139. Setting It Up
• It’s simple, you will just want to update your router’s DNS entry
(or if you wanted, you can do this directly on the device you wish to
protect)
• 208.67.222.123
• 208.67.220.123
140. Your Wireless Router
• Have your wireless connection protected by a password to join
• Have your wireless password interface ALSO protect with a password
(that isn’t the default password either)
142. Email for Kids
• There are service providers that can help manage kid’s emails and
help protect them.
• Google has an option where you can manage a Google Account for
your child:
https://support.google.com/families/answer/7103338?hl=en
143. Apple iOS Parental Controls
• https://support.apple.com/en-us/HT201304
• https://www.apple.com/families/
149. What does HTTPS Do?
• HTTPS verifies the identity of a website and encrypts nearly all
information sent between the website and the user.
• Protected information includes cookies, user agent details, URL paths,
form submissions, and query string parameters.
• HTTPS is a combination of HTTP and Transport Layer Security (TLS).
• Browsers and other HTTPS clients are configured to trust a set
of certificate authorities that can issue cryptographically signed
certificates on behalf of web service owners.
150. What Doesn’t HTTPS Do?
• HTTPS has several important limitations.
• IP addresses and destination domain names are not encrypted.
• Even encrypted traffic can reveal some information indirectly, such as time
spent on site, or the size of requested resources or submitted information.
• HTTPS only guarantees the integrity of the connection between two systems,
not the systems themselves.
• It is not designed to protect a web server from being hacked.
• If a user’s system is compromised by an attacker, that system can be altered
so that its future HTTPS connections are under the attacker’s control.
151. Why HTTPS?
• Prevents Hackers from watching what you
do over the Internet
• Encrypts Data
• Keeps stuff private
• Keeps you safe
• Prevents people from tracking your
internet activity
• Unencrypted HTTP request reveals
information about a user’s behavior.
The HTTP protocol does not protect data from interception or alteration.
152. Small Library Wins
• How can a small library take a successful cyber security approach
• Use free open-source tools (OpenDNS for example)
• Free Trainings
• Ensuring things stay updated
Need to define penalties when violations occur. People need to know the consequences are for failure to comply – both from a legal and HR standpoint or even access permissions.
Policies and procedures provide what the expectation is and how to achieve that expectation. It should define what the consequence are for failure to adhere.
These are also the people that use TorBrowser as well to hide themselves
Infrastructure:
Network (Switches, Routers, Firewalls, Modem)
WiFi Network
VPN Connections
Servers (File Storage, Active Directory, Application Servers).
Phone System, Security System, Website, etc.
End Clients
End User PCs and other Peripherals
Copiers, Scanners, Printers
Software
HTTPS verifies the identity of a website or web service for a connecting client, and encrypts nearly all information sent between the website or service and the user.
Protected information includes cookies, user agent details, URL paths, form submissions, and query string parameters. HTTPS is designed to prevent this information from being read or changed while in transit.
HTTPS is a combination of HTTP and Transport Layer Security (TLS). TLS is a network protocol that establishes an encrypted connection to an authenticated peer over an untrusted network.
Browsers and other HTTPS clients are configured to trust a set of certificate authorities [2] that can issue cryptographically signed certificates on behalf of web service owners. These certificates communicate to the client that the web service host demonstrated ownership of the domain to the certificate authority at the time of certificate issuance. This prevents unknown or untrusted websites from masquerading as a Federal website or service.
What HTTPS Doesn’t Do
HTTPS has several important limitations. IP addresses and destination domain names are not encrypted during communication. Even encrypted traffic can reveal some information indirectly, such as time spent on site, or the size of requested resources or submitted information.
HTTPS only guarantees the integrity of the connection between two systems, not the systems themselves. It is not designed to protect a web server from being hacked or compromised, or to prevent the web service from exposing user information during its normal operation. Similarly, if a user’s system is compromised by an attacker, that system can be altered so that its future HTTPS connections are under the attacker’s control. The guarantees of HTTPS may also be weakened or eliminated by compromised or malicious certificate authorities.
Data sent over HTTP is susceptible to interception, manipulation, and impersonation. This data can include browser identity, website content, search terms, and other user-submitted information.