Keeping Systems Current. How Can I Tell That My System Is Patched?
|
|
- Felicia Bryan
- 8 years ago
- Views:
Transcription
1 This quarter s Shield newsletter focuses on one of the foundations of good cyber safety keeping systems current and patched. Keeping Systems Current How Can I Tell That My System Is Patched? By Sam Adams - Cyber Security Administrator One of the easiest ways to protect your computer from malware is by simply having your computer patched and up-to-date. Most operating systems have processes in place to make sure this is done automatically and even tools that can identify any vulnerabilities in your system that may need to be patched. In the James Bond movie, Tomorrow Never Dies, one of the villain s henchmen reports that as planned, their software will be sold to the public full of bugs so the users will have to pay to upgrade in two years. In the real world, software bugs aren t added to increase revenue, they re present because little human mistakes in logic can accumulate into big programming glitches that allow the skilled attacker unintended access to data or programs. Software companies have moved from denying problems exist with their applications to refining their products before they reach the market. They now react quickly to programming errors by releasing revised versions of the errant codes in their programs so end users can patch them. Bad Guys and Bugs Since the beginning of computer programing, some users for fun or malice have tried to find ways to exploit buggy code to bend a program to their wills. Today s hackers exploit computer bugs to make millions using data stolen from users bank accounts and credit cards. They can carry out nationally-sponsored cyber-attacks against critical infrastructure targets like power generating plants or power transmission and distribution control systems. Cyber criminals even Why should you care? The bad guys have come up with increasingly more creative ways to attack and exploit the vulnerabilities of your system. Coupling that with an always-on Internet connection, your computer has a greater chance of being infected. With new security flaws in common applications being discovered every day, it is important to stay current with security updates designed to patch those security holes. If you are unsure of where to start, it is always a safe bet to have Automatic Updates enabled. Automatic Updates will automatically download and/or install critical updates to your computer. In the Windows Update site, you can also install less critical patches that the Automatic Updates do not cover. You can find these options by accessing the Control Panel (Windows) or System Preferences (Mac) and clicking the Security Center (Windows) and Software Update (Mac). There is a free tool offered by Microsoft, called Microsoft Baseline Security Analyzer (MSBA) that scans your Windows operating system, identifies any vulnerability the system may have and provides solutions to correct them. Continued on page 3
2 Keeping Systems Current continued from page 1 sell each other ways to exploit program flaws on illicit web sites. Cyber criminals command top dollar for flaws unknown to the software developers. Malicious programming that takes advantage of these obscure flaws is called a zero-day attack, named because software companies have zero days to prepare software patches to combat them. Zero-day attacks allow cyber criminals to install their software for weeks or months before their attacks are detected and patched. In response, some software companies now offer bounties for turning in zero-day bugs, hoping to entice the software bug hunters away from the dark side of coding these attacks. Rather than rely on employees to install their own patches, businesses have automated ways of receiving and installing patches to operating systems like Microsoft Windows, Apple OS X, and Linux, and major programs like Microsoft Office. These patches are delivered at least once a month and distributed via the corporate network. That way, any computers connected to a business network will keep their software up-to-date with the latest patches. Consequently, users should turn on seldom used computers to ensure that these patches are installed. The challenge for mobile computer users is to insure that their laptops are back in the office often enough to be patched so they aren t attacked when outside the company network. Home users should also be aware of the general monthly schedule followed by software vendors. Microsoft releases patches on the second Tuesday of every month, via a service called Windows Update. Apple OS X Macintoshes use a service called Software Update that can check weekly for patches. Linux distributions all have the same kind of updating service. Other software vendors may announce their patches via , but no one ever distributes software bug fixes via , since it is so easy for cyber crooks to disguise malicious software as a bug fix. MSRT is your friend The Microsoft MSRT (Malicious Software Removal Tool) is a monthly patch for Windows that removes malicious software (malware). Introduced in 2005, the MSRT has been highly successful in combating computer viruses and Trojan horses. It is available for all currently supported versions of Windows. While not intended to replace anti-virus products that keep malware from infecting a PC, it does fill a gap in detecting and removing some types of malicious software that Microsoft believes are widespread. If MSRT detects malicious software it quietly removes it. The next time someone logs into the computer as the computer administrator, a balloon notification will appear to tell the computer administrator that malicious software has been removed. Third Party Patches Software manufactured by someone other than the operating system vendor is called third party software. Examples of third party software include Adobe Reader, Adobe Flash, and various distributors of Java. Third party products usually depend on either voluntary patching where an update program tells a user a patch is available. Users frequently ignore these updates. A list of frequently exploited third-party programs as compiled by the computer security company Secunia is shown below. According to Secunia, the average PC user in the USA has 73 programs installed with 28 from Microsoft and the remaining 45 from third party vendors. Secunia has a list of the top ten vulnerable programs, of which only one is part of Microsoft Windows. Microsoft XML Core Services Sun Java JRE 1.6.x/6.x Adobe AIR 2.x Apple QuickTime 7.x Adobe AIR 3.x Adobe Flash Player 11.x Oracle Java JRE SE 1.7.x/7.x Adobe Reader X 10.x Adobe Shockwave Player 11.x VLC Media Player 2.x Check your PC to see if any of these are installed and then patch them.
3 Keeping Windows security software current In addition to checking a variety of security software settings, the Windows Security Center application and the Windows Action Center can help home users see if Windows Update is properly working and that your computers antivirus software is installed and updated. This includes the Microsoft Windows Defender, available with Windows 7 and Windows 8 default installations. The Windows Security Center is present in Windows XP SP2 and Windows Vista. Beginning with Windows 7, the Windows Security Center functions were rolled into the Windows Action Center. By default, these applications will present alerts on the task bar when a problem is encountered. How Can I Tell That My System Is Patched? Continued from page 1 The tools described above will check for patches associated with the operating system or programs closely associated to the operating system. There are other commonly used applications such as your Internet browser (Google Chrome, Mozilla Firefox, etc.), Java and Flash that could need patches, that these tools would not cover. Typically, these applications will notify you of any updates but there are tools out there that can manage all your applications in a single pane. Patching and updating your computer should not take the place of an anti-virus program. They should be used in tandem to increase the security of your system. Get reputable malware protection from a vendor you trust. If your PC came with an anti-virus product, consider renewing the subscription when it comes due. Or choose from a list of Microsoft partners who provide anti-malware software often for Windows, Macs, and Linux PCs at microsoft.com/ windows/antivirus-partners. Otherwise there are free alternatives for Windows, Mac OS, and Linux. For example, Microsoft Security Essentials offers free real-time protection against malware. Sophos provides a free Mac OS AV product called Sophos for the Mac, and the open source ClamAV can be used for Linux PCs. Windows Security Center The most important rule to remember when keeping your system up-to-date is to not ignore any notifications to patch your system. Patches typically deal with vulnerabilities that are widely known and it is best to take care of it as soon as possible. If you want to learn about how to best secure your computer, there are numerous articles on the Internet about this subject. Windows Action Center Sources: Bradley, Tony. "How Can I Keep My Computer Patched and Up To Date?" About.com Internet / Network Security. N.p., n.d. Web. 16 Sept
4 Cyber Security Our Shared Responsibility We all enjoy the benefits and convenience that cyberspace provides us as we shop online from home, bank online using our smart phones, or interact with friends through social networks. However, we need to remember that mobile devices have unique security challenges. For one thing, they are easy to misplace, potentially compromising any unencrypted sensitive data or applications stored on the device. How can you protect your mobile device? Use the same tactics you employ on your laptop, plus wireless protection. Restrict access to your home wireless network, by only allowing authorized users access to your network. When accessing the Internet from a Wi-Fi hotspot, assume there is no security at all, meaning avoid unfamiliar websites, and sites requiring you to log in. Keep your security applications up-to-date. Change any and all preconfigured passwords. Cyber Mobility Online Safety and Security Keep the anti-virus software on your mobile device updated. Always use caution when downloading or clicking on unknown links. Download only trusted applications from reputable sources or marketplaces Make sure when you log in to any financial sites, the URL reads " which means the site takes extra measures to help secure your information. Remember, " is not secure. Cyber Workforce Training Next Generation Leaders In 2013, you d be hard pressed to find many people who are truly computer illiterate. Perhaps they can t program in special languages, but they interact with computers on their cable boxes, gaming systems, phones, in cars, and even on many appliances in our homes. In fact, teenagers starting college in 2013 have always known flat screen televisions and have always been able to read books on electronic screens. That s encouraging for the future of cyber security. Kids are growing up with computers and understand security issues as one aspect in their overall technology education. If you feel like you need help in knowing the basics or explaining the concepts to your children, visit the StaySafeOnline web site. It contains age-appropriate resources for understanding cyber security. For the post-secondary learners, the Omaha area has three institutions designated by the National Centers of Academic Excellence in the study of Information Assurance. In Nebraska, the University of Nebraska at Omaha and Bellevue University earned that designation. In Iowa, Iowa State University owns that designation. Finally, if you need help determining what kind of training is available or needed for a cyber security position, the National Institute for Cybersecurity Careers and Studies offers many resources designed with for professional cyber security administrators. Everyone has to play a role in cyber security. Constantly evolving cyber threats require the engagement of the entire nation from government and law enforcement to the private sector and most importantly, from the public.
5 Cyber Security Our Shared Responsibility Cyber Crime New Faces on an Old Problem According to the Federal Communications Commission, theft of digital information has become the most commonly reported fraud, surpassing physical theft. Mobile technology accounts for some of the increase seen in reported fraud. As of 2011, global smartphone shipments exceeded personal computer shipments for the first time in history. Along with more wireless access, more wireless transactions are taking place. Their growing numbers make users targets for traditional security risks (e.g. viruses, spam, Trojans and worms) as well as sophisticated new forms of attacks. Like any kind of mobile device, the use of third-party and wireless networks and short-range networks like Bluetooth introduce additional vulnerabilities that must be mitigated to access the web safely. Wireless connectivity (sometimes advertised as a Wi-Fi hotspot) allows users to by-pass the secure Trusted Internet Connection (TIC) and connect directly to the Internet and other untrusted sources. Only connect to the Internet over secure, passwordprotected networks. Do not click on links or pop -ups, open attachments, or respond to s from strangers. Do not respond to online requests for Personally Identifiable Information (PII); most organizations banks, universities, companies, etc. do not ask for your personal information over the Internet. Password protect all devices that connect to the Internet and user accounts. Limit the amount of personal information you post. Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your friend posts information about you, make sure the information is something that you are comfortable sharing with strangers. Take advantage of privacy and security settings. Use site settings to limit the information you share with the general public online. Be wary of strangers and cautious of potentially misleading or false information. Critical Infrastructure Cyber Protection At OPPD, we take our responsibility to provide electricity to our customers seriously, very seriously. We know how expensive an outage can be for those without power. As recently as 2013, OPPD s Energy Plaza experienced a blackout along with many downtown Omaha businesses. Energy Plaza employees and downtown workers were unable to work. We understand the cost to business. At most OPPD locations, employees are seeing more and more regulations, requirements and training involving cyber security. It s not the latest management fad if that s what you re thinking. It s the result of previous security analyses of our nation s entire infrastructure. The 2013 outage resulted from an equipment failure, not a security problem. It was accidental. It is those outages caused by premeditated actions and intentional damage we need to improve our protection against. As recently as March of this year the U.S. Director of National Intelligence called the cyber security attacks tops on the list of threats facing the country. According to a classified US Department of Homeland Security (DHS) report, Chinese-linked cyber espionage campaigns targeted 23 US natural gas pipeline operators between December 2011 and June The companies were targeted through spear phishing attacks. OPPD employees play an instrumental role in the cyber defense for our utility. It s only a matter of time before some campaign is mounted against the national, regional or local electric grid. Following the prescribed security standards helps us keep our defense solid.
6 North American Electric Reliability Corporation (NERC) Quarterly Update OPPD s NERC CIP Cyber Security Policy CIP R1 OPPD s NERC CIP Cyber Security Policy represents OPPD s commitment and ability to secure NERC CIP related assets and cyber assets. As required by NERC, OPPD s NERC CIP Cyber Security identifies OPPD s responsibilities pertaining to security and compliance actions in relation to the following NERC CIP Requirements: Cyber Security - Critical Cyber Asset Identification, CIP-002 Cyber Security Security Management Controls, CIP-003 Cyber Security Personnel and Training, CIP-004 Cyber Security Electronic Security Perimeter(s), CIP-005 Cyber Security Physical Security of Critical Cyber Assets, CIP-006 Cyber Security Systems Security Management, CIP-007 Cyber Security Incident Reporting and Response Planning, CIP-008 Cyber Security Recovery Plans for Critical Cyber Assets, CIP-009 OPPD employees and contractors with authorized NERC CIP Access can locate a hard copy of the OPPD NERC CIP Cyber Security Policy in or around NERC CIP Physical Security Perimeters. For OPPD employees, the OPPD NERC CIP Cyber Security Policy is located on the Cyber Infrastructure webpage page of the OPPD intranet. Finally, all OPPD authorized personnel who have completed the required annual NERC CIP Security Training are required view and adhere to all requirements identified within the OPPD NERC CIP Cyber Security Policy. OPPD s NERC CIP Cyber Security Policy is annually reviewed and approved by OPPD s Vice President of Energy Delivery and Chief Compliance Officer, Mr. Mohamad I. Doghman. OPPD s Reliability Compliance Department recommends that all OPPD employees and OPPD contractors with authorized NERC CIP Access be familiar with this policy and to reference the policy for any questions or concerns there may be relation to OPPD NERC CIP assets and cyber assets. References: North American Electric Reliability Corporation (NERC) Cyber Infrastructure Protection (CIP) Standards: pa/stand/pages/cipstandards.aspx Midwest Reliability Organization: If you have any questions or require any additional information regarding this subject please contact Michael Nickels OPPD Reliability Compliance Specialist, manickels@oppd.com.
Cyber Crime: You Are the Target
Cyber Crime: You Are the Target When talking about computer crime, we often hear the observation from computer users that they aren t rich and therefore what they have isn t worth much to a cyber criminal.
More informationWhat you need to know to keep your computer safe on the Internet
What you need to know to keep your computer safe on the Internet Tip 1: Always install Operating System updates The most important steps for any computer user is to always install updates, especially security
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationIt s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions
It s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions Your home is your business and your farm is your network. But who has access to it? Can you protect
More informationComplete Patch Management
Complete Patch Management Complete - Flexible Unique In- Depth Secunia CSI 7 Corporate Software Inspector Take control of the vulnerability threat and optimize your IT security investments. The Secunia
More informationCyber Security. Securing Your Mobile and Online Banking Transactions
Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet
More informationBasic Computer Security Part 2
Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome
More information4/20/2015. Fraud Watch Campaign. AARP is Fighting for You. AARP is Fighting for You. Campaign Tactics. AARP can help you Spot & Report Fraud
AARP can help you Spot & Report Fraud Fraud Fighter Call Center: Talk to a volunteer trained in how to spot and report fraud. Call the Fraud Fighter Call Center at (877) 908-3360 Fraud Watch Campaign What
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationCyber Security: Beginners Guide to Firewalls
Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started
More informationCyber Security Beginners Guide to Firewalls A Non-Technical Guide
Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers Multi-State Information Sharing and Analysis Center (MS-ISAC) U.S.
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationBuilding a Business Case:
Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security
More informationReferences NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household
This appendix is a supplement to the Cyber Security: Getting Started Guide, a non-technical reference essential for business managers, office managers, and operations managers. This appendix is one of
More informationTracking Anti-Malware Protection 2015
Tracking Anti-Malware Protection 2015 A TIME-TO-PROTECT ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to measure
More informationPROTECT YOUR COMPUTER AND YOUR PRIVACY!
PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That
More informationMalware & Botnets. Botnets
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
More informationINTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org
INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationCyber Security Education & Awareness. Guide for User s
Cyber Security Education & Awareness Guide for User s Release Q1 2010 Version 1.1 CONTENTS 1. Introduction 2. Protection against Nasty Code 3. System Security Maintenance 4. Personal Firewalls 5. Wireless
More informationWhy The Security You Bought Yesterday, Won t Save You Today
9th Annual Courts and Local Government Technology Conference Why The Security You Bought Yesterday, Won t Save You Today Ian Robertson Director of Information Security Michael Gough Sr. Risk Analyst About
More informationNational Cyber Security Month 2015: Daily Security Awareness Tips
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
More informationDefense Media Activity Guide To Keeping Your Social Media Accounts Secure
Guide To Keeping Your Social Media Accounts Secure Social media is an integral part of the strategic communications and public affairs missions of the Department of Defense. Like any asset, it is something
More informationProtecting your business from fraud
Protecting your business from fraud KEY TAKEAWAYS > Understand the most common types of fraud and how to identify them. > What to do if you uncover fraudulent activity or suspect you are a victim of fraud.
More informationSpyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection JULY - SEPT 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationGUIDE TO KEEPING YOUR SOCIAL MEDIA ACCOUNTS SECURE
GUIDE TO KEEPING YOUR SOCIAL MEDIA ACCOUNTS SECURE Defense Media Activity TABLE OF CONTENTS PROTECTIVE MEASURES... 2 PREPARATION CHECKLIST... 2 IF YOU SUSPECT YOUR ACCOUNT IS COMPROMISED, THE FOLLOWING
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationCybersecurity Best Practices
Ten Essential Cybersecurity Best Practices Banking Business Employees Brought to you by: 1 Did you know? One in five small-to-medium-sized companies were the victims of cyber breaches in 2013.1 In 76%
More informationAVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com
AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationCBI s Corporate Internet Banking Inquiry Services gives you the ability to view account details and transactions anytime, anywhere.
Benefits & Features CBI s Corporate Internet Banking Inquiry Services gives you the ability to view account details and transactions anytime, anywhere. What can I do with Internet Banking? You can inquire
More informationPC Anti-Malware Protection 2015
PC Anti-Malware Protection 2015 A DYNAMIC ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness
More informationFirewalls and Software Updates
Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationNew York State Energy Planning Board. Cyber Security and the Energy Infrastructure
New York State Energy Planning Board Cyber Security and the Energy Infrastructure New York State Division of Homeland Security and Emergency Services Office of Cyber Security Office of Cyber Security Overview
More informationTMCEC CYBER SECURITY TRAINING
1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.
More informationBelmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.
Belmont Savings Bank Are there Hackers at the gate? 2013 Wolf & Company, P.C. MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C. About Wolf & Company, P.C.
More informationSTOP. THINK. CONNECT. Online Safety Quiz
STOP. THINK. CONNECT. Online Safety Quiz Round 1: Safety and Security Kristina is on Facebook and receives a friend request from a boy she doesn t know. What should she do? A. Accept the friend request.
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationAVeS Cloud Security powered by SYMANTEC TM
Protecting your business from online threats should be simple, yet powerful and effective. A solution that secures your laptops, desktops, and servers without slowing down your systems and distracting
More informationTop five strategies for combating modern threats Is anti-virus dead?
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
More informationProtect Yourself. Who is asking? What information are they asking for? Why do they need it?
Protect Yourself Your home computer serves many purposes: email, shopping, social networking and more. As you surf the Internet, you should be aware of the various ways to protect yourself. Of primary
More informationYOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next
YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next Your Data Under Siege: Guard the Gaps with Patch Management 1.0
More informationProtection of Personal Computer Best Practices for General User
Protection of Personal Computer Best Practices for General User ccording to the Government survey conducted in 2013 1, over 80% of Hong Kong households own a computer. Thanks to the extensive broadband
More informationDon t Fall Victim to Cybercrime:
Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security
More informationInternet Basics. Meg Wempe, Adult Services Librarian ABOUT THIS CLASS. P a g e 1
P a g e 1 Internet Basics ABOUT THIS CLASS This class is designed to provide a basic introduction to accessing and navigating the internet (a.k.a. the world wide web or the web ). Throughout the class,
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More informationWindows Updates vs. Web Threats
Windows Updates vs. Web Threats HOW WELL DO WINDOWS UPDATES PROTECT AGAINST MALWARE? Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This test explores how much
More informationOctober Is National Cyber Security Awareness Month!
(0 West Virginia Executive Branch Privacy Tip October Is National Cyber Security Awareness Month! In recognition of National Cyber Security Month, we are supplying tips to keep you safe in your work life
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationPractical tips for a. Safe Christmas
Practical tips for a Safe Christmas CONTENTS 1. Online shopping 2 2. Online games 4 3. Instant messaging and mail 5 4. Practical tips for a safe digital Christmas 6 The Christmas holidays normally see
More informationYour security is our priority
Your security is our priority Welcome to our Cash Management newsletter for businesses. You will find valuable information about how to limit your company s risk for fraud. We offer a wide variety of products
More informationNorthwestern University Dell Kace Patch Management
Northwestern University Dell Kace Patch Management Desktop Patch Management Best Practices Table of Contents: 1. Audience 2. Definition 3. Patch Approaches 4. Guidelines for Review, Test, and Deploy 5.
More informationSpam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning
Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationHot Topics in IT Security PREP#28 May 1, 2014. David Woska, Ph.D. OCIO Security
Hot Topics in IT Security PREP#28 May 1, 2014 David Woska, Ph.D. OCIO Security CME Disclosure Statement The North Shore LIJ Health System adheres to the ACCME s new Standards for Commercial Support. Any
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus Protection JAN - MAR 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationWelcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013
Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 BACKUP SECURITY AND THE CLOUD BACK UP ALWAYS BACK UP TO AN EXTERNAL DEVICE OR REMOVAL MEDIA- NEVER DIRECTLY ON TO YOUR COMPUTER IF
More informationDesktop Security. Overview and Technology Guidance. Michael Ramsey Network Specialist, NC DPI
Desktop Security Overview and Technology Guidance Michael Ramsey Network Specialist, NC DPI Desktop Security Best practices for both the technical type and the typical user Defensive Layering Top Vulnerabilities
More informationMust score 89% or above. If you score below 89%, we will be contacting you to go over the material individually.
April 23, 2014 Must score 89% or above. If you score below 89%, we will be contacting you to go over the material individually. What is it? Electronic Protected Health Information There are 18 specific
More informationWINDOWS UPDATES AND MAJOR BUILDS
WINDOWS UPDATES AND MAJOR BUILDS Updates install automatically, and you can t pick and choose Another big change with Window 10 is that there will be automatic updates, so there s less chance of you missing
More information1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders.
Threat Protection Tools and Best Practices Objectives 1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders. 2. Threat Vectors Be familiar
More informationTOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski
TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY Mark Villinski @markvillinski Why do we have to educate employees about cybersecurity? 2014 Corporate Threats Survey 94% of business s suffered one
More informationBackground. How much does EMET cost? What is the license fee? EMET is freely available from Microsoft without material cost.
Microsoft s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation
More informationBCS IT User Syllabus IT Security for Users Level 2. Version 1.0
BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4
More informationThe Four-Step Guide to Understanding Cyber Risk
Lifecycle Solutions & Services The Four-Step Guide to Understanding Cyber Risk Identifying Cyber Risks and Addressing the Cyber Security Gap TABLE OF CONTENTS Introduction: A Real Danger It is estimated
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationLaura Royer, Extension Faculty, University of Florida/IFAS Osceola County Extension Services
Consumer Choices: Computer Security Software Prepared by: Dave Palmer, Instructional Media Faculty, University of Florida/IFAS Extension, South Central Extension District Laura Royer, Extension Faculty,
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationTaking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e
B e s t P r a c t i c e s G u i d e It s a fact of business today: because of the economy, most organizations are asking everyone, including the IT staff, to do more with less. But tight budgets and the
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationCybersecurity Protecting Yourself, Your Business, Your Clients
Cybersecurity Protecting Yourself, Your Business, Your Clients Global Summit of Women June 7, 2014 Celina B. Realuyo Professor of Practice of National Security Affairs William J. Perry Center for Hemispheric
More informationCybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
More informationHow are we keeping Hackers away from our UCD networks and computer systems?
How are we keeping Hackers away from our UCD networks and computer systems? Cybercrime Sony's Hacking Scandal Could Cost The Company $100 Million - http://www.businessinsider.com/sonys-hacking-scandal-could-cost-the-company-100-million-2014-12
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More information10 best practice suggestions for common smartphone threats
10 best practice suggestions for common smartphone threats Jeff R Fawcett Dell SecureWorks Security Practice Executive M Brandon Swain Dell SecureWorks Security Practice Executive When using your Bluetooth
More informationSafe Practices for Online Banking
November 2012 Follow these guidelines to help protect your information while banking online. At First Entertainment Credit Union, our goal is to provide you with the best all around banking experience.
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationKeystroke Encryption Technology Explained
Keystroke Encryption Technology Explained Updated February 9, 2008 information@bluegemsecurity.com (800) 650-3670 www.bluegemsecurity.com Executive Summary BlueGem Security is introducing keystroke encryption
More informationProtecting Your Data, Intellectual Property, and Brand from Cyber Attacks
White Paper Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks A Guide for CIOs, CFOs, and CISOs White Paper Contents The Problem 3 Why You Should Care 4 What You Can Do About It
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection OCT - DEC 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationCyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community
Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community A Sampling of Cyber Security Solutions Designed for the
More informationSecuritySecuritySecurity!
SecuritySecuritySecurity! It was the best of times and the worst of times... I suspect Dickens would be quite surprised to learn how prophetic his words would be over 150 years after he penned them. THE
More informationHome Anti-Virus Protection
Home Anti-Virus Protection JULY - SEPT 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More informationNorton 360. Benefits. Our ultimate protection, now even more so. Introducing the new Norton 360.
Norton 360 Our ultimate protection, now even more so. Introducing the new Norton 360. Our ultimate Internet and antivirus protection for all you do online Provides proactive protection, so you can do what
More informationAd-Aware Antivirus Overview
Contents Ad-Aware Antivirus Overview... 3 What is Ad-Aware Antivirus?... 3 Ad-Aware Antivirus Features... 4 System Requirements... 6 Getting Started... 7 Ad-Aware Install... 7 Using Ad-Aware Free 30 day
More information1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.
Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus Protection APRIL - JUNE 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationCyber Security Solutions:
ThisIsCable for Business Report Series Cyber Security Solutions: A Sampling of Cyber Security Solutions Designed for the Small Business Community Comparison Report Produced by BizTechReports.com Editorial
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationTrust the Innovator to Simplify Cloud Security
Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus JULY - SEPTEMBER 2013 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More information