Managing Social Media Risks MAY 13, 2014

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Managing Social Media Risks MAY 13, 2014"

Transcription

1 NYBA 2014 Annual Technology, Compliance & Risk Management Forum Managing Social Media Risks MAY 13, 2014 Jerry Gagne, CPA, CISA Wolf & Company, P.C. Ryan Bell, CEO Gremln

2 Today s Agenda Intro to Social Media Benefits Risks Controls Software Solutions Questions

3 Social Media Sites

4 A little Confused?

5 Awesome

6 Sounding Board

7 social media USERS 225 MILLION 500 MILLION 1.11 BILLION 77% of Fortune 500 companies reported using social media for business in % of consumers say it s important to read user-generated content before making a decision about financial services 44% of millennials will not purchase insurance without referencing others' opinions

8 Social Media is an incredible marketing, customer service, & brand awareness tool 77% Using Social Media Promotes Trust Of Fortune 500 companies reported using social media in 2013 Social Media Helps you Listen to Customers Avoid Reputation Risk Through Social Media

9 70 % of customer questions on Twitter are being ignored 51 % WILL ONLY GIVE YOU ONE CHANCE 86% will stop doing business with your company because of bad service experiences 50% of social media users in the US expect a reply to their complaint within an hour, 24 hours a day. 1/3 of customers prefers social care to contacting a company by phone

10 Social Media Personal Benefits New Channel of Information Late breaking news Regulation updates Electronic Rolodex Personal Branding Networking

11 Social Media Corporate Benefits Improve customer satisfaction Recruit and retain talent Enhance Company brand awareness Strengthen connections and relationships Access expertise Help address negative publicity Notification tool when incidents occur

12 What are the costs of not participating CUSTOMER SERVICE REPUTATION CLIENT REACH SECURITY BREACHES

13 Social Media Risks Social Engineering (Phishing, etc.) Reputation Risk Strategic Risk Privacy Risk Compliance Malware & Tiny Urls

14 social ENGINEERING The clever manipulation of the natural human tendency to trust.

15 Not your traditional fishing! Phishing Spearphishing Whaling SMishing Vishing Twishing

16 Its not hard to fool us! I forward this file to you for review, please open and view it. 13 words that took down RSA Authentication World Wide

17 Case Study RSA Breach Information gathered on four specific employees Possibly through social media such as Facebook Specific, targeted s ( spear phishing ) sent to the employees Attached file 2011 Recruitment plan.xls contained a virus Virus exploited a vulnerability in unpatched Adobe Flash software Backdoor program installed on affected computers Compromised computers used to obtain critical data

18 Case Study Bin Laden s Video claiming Bin Laden s capture was posted on FB When users clicked on the link to the video, they were told to copy JavaScript code into their browser bar Automatically sent the hoax to their friends Gave hackers full access to their account

19 Case Study My Friend My friend joined a social network Hacker sent fake photo of himself (malware) My cousin clicked on photo which allowed malware to take control of computer including the web camera, online accounts, and contacts Captured video and pictures Attempted to extort $

20 Reputation Risk - Employees Should we encourage them to use tools such as: Facebook Twitter Linked Are they friending Clients Are they representing the organization poorly Are they unaware of who sees them

21 Employees using wrong account Microsoft briefly got political in September, when one of the people who manages its Twitter account dissed conservative talking head Ann Coulter from the Microsoft account, rather than from his personal account. Microsoft replied to a tweet from former U.S. labor secretary Robert Reich with the following post: your granddaughter s level of discourse and policy > those of Ann Coulter." Ouch.

22 Employees using wrong account When it comes to offensive tweets, KitchenAid takes the cake. After President Obama mentioned his grandmother during the first presidential debate in October, the kitchen appliance manufacturer responded by posting the following tweet to its 24,000 followers: "Obamas gma even knew it was going 2 b bad! She died 3 days b4 he became president. #nbcpolitics To the company's credit, it quickly removed the tweet and issued an apology, explaining that a member of the KitchenAid team had mistakenly posted it from the company account instead of from a personal handle.

23 Ooops

24 Strategic Risk Employee representing the organization poorly Partner integration Incorrect content Wasted $ Just using it as content sharing? Responding to your followers? Third party risks Typically due diligence on social media vendor is not performed (no say in contract) Breach response (no contract outlining vendor accountability or responsibility)

25 #McDStories: When A Hashtag Becomes a Bashtag Dude, I used to work at McDonald s. The #McDStories I could tell would raise your hair. (via Twitter) One time I walked into McDonalds and I could smell Type 2 diabetes floating in the air and I threw up. #McDStories (via Twitter) The promoted TT of #McDStories isn t going the direction I wanted it to go. Lots of weed stories and heart attack jokes. (via Paid Content) Ate a McFish and vomited 1 hour later.the last time I got McDonalds was seriously 18 years ago in college.. #McDstories (via Twitter)

26 When Ads go wrong CelebBoutique, an online store, posted a promotional tweet with the Aurora hashtag to take advantage of a trending topic. Unfortunately, the company's PR apparently did not take the time to read up on why Aurora was trending (mass shooting), so the tweet came off as incredibly insensitive.

27 Privacy Risk Information posted can be used in Social Engineering (Phishing, etc.) Date of birth Password hint information (what was your first job?) Accidental posting of information by customer Accidental or malicious posting of confidential information Social Media sites are hacked on a regular basis Default privacy settings Public, anyone, and everyone settings Connecting with everyone?

28 Compliance Risk FINRA Regulatory Notice Copyrights and fair use (don t steal someone else s image or content) Gramm-Leach Bliley Act and Data Security Guidelines Truth in Savings/Regulation DD and Part 707 Fair Lending Laws: Equal Opportunity Credit Act/Regulation B and Fai Housing Act Truth in Lending Act/Regulation Z Real Estate Settlement Procedures Act Fair Debt Collection Practices Act

29 Compliance Risk (Continued) Unfair, Deceptive, or Abusive Acts or Practices Deposit Insurance or Share Insurance Electronic Funds Transfer Act/Regulation E Rules applicable to Check Transactions CAN-SPAM Act and Telephone Consumer Act Children s Online Privacy Protection Act Fair Credit Reporting Act

30 HR Issues?

31 Malware and Tiny Urls Risk Social media sites are hacked Images, documents and links loaded with malware Users accounts are compromised Just because you know them and they are sharing content, should you click on that picture? Tiny Urls and user habits of clicking on them (where do these go?)

32 HOW DO YOU PARTICIPATE AND STAY Compliant? APPROVAL FILTRATION ARCHIVING MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2010 Wolf & Company, P.C.

33 If only he had

34 Controls Governance structure Policies & procedures Vendor due diligence Employee training Oversight & monitoring Audit and compliance functions Response

35 Governance Structure Governance Structure Identify roles and responsibilities Board of Directors or Senior Management direction Risk assessment Board reporting Effectiveness of social media program and is it meeting objectives

36 Policies & Procedures Clearly define how social media will be utilized Monitoring of use to ensure compliance with consumer protection laws, regulations and guidance Guidance on postings, edits, replies, and retention of these items Ensure that employees are trained or made aware of social media risks Companies continually looking to block social media sites Cannot stop home or phone use

37 Vendor Due Diligence Selecting and managing third-party service provider relationships You are not going to get much (no SOC reports) Contracts: it s on their terms, can t negotiate Focus on what you can do to mitigate the risks

38 Employee Training Most social media blunders are due to poor training and awareness Most employees don t necessarily understand the impact of their postings Training should include: Work related use Other use Define unacceptable use

39 Oversight & Monitoring Negative (or Positive?) comments Fake pages or websites promoting or advertising products inappropriately Regulatory compliance

40 Audit & Compliance Is social media included in your audit and compliance programs? Validate compliance with: Internal policies Applicable laws, regulations, and guidance

41 Response Update Incident Response plan to include social media problems such as: Negative comments or inappropriate postings E-Discovery and regulatory requirements Make sure to understand the viral nature of the Internet and how a simple mistake can lead to even more criticism (Dominoes Pizza ) Should social media be included as a way to communicate with customers during a disaster, DDoS, fraud alerts?

42 INTEGRATED marketing tools

43 HOW DO YOU save time?

44

45 HOW DO YOU STAY Organized?

46

47 HOW DO YOU MEASURE Success?

48

49 HOW DO YOU DETERMINE ROI? Follow the tweet to the sale!

50 New reality and bottom line You can choose not to use it (personally) but you have to embrace it (commercially) Your customers are taking about you and you can t hear them Regardless if you decide not to use it, your employees are communicating with it (about you?) And you can t hear them.

51 Resources Sample Social Media Policies: Best practices:

52

53

54 Resources (Continued) Lessons we can all learn from: 2012/#_ Regulatory guidance

55 Questions? Ryan Bell CEO GREMLN Gerald R. Gagne Member of the Firm Wolf & Company, P.C MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C.

Social Media and Banking #FFIECGuidance #CyberSecurity @ICBA

Social Media and Banking #FFIECGuidance #CyberSecurity @ICBA Social Media and Banking #FFIECGuidance #CyberSecurity @ICBA Maintaining Cybersecurity while Expanding Your Online Presence Agenda 1.Introduction 2.History & Statistics 3.Reader s Digest version of the

More information

Social Media: Risks and Rewards

Social Media: Risks and Rewards Social Media: Risks and Rewards Nilesh (Neal) Patel Member Frost Brown Todd LLC 3300 Great American Tower Cincinnati, OH 45202 513.369.4805 npatel@fbtlaw.com Linkedin.com/in/nealpatel1/ 2013 Frost Brown

More information

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C. Belmont Savings Bank Are there Hackers at the gate? 2013 Wolf & Company, P.C. MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C. About Wolf & Company, P.C.

More information

Social Media -Benefits and Risk. Western Carolinas IIA Chapter Meeting October 25, 2012

Social Media -Benefits and Risk. Western Carolinas IIA Chapter Meeting October 25, 2012 Social Media -Benefits and Risk Western Carolinas IIA Chapter Meeting October 25, 2012 Matt Thompson Managing Director, Advisory Services Grant Thornton LLP Introductions Matt Thompson Managing Director

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers. Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is

More information

Top 10 Tips to Keep Your Small Business Safe

Top 10 Tips to Keep Your Small Business Safe Securing Your Web World Top 10 Tips to Keep Your Small Business Safe Protecting your business against the latest Web threats has become an incredibly complicated task. The consequences of external attacks,

More information

Shannon Wilkinson Ask The Reputation Management Experts

Shannon Wilkinson Ask The Reputation Management Experts Shannon Wilkinson Ask The Reputation Management Experts By Zac Johnson October 8, 2013 at 11:00 am Shannon Wilkinson is an expert in the area of reputation management and public relations. Shannon knows

More information

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Lisa D. Traina, CPA, CITP, CGMA Lisa Traina utilizes her 30+ years of experience as a CPA, CITP and CGMA

More information

Social Media Guidelines

Social Media Guidelines MARKETING AND MEDIA RELATIONS Social Media Guidelines Emporia State University Last Updated: July 09, 2011 Introduction What is Social Media? Social media consists of web-based tools used to interact with

More information

Social Media- tips for use and development Useful tips & things to avoid when using social media to promote a Charity.

Social Media- tips for use and development Useful tips & things to avoid when using social media to promote a Charity. Social Media- tips for use and development Useful tips & things to avoid when using social media to promote a Charity. This is compilation of some of the advice and guidance found online to help organisations

More information

What you need to know to keep your computer safe on the Internet

What you need to know to keep your computer safe on the Internet What you need to know to keep your computer safe on the Internet Tip 1: Always install Operating System updates The most important steps for any computer user is to always install updates, especially security

More information

What are the common online dangers?

What are the common online dangers? ONLINE SECURITY GUIDELINES Internet Banking is convenient and times saving. You can do remittances, place online deposit and other transactions through online banking with the convenience and privacy of

More information

State of the Phish 2015

State of the Phish 2015 Introduction The threat is real Phishing continues to pose a growing threat to the security of industries of every kind from financial organizations to government contractors to healthcare firms. Though

More information

#socialmediarisk Social Media and Consumer Marketing for Financial Services Organizations

#socialmediarisk Social Media and Consumer Marketing for Financial Services Organizations #socialmediarisk Social Media and Consumer Marketing for Financial Services Organizations Social media has created significant opportunities for organizations to connect with their customers and the overall

More information

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have

More information

Are your people playing an effective role in your cyber resilience?

Are your people playing an effective role in your cyber resilience? Are your people playing an effective role in your cyber resilience? 01 Cyber attacks are now business as usual for organizations around the world. Organizations have typically trusted in technology to

More information

PCI Compliance for Healthcare

PCI Compliance for Healthcare PCI Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches happening?

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP

2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP 2010 AICPA Top Technology Initiatives Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP Georgia Society of CPAs Annual Convention June 16, 2010 About the Presenter Partner-in-Charge, Habif,

More information

Social Media the Legal Risks

Social Media the Legal Risks Social Media the Legal Risks Chris Holme Partner at Clyde & Co LLP Your source for professional liability education and networking. What are social media? web-based and mobile technologies that turn communication

More information

CYBERSECURITY: Is Your Business Ready?

CYBERSECURITY: Is Your Business Ready? CYBERSECURITY: Is Your Business Ready? Cybersecurity: Is your business ready? Cyber risk is just like any other corporate risk and it must be managed from the top. An organization will spend time monitoring

More information

WHITE PAPER The Five Step Guide to Better Social Media Security

WHITE PAPER The Five Step Guide to Better Social Media Security WHITE PAPER The Five Step Guide to Better Social Media Security A Hootsuite White Paper The Five Step Guide to Better Social Media Security A Hootsuite White Paper In 2013, not a single month went by without

More information

Jumping Safely on Board the Social Networking Train

Jumping Safely on Board the Social Networking Train Jumping Safely on Board the Social Networking Train Prepared by: Gary Sturisky, National Leader, Business Consulting, RSM McGladrey, Inc. gary.sturisky@mcgladrey.com Rob Kastenschmidt, National Leader,

More information

Guidelines of Proper Use of Social Media for State of Vermont Government. State of Vermont

Guidelines of Proper Use of Social Media for State of Vermont Government. State of Vermont Guidelines of Proper Use of Social Media for State of Vermont Government State of Vermont Introduction With the increasing popularity of social networking sites, both personally and professionally, the

More information

CYBERSECURITY HOT TOPICS

CYBERSECURITY HOT TOPICS 1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com

More information

WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper

WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk A Hootsuite & Nexgate White Paper Mapping Organizational Roles & Responsibilities for Social Media Risk Executive Summary

More information

The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015.

The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015. The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015. By completing this module and the quiz, you will receive credit for CW 170, which is required

More information

Social Media Creating an Approach That Will Bring You More Business

Social Media Creating an Approach That Will Bring You More Business 2016 National Congress & Expo For Manufactured and Modular Housing Social Media Creating an Approach That Will Bring You More Business Sponsored by: Presented by: Beth Monicatti-Blank All Season Communications

More information

HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR. Chris Apgar, CISSP

HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR. Chris Apgar, CISSP HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR Chris Apgar, CISSP 2015 OVERVIEW Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right

More information

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015 Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders

More information

Thinking About Your Business Reputation Management

Thinking About Your Business Reputation Management Thinking About Your Business Reputation Management You are probably being solicited by a number of reputable firms offering to help you with your Brand Reputation Management (BRM). Most often, when you

More information

Security within a development lifecycle. Enhancing product security through development process improvement

Security within a development lifecycle. Enhancing product security through development process improvement Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web

More information

Phoenix Information Technology Services. Julio Cardenas

Phoenix Information Technology Services. Julio Cardenas Phoenix Information Technology Services Julio Cardenas Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous

More information

Security Awareness for Social Media in Business. Scott Wright

Security Awareness for Social Media in Business. Scott Wright Security Awareness for Social Media in Business Scott Wright Security Perspectives Inc COUNTERMEASURE 2012 10/29/2012 Copyright 2012. Security Perspectives Inc. 1 10/29/2012 Copyright 2012. Security Perspectives

More information

You are the weakest link! Presented by Michael Hammond, CISA, CRISC, CISSP, C EH Director, IT Audit & Security O Connor & Drew P.C. mhammond@ocd.

You are the weakest link! Presented by Michael Hammond, CISA, CRISC, CISSP, C EH Director, IT Audit & Security O Connor & Drew P.C. mhammond@ocd. You are the weakest link! Presented by Michael Hammond, CISA, CRISC, CISSP, C EH Director, IT Audit & Security O Connor & Drew P.C. mhammond@ocd.com Agenda Why do we keep getting hacked? How are they doing

More information

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series Whitepaper Advanced Threat Detection: Necessary but Not Sufficient 2 Executive Summary Promotion

More information

Cyber Crime: You Are the Target

Cyber Crime: You Are the Target Cyber Crime: You Are the Target When talking about computer crime, we often hear the observation from computer users that they aren t rich and therefore what they have isn t worth much to a cyber criminal.

More information

DATA SECURITY HACKS, HIPAA AND HUMAN RISKS

DATA SECURITY HACKS, HIPAA AND HUMAN RISKS DATA SECURITY HACKS, HIPAA AND HUMAN RISKS MSCPA HEALTH CARE SERVICES SEMINAR Ken Miller, CPA, CIA, CRMA, CHC, CISA Senior Manager, Healthcare HORNE LLP September 25, 2015 AGENDA 2015 The Year of the Healthcare

More information

How to stay safe online

How to stay safe online How to stay safe online Everyone knows about computer viruses...or at least they think they do. Nearly 30 years ago, the first computer virus was written and since then, millions of viruses and other malware

More information

Welcome to the Protecting Your Identity. Training Module

Welcome to the Protecting Your Identity. Training Module Welcome to the Training Module 1 Introduction Does loss of control over your online identities bother you? 2 Objective By the end of this module, you will be able to: Identify the challenges in protecting

More information

Evaluating DMARC Effectiveness for the Financial Services Industry

Evaluating DMARC Effectiveness for the Financial Services Industry Evaluating DMARC Effectiveness for the Financial Services Industry by Robert Holmes General Manager, Email Fraud Protection Return Path Executive Summary Email spoofing steadily increases annually. DMARC

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1 Cal Poly PCI DSS Compliance Training and Information Information Security http://security.calpoly.edu 1 Training Objectives Understanding PCI DSS What is it? How to comply with requirements Appropriate

More information

OIG Fraud Alert Phishing

OIG Fraud Alert Phishing U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a

More information

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING By: Jerry Jackson Compliance and Privacy Officer 1 1 Introduction Welcome to Privacy and Security Training course. This course will help you

More information

Cyber Security Awareness. Internet Safety Intro. www.staysafeonline.org

Cyber Security Awareness. Internet Safety Intro. www.staysafeonline.org Cyber Security Awareness Internet Safety Intro www.staysafeonline.org 1 What is Cyber Security? Cyber Security is the body of technologies, processes and practices designed to protect from attack, damage

More information

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure Guide To Keeping Your Social Media Accounts Secure Social media is an integral part of the strategic communications and public affairs missions of the Department of Defense. Like any asset, it is something

More information

Eastern University Social Media Policy & Guidelines for Use

Eastern University Social Media Policy & Guidelines for Use Eastern University Social Media Policy & Guidelines for Use Office of University Relations August 2015 Table of Contents Eastern University and Social Media Personal Social Media Use How to Get Started

More information

White Paper: Social Media - The Dark Side

White Paper: Social Media - The Dark Side November 2010 White Paper: Social Media - The Dark Side by Elias Vamvakas President, BrandProtect a division of brandprotect Understanding the Value of a Social Media Risk Management Program As Social

More information

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET 2014 NSGA Management Conference John Webb Jr., CIC Emery & Webb, Inc. Inga Goddijn, CIPP/US Risk Based Security, Inc. Not just a big business problem

More information

Security Practices for Online Collaboration and Social Media

Security Practices for Online Collaboration and Social Media Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.

More information

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10) MIT s Information Security Program for Protecting Personal Information Requiring Notification (Revision date: 2/26/10) Table of Contents 1. Program Summary... 3 2. Definitions... 4 2.1 Identity Theft...

More information

Emerging Trends in Malware - Antivirus and Beyond

Emerging Trends in Malware - Antivirus and Beyond Malware White Paper April 2011 Emerging Trends in Malware - Antivirus and Beyond One need only listen to the news or read the latest Twitter and media updates to hear about cyber crime and be reminded

More information

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document

More information

Best Practices. for Social Media Marketing Success

Best Practices. for Social Media Marketing Success 10 Best Practices for Social Media Marketing Success In the evolving world of social media marketing, it can be hard for a time-starved small business or organization to keep pace and know what to do when

More information

Cybersecurity Workshop

Cybersecurity Workshop Cybersecurity Workshop February 10, 2015 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. 150 West Main Street, Suite 2100 Norfolk, VA 23510 (757) 624-3153

More information

Protect. Manage. Organize. Three Steps to a More Secure Digital Life

Protect. Manage. Organize. Three Steps to a More Secure Digital Life Protect. Manage. Organize. Three Steps to a More Secure Digital Life As you move more of your information online, here s how you can safeguard your assets, preserve your good name, and assist your family.

More information

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. 2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by

More information

What is Management Responsible For?

What is Management Responsible For? What is Management Responsible For? Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf & Company, P.C Regional

More information

SOCIAL MEDIA & bet-at-home.com

SOCIAL MEDIA & bet-at-home.com SOCIAL MEDIA & bet-at-home.com 1 WHY IS THERE A GUIDELINE? The time when the internet was only used for sending e-mails and surfing the web has come and gone. Facebook, Twitter, YouTube and so on, have

More information

Your online image makeover

Your online image makeover Day 1 article Your online image makeover Your online image How to monitor your reputation on social networks Skim any news website these days and you are likely to find a story about online privacy and

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Corporate Incident Response. Why You Can t Afford to Ignore It

Corporate Incident Response. Why You Can t Afford to Ignore It Corporate Incident Response Why You Can t Afford to Ignore It Whether your company needs to comply with new legislation, defend against financial loss, protect its corporate reputation or a combination

More information

Turn Your Social Buzz into a Loud Roar

Turn Your Social Buzz into a Loud Roar Turn Your Social Buzz into a Loud Roar 10 Strategies for Social Media Marketing Success 2011 Constant Contact, Inc. 11-2318 BEST PRACTICES Guide Social Media MARKETING In the evolving world of social media

More information

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY Mark Villinski @markvillinski Why do we have to educate employees about cybersecurity? 2014 Corporate Threats Survey 94% of business s suffered one

More information

REPUTATION MANAGEMENT. Opinions Really Do Matter 3. How Your Contracting Business s Reputation Affects Your Bottom Line 3. The Whole Kit & Caboodle 5

REPUTATION MANAGEMENT. Opinions Really Do Matter 3. How Your Contracting Business s Reputation Affects Your Bottom Line 3. The Whole Kit & Caboodle 5 Table " Contents Opinions Really Do Matter 3 How Your Contracting Business s Reputation Affects Your Bottom Line 3 The Whole Kit & Caboodle 5 Integrating Reputation Management into Your Home Improvement

More information

9/10/2011. Agenda. Social Media for HR Business Decisions

9/10/2011. Agenda. Social Media for HR Business Decisions September 2011 Social Media for HR Business Decisions Bill Balderaz Webbed Marketing September 2011 "HR is starting to act and behave like marketing. Everyone knows what HSBC and McDonald's business, but

More information

Practical guide for secure Christmas shopping. Navid

Practical guide for secure Christmas shopping. Navid Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security

More information

DEVELOPING A SOCIAL MEDIA STRATEGY

DEVELOPING A SOCIAL MEDIA STRATEGY DEVELOPING A SOCIAL MEDIA STRATEGY Creating a social media strategy for your business 2 April 2012 Version 1.0 Contents Contents 2 Introduction 3 Skill Level 3 Video Tutorials 3 Getting Started with Social

More information

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

Protect Yourself. Who is asking? What information are they asking for? Why do they need it? Protect Yourself Your home computer serves many purposes: email, shopping, social networking and more. As you surf the Internet, you should be aware of the various ways to protect yourself. Of primary

More information

MONTHLY WEBSITE MAINTENANCE PACKAGES

MONTHLY WEBSITE MAINTENANCE PACKAGES MONTHLY WEBSITE MAINTENANCE PACKAGES The security and maintenance of your website is serious business, and what you don t know can certainly hurt you. A hacked or spamvertised site can wreak havoc on search

More information

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering

More information

Top Attacks in Social Media

Top Attacks in Social Media Top Attacks in Social Media SESSION ID: HUM-F03A Gary Bahadur CEO KRAA Security @KRAASecurity 140 Characters of Pain What s the Problem with Social Media? No security strategies in place No enterprise-wide

More information

white paper Malware Security and the Bottom Line

white paper Malware Security and the Bottom Line Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware

More information

Security Awareness Campaigns Deliver Major, Ongoing ROI

Security Awareness Campaigns Deliver Major, Ongoing ROI Security Awareness Campaigns Deliver Major, Ongoing ROI CONTENTS 01 01 02 04 05 06 Introduction The Challenge Immediate Value Evaluating effectiveness Ongoing value Conclusion INTRODUCTION By this point,

More information

HIPAA Myths. WEDI Member Town Hall. Chris Apgar, CISSP Apgar & Associates

HIPAA Myths. WEDI Member Town Hall. Chris Apgar, CISSP Apgar & Associates HIPAA Myths WEDI Member Town Hall Chris Apgar, CISSP Apgar & Associates Overview Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right

More information

PCI Compliance: Protection Against Data Breaches

PCI Compliance: Protection Against Data Breaches Protection Against Data Breaches Get Started Now: 877.611.6342 to learn more. www.megapath.com The Growing Impact of Data Breaches Since 2005, there have been 4,579 data breaches (disclosed through 2013)

More information

OC Business Council Cybersecurity Task Force Meeting Online Fraud Update. April 2015

OC Business Council Cybersecurity Task Force Meeting Online Fraud Update. April 2015 OC Business Council Cybersecurity Task Force Meeting Online Fraud Update April 2015 2014 Experian Information Solutions, Inc. All rights reserved. Experian and the marks used herein are service marks or

More information

CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS. Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015

CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS. Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015 CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015 TODAY S PRESENTER Viviana Campanaro, CISSP Director, Security and

More information

Staying Safe.....on social media and online

Staying Safe.....on social media and online Staying Safe.....on social media and online What is this guide about This booklet is about how to keep safe when you are using social media and the internet. Some people get called names, are bullied or

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Software that provides secure access to technology, everywhere.

Software that provides secure access to technology, everywhere. Software that provides secure access to technology, everywhere. Joseph Patrick Schorr @JoeSchorr October, 2015 2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 1 Agenda What are we dealing with? How

More information

Social Media Risk Assessment. The Unique Alternative to the Big Four

Social Media Risk Assessment. The Unique Alternative to the Big Four Social Media Risk Assessment The Unique Alternative to the Big Four Overview of Social Media Agenda Why Use Social Media? Recent Guidance Executing a Social Media Risk Assessment 2013 Crowe Horwath LLP

More information

The 10 myths of safe web browsing

The 10 myths of safe web browsing Are you suffering from misconceptions about safe web browsing? You might think you re being safe, but with a newly infected webpage discovered every few seconds, it s next to impossible to stay up to date

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

The Human Component of Cyber Security

The Human Component of Cyber Security www.thalescyberassurance.com In this white paper Humans, their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions,

More information

Advice about online security

Advice about online security Advice about online security May 2013 Contents Report a suspicious email or website... 3 Security advice... 5 Genuine DWP contacts... 8 Recognising and reporting phishing and bogus emails... 9 How DWP

More information

CYBER SECURITY THREAT REPORT Q1

CYBER SECURITY THREAT REPORT Q1 CYBER SECURITY THREAT REPORT Q1 Moving Forward Published by UMC IT Security April 2015 0 U.S. computer networks and databases are under daily cyber-attack by nation states, international crime organizations,

More information

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3 Securing the Clicks: Network Security in the Age of Social Media Gary Bahadur Jason I nasi Alex de Carvalho Mc ssr New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan

More information

Effective IT Risk Management for Small Businesses

Effective IT Risk Management for Small Businesses Effective IT Risk Management for Small Businesses A Small Business Gets Some Lessons in IT Risk Management Although large and publicly traded companies often get the most attention, small, private, entrepreneurial

More information

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3 GLOBAL ADVANCED THREAT LANDSCAPE SURVEY 2014 TABLE OF CONTENTS Executive Summary 3 Snowden and Retail Breaches Influencing Security Strategies 3 Attackers are on the Inside Protect Your Privileges 3 Third-Party

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

The Leading Information Source for Financial Advisers

The Leading Information Source for Financial Advisers The Leading Information Source for Financial Advisers SOCIAL MEDIA IS NO LONGER OPTIONAL Unlike other industries that began experimenting with social media as it emerged, the wealth management business

More information

The Social Media Crisis Management Plan. HUBSPOT Social Media Crisis Management Plan

The Social Media Crisis Management Plan. HUBSPOT Social Media Crisis Management Plan The Social Media Crisis Management Plan 1 Introduction Uh oh. Something just got posted to your company s social media account that shouldn t be there. Now, commenters are jumping in posting criticism,

More information

Cyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined?

Cyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined? Cyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined? PRESENTED BY RICK SHAW, AWAREITY Webinar Objectives Employees (and third parties) are the weakest links Learn

More information

YOUR REPUTATION IS AT RISK! REPUTATION MANAGEMENT BECAUSE YOUR REPUTATION IS AT RISK! 727 479-2991. 0 P a g e

YOUR REPUTATION IS AT RISK! REPUTATION MANAGEMENT BECAUSE YOUR REPUTATION IS AT RISK! 727 479-2991. 0 P a g e 0 P a g e BECAUSE YOUR REPUTATION IS AT RISK! YOUR REPUTATION IS AT RISK! REPUTATION MANAGEMENT 727 479-2991 1 P a g e Table of Contents Online Reputation Management... 2 What is online reputation management?...

More information

43% Recognizing and mitigating human. vulnerabilities. of companies experienced a data breach in the past year. b l a c k f i n s e c u r i t y

43% Recognizing and mitigating human. vulnerabilities. of companies experienced a data breach in the past year. b l a c k f i n s e c u r i t y Recognizing and mitigating human b l a c k f i n s e c u r i t y vulnerabilities In cyber space today, there are numerous vulnerabilities, as well as threats, which need to be considered when securing

More information