CUSTOMER INFORMATION SECURITY AWARENESS TRAINING

Similar documents
H ig h L e v e l O v e r v iew. S te p h a n M a rt in. S e n io r S y s te m A rc h i te ct

1.- L a m e j o r o p c ió n e s c l o na r e l d i s co ( s e e x p li c a r á d es p u é s ).


Put the human back in Human Resources.

S e w i n g m a c h i n e s for but t - seams. - c o m p l e t e b r o c h u r e -

i n g S e c u r it y 3 1B# ; u r w e b a p p li c a tio n s f r o m ha c ke r s w ith t his å ] í d : L : g u id e Scanned by CamScanner

SCO TT G LEA SO N D EM O Z G EB R E-

EM EA. D is trib u te d D e n ia l O f S e rv ic e



ACE-1/onearm #show service-policy client-vips


T c k D E GR EN S. R a p p o r t M o d u le Aa n g e m a a k t o p 19 /09 /2007 o m 09 :29 u u r BJB M /V. ja a r.




Campus Sustainability Assessment and Related Literature


I n la n d N a v ig a t io n a co n t r ib u t io n t o eco n o m y su st a i n a b i l i t y

Common Cyber Threats. Common cyber threats include:

A n d r e w S P o m e r a n tz, M D

Software Quality Requirements and Evaluation, the ISO Series

Using Predictive Modeling to Reduce Claims Losses in Auto Physical Damage

L a h ip e r t e n s ió n a r t e r ia l s e d e f in e c o m o u n n iv e l d e p r e s ió n a r t e r ia l s is t ó lic a ( P A S ) m a y o r o

B R T S y s te m in S e o u l a n d In te g r a te d e -T ic k e tin g S y s te m

AN EVALUATION OF SHORT TERM TREATMENT PROGRAM FOR PERSONS DRIVING UNDER THE INFLUENCE OF ALCOHOL P. A. V a le s, Ph.D.


An Introduction on How to Better Protect Your Computer and Sensitive Data


w ith In fla m m a to r y B o w e l D ise a se. G a s tro in te s tin a l C lin ic, , K a s h iw a z a, A g e o C ity, S a ita m a

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

An E mpir ical Analysis of Stock and B ond M ar ket Liquidity

Understanding, Modelling and Improving the Software Process. Ian Sommerville 1995 Software Engineering, 5th edition. Chapter 31 Slide 1


OCT Training & Technology Solutions Training@qc.cuny.edu (718)


NATIONAL CYBER SECURITY AWARENESS MONTH


How To Be A Successful Thai


Malware & Botnets. Botnets


PSTN. Gateway. Switch. Supervisor PC. Ethernet LAN. IPCC Express SERVER. CallManager. IP Phone. IP Phone. Cust- DB

JCUT-3030/6090/1212/1218/1325/1530

UFPA Brazil. d e R e d e s Ó p tic a s e s e u s Im p a c to s n o F u tu r o d a In te r n e t

The USGA Handicap Syste m In Brief A Summary of Handicap Basics

S E 5/9. Checks & Forms for. BIS Software

Purpose of presentation

Workload Management Services. Data Management Services. Networking. Information Service. Fabric Management

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

Online Department Stores. What are we searching for?


CIS CO S Y S T E M S. G u ille rm o A g u irre, Cis c o Ch ile , C is c o S y s te m s, In c. A ll rig h ts re s e rv e d.

E-learning and Student Mobility in Higher Education. BEST Symposium on Education, Gothenburg 2 nd June 10 th June; 2007

Annual Report H I G H E R E D U C AT I O N C O M M I S S I O N - PA K I S TA N

Matrix Technical Support Mailer 139

W h a t is m e tro e th e rn e t


Legal Concepts Meet Technology: A 50 State Survey of Privacy Laws

The content is based on the National Council of Teachers of Mathematics (NCTM) standards and is aligned to state standards.

M P L S /V P N S e c u rity , C is c o S y s te m s, In c. A ll rig h ts re s e rv e d.

Cyber Security Awareness

Network Security and the Small Business

B rn m e d s rlig e b e h o v... 3 k o n o m i S s k e n d e tils k u d o g k o n o m is k frip la d s... 7 F o r ld re b e ta lin g...

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

You ll learn about our roadmap across the Symantec and gateway security offerings.

C + + a G iriş 2. K o n tro l y a p ıla rı if/e ls e b re a k co n tin u e g o to sw itc h D ö n g ü le r w h ile d o -w h ile fo r

Professional Indemnity Claim Form

B a rn e y W a r f. U r b a n S tu d ie s, V o l. 3 2, N o. 2, ±3 7 8

The SMB Cyber Security Survival Guide

HR DEPARTMENTAL SUFFIX & ORGANIZATION CODES

Ben Hall Technical Pre-Sales Manager Barry Kew Pre-Sales Consultant

About the Author. Jak ub Pr zybo lew sk i

American College of Radiology: ACR 2015 Annual Conference

excellence in ever y sear c h we conduct. Biophar maceuticals Sales & Mar keting Human Resour ces

Red Hat Customer Portal 1 Managing User Access to the Red Hat Customer Portal and the Red Hat Network Application

Guidelines for Account Management and Effective Usage

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

P R E F E I T U R A M U N I C I P A L D E J A R D I M

Protecting your business from fraud

2015 Cybersecurity Awareness

Appendix A. 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved.


3 day Workshop on Cyber Security & Ethical Hacking

<?xml version="1.0" encoding="utf-8"?> <soapenv:envelope xmlns:soapenv="

How to Successfully Integrate with ERP and Expense Management Systems

Cyber Security Awareness

Don t Fall Victim to Cybercrime:

1. Oblast rozvoj spolků a SU UK 1.1. Zvyšování kvalifikace Školení Zapojení do projektů Poradenství 1.2. Financování

Why you need. McAfee. Multi Acess PARTNER SERVICES

P R E F E I T U R A M U N I C I P A L D E J A R D I M


d e f i n i c j i p o s t a w y, z w i z a n e j e s t t o m. i n. z t y m, i p o jі c i e t o

AVG PC Tuneup. User Manual. Document revision ( )

Foresters Advantage Plus Whole Life Paid-Up at 100. Whole Life Insurance. Life Insurance Illustration

How to Identify Phishing s

Transcription:

CUSTOMER INFORMATION SECURITY AWARENESS TRAINING

IN T RO DUCT ION T h i s c o u r s e i s d e s i g n e d to p r o v i d e yo u w i t h t h e k n o w l e d g e to p r o t e c t y o u r p e r s o n a l a n d m o s t l y f i n a n c i a l i n f o r m a t i o n a n d s e n s i t i v e d a t a f r o m cyber t h r e a t s. In your daily activities, yo u r o u t i n e l y p r o v i d e s e n s i t i v e d a t a l i k e n a m e s, S o c i a l S e c u r i t y n u m b e r s, a n d o t h e r c o n f i d e n t i a l r e c o r d s to s u c c e s s f u l l y c a r r y o u t yo u r d ay - to - d ay a c t i v i t i e s. YO U a r e c r i t i c a l to t h e d e f e n s e a n d p r o t e c t i o n o f s e n s i t i v e i n f o r m a t i o n s y s t e m s a n d d a t a. Yo u w i l l b e w e l l e q u i p p e d to p r o t e c t t h e s e n s i t i v e d a t a b y i n c o r p o r a t i n g t h e i n f o r m a t i o n t e c h n o l o g y s e c u r i t y o b j e c t i v e s l e a r n e d i n t h i s p r e s e n t a t i o n i n to yo u r d a i l y activities.

IN T HES E T IM ES O F GR EAT C HA N GE C h a n g e Yo u r P e r c e p t i o n S e c u r i t y i s a n e c e s s i t y - n o t a b u r d e n. B e a L e a r n e r U n d e r s t a n d s e c u r i t y t h r e a t s a n d v u l n e r a b i l i t i e s. B e P r o a c t i v e A d o p t g o o d s e c u r i t y h a b i t s. S e e k H e l p a n d A d v i c e A d v a n c e d t e c h n o l o g i e s r e q u i r e e d u c a te d u s e r s. Information Security is YOUR responsibility.

W HAT IS IN FO R MAT ION S EC U RIT Y? I n f o r m a t i o n S e c u r i t y ( I S ) T h e p r o t e c t i o n o f i n f o r m a t i o n a n d i n f o r m a t i o n s y s t e m s f r o m u n a u t h o r i z e d a c c e s s, u s e, d i s c l o s u r e, d i s r u p t i o n, m o d i f i c a t i o n, o r d e s t r u c t i o n i n o r d e r to p r o v i d e c o n f i d e n t i a l i t y, i n t e g r i t y, a n d a v a i l a b i l i t y. I n f o r m a t i o n s e c u r i t y i s a c h i e v e d t h r o u g h i m p l e m e n t i n g t e c h n i c a l, m a n a g e m e n t, a n d o p e r a t i o n a l m e a s u r e s d e s i g n e d to p r o t e c t t h e c o n f i d e n t i a l i t y, i n t e g r i t y a n d a v a i l a b i l i t y o f i n f o r m a t i o n. T h e g o a l o f a n I n f o r m a t i o n S e c u r i t y P r o g r a m i s to u n d e r s t a n d, m a n a g e, a n d r e d u c e t h e r i s k to i n f o r m a t i o n u n d e r t h e c o n t r o l o f t h e o r g a n i z a t i o n.

T HE C IA C O N C EPT Confidentiality Protecting information from unauthorized disclosure to people or processes. Defending information systems and resources from malicious, unauthorized users to ensure accessibility by authorized users. Availability Integrity Assuring the reliability and accuracy of information and IT resources.

C IA Yo u r b a n k AT M i s a g o o d e x a m p l e o f a n i n f o r m a t i o n s y s t e m t h a t m u s t b e c o n f i d e n t i a l, a v a i l a b l e, a n d h a v e i n t e g r i t y. I m a g i n e i f yo u r a c c o u n t wa s n o t k e p t c o n f i d e n t i a l a n d s o m e o n e e l s e wa s a b l e to a c c e s s i t w h e n t h ey a p p r o a c h e d t h e AT M. H o w m u c h d a m a g e c o u l d b e d o n e? I m a g i n e i f e v e r y t i m e yo u w e n t to t h e AT M, t h e b a l a n c e i t d i s p l aye d wa s i n a c c u r a t e ( i n t e g r i t y ). H o w c o u l d t h e p o o r i n t e g r i t y o f yo u r b a l a n c e i n f o r m a t i o n a d v e r s e l y a f f e c t yo u r a c c o u n t m a n a g e m e n t? I m a g i n e i f yo u r b a n k s AT M wa s r a r e l y a v a i l a b l e w h e n yo u n e e d e d i t. Wo u l d yo u c o n t i n u e to u s e t h a t b a n k?

D EF INING IT S EC U RIT Y I T s e c u r i t y i s a b o u t p r o t e c t i n g i n f o r m a t i o n a s s e t s b y e f f e c t i v e l y m a n a g i n g r i s k s. H o w m u c h p r o t e c t i o n d e p e n d s o n t h e r i s k a n d m a g n i t u d e o f h a r m t h a t c o u l d r e s u l t i f t h e d a t a w e r e l o s t, m i s u s e d, d i s c l o s e d, o r m o d i f i e d. A s s e t s a r e c o m p u t e r s a n d d a t a. R i s k s a r e m a n a g e d b y e v a l u a t i n g : Vu l n e r a b i l i t i e s - We a k n e s s e s i n a c o m p u t e r o r n e t w o r k t h a t l e a v e i t s u s c e p t i b l e to p o t e n t i a l e x p l o i t a t i o n s u c h a s u n a u t h o r i z e d u s e o r a c c e s s. T h r e a t s - t h e m e a n s t h r o u g h w h i c h a w e a k n e s s c a n b e e x p l o i te d to a d v e r s e l y a f f e c t a n e t w o r k o r s u p p o r t e d s y s t e m s.

W HAT IS A C O M P U T ER IN C ID ENT? C o m p u te r i n c i d e n t s i n c l u d e c o m p r o m i s e d s y s t e m s, a t t a c k s m a d e o n o r f r o m t h e B a n k s c o m p u t e r s, i l l e g a l o r i n a p p r o p r i a t e u s e, a n d a b u s e o f c o m p u t e r p r i v i l e g e s. A s s o o n a s p o s s i b l e, r e p o r t t h e s e i n c i d e n t s to t h e a p p r o p r i a te p e r s o n n e l. E x a m p l e s o f c o m p u t e r i n c i d e n t s : Yo u t h i n k s o m e o n e i s u s i n g a c o m p u t e r w i t h o u t a u t h o r i z a t i o n. Yo u r f i l e s l o o k l i k e s o m e o n e h a s b e e n t a m p e r i n g w i t h t h e d a t a. S e n s i t i v e i n f o r m a t i o n h a s b e e n d i s c l o s e d. Yo u r c o m p u t e r i s a c t i n g s t r a n g e.

IN FO RMATION S EC U RIT Y PO LIC Y AN D GOVER NANCE Fe d e r a l r e g u l a t i o n s r e q u i r e a l l u s e r s o f i n f o r m a t i o n t e c h n o l o g y s y s t e m s to c o n f o r m w i t h c e r t a i n b a s i c r e q u i r e m e n t s a n d r e c e i v e a n n u a l I T s e c u r i t y a wa r e n e s s t r a i n i n g G L B A - T h e G r a m m L e a c h B l i l ey A c t r e q u i r e s f i n a n c i a l i n s t i t u t i o n s to m a i n t a i n p r o c e d u r e s t h a t p r o t e c t c o n s u m e r s p e r s o n a l f i n a n c i a l i n f o r m a t i o n

W HAT IS A C Y BER AT TAC K? A m a l i c i o u s a t t e m p t to u n d e r m i n e o r c o m p r o m i s e t h e f u n c t i o n o f a c o m p u t e r - b a s e d s y s t e m, o r a t t e m p t to t r a c k t h e o n l i n e m o v e m e n t s o f i n d i v i d u a l s w i t h o u t t h e i r p e r m i s s i o n. A t t a c k s a r e P e r v a s i v e a n d C o m m o n The Depar tment of Defense (DoD) detects three million unauthorized scans - or attempts by possible intruder s to access of ficial networks ever y day. A t t a c k s C a n b e C o s t l y The Ponemon Institute benchmarked 50 organizations - the median annualized cost of a cyber attack is $ 5.9M/year. A t t a c k s D o n t H a v e to b e C o s t l y According to the Ponemon Institute, a strong security posture moderates the cost of cyber attacks.

P R EVENT ING C Y BER AT TAC KS I n f o r m a t i o n a s s e t s h av e b e c o m e a g r e a t s o u r c e o f va l u e a n d w e a l t h f o r i n d i v i d u a l s w i t h m a l i c i o u s i n t e n t. C y b e r a t t a c k s a r e a d a n g e r o u s t h r e a t to t h e n e t w o r k s a n d d a t a, h o w e v e r t h e r e a r e s o m e s t e p s yo u c a n t a ke to p r e v e n t t h e m. E n s u r e t h a t a n t i - v i r u s s o f t wa r e a n d p a t c h e s a r e u p to d a t e o n a l l c o m p u t e r s a n d l a p to p s. E n s u r e t h a t l a p to p s a n d m o b i l e d e v i c e s a r e e n c r y p t e d w i t h t r u s t e d s o f t wa r e. N e v e r s h a r e p a s s w o r d s w i t h a nyo n e. Be vigilant about s l o w r u n n i n g a p p l i c a t i o n s. I t c o u l d b e a s i g n o f a c o m p u t e r v i r u s.

C U R R ENT & EM ERGING C Y BER T HR EAT S H o s t i l e a t t a c k s d e s i g n e d to e s t a b l i s h a f o o t h o l d w i t h i n t h e i n f r a s t r u c t u r e o f t a r g e t o r g a n i z a t i o n s r e m a i n t h e m o s t s e r i o u s c y b e r t h r e a t. E x f i l t r a t i o n o f d a t a t h r o u g h t h e s e a t t a c k s h a s b e e n c h a r a c t e r i z e d a s t h e b i g g e s t t r a n s f e r o f w e a l t h i n t e r m s o f i n t e l l e c t u a l p r o p e r t y i n h i s to r y. M o b i l e d e v i c e s e c u r i t y r e p r e s e n t s a n u n p r e c e d e n t e d l ay e r o f c o m p l e x i t y a n d c o n n e c t i v i t y. S m a r t p h o n e s a r e p o w e r f u l, u b i q u i to u s a n d h av e e x c e e d e d t h e s a l e s o f P C s. T h ey h av e b e c o m e t h e m o s t p o p u l a r m e a n s to a c c e s s t h e I n t e r n e t. A t t a c ke r s s e e t h e m a s a g a t e w ay i n to n e t w o r k s to a c c e s s s e n s i t i v e d a t a. C l o u d s o f f e r s u b s t a n t i a l g a i n s f o r c o s t s av i n g s, p r o d u c t i v i t y a n d s e c u r i t y ; h o w e v e r t h ey a r e a l s o a t t r a c t i v e t a r g e t s f o r a t t a c k e r s. C l o u d s r e p r e s e n t a n o t h e r a l t e r n a t i v e to h o s t i n g a n a p p l i c a t i o n a n d s to r i n g d a t a, a n d m u s t b e s e c u r e.

C O M M ON C Y BER S ECURIT Y T HR EAT S M a l wa r e V i r u s e s I n s i d e r t h r e a t s S py wa r e H a c ke r s T h e f t o r l o s s o f s e n s i t i v e d a t a I n t e r n e t a n d e m a i l s c a m s P h i s h i n g I d e n t i t y t h e f t

C Y BER C R IM E C y b e r c r i m e r e f e r s to a ny c r i m e t h a t i n v o l v e s a c o m p u t e r a n d a n e t w o r k. O f f e n s e s a r e p r i m a r i l y c o m m i t t e d t h r o u g h t h e I n t e r n e t. C o m m o n e x a m p l e s o f c y b e r c r i m e i n c l u d e : Credit card fraud, Spam, and Identity thef t. I n f o r m a t i o n a n d i n f o r m a t i o n s y s t e m a s s e t s f r o m f i n a n c i a l i n s t i t u t i o n s a r e a h i g h v a l u e t a r g e t. C r i m i n a l s, t e r r o r i s t s, a n d n a t i o n s t a t e s w i t h m a l i c i o u s i n t e n t w o r k d a i l y to s t e a l, d i s r u p t, a n d c h a n g e i n f o r m a t i o n s y s t e m s a t f i n a n c i a l i n s t i t u t i o n s.

PA SSWO R DS A s t r o n g p a s s w o r d f o r yo u r n e t w o r k a c c o u n t a n d o t h e r a p p l i c a t i o n s i s a b a s i c p r o t e c t i o n m e c h a n i s m. Tw o r u l e s f o r s t r o n g e r p a s s w o r d s : Create a password at least eight character s in length. Password should contain at least one each: Ca pi ta l l ette r Lowe rca s e l ette r Num be r Spe ci a l c h a ra cte r ( %,^,*,? ) U s e a p a s s p h r a s e. Use the initials of a song or phrase to create a unique password Example: Take me out to the ballgame! becomes Tmo2tBG! C o m m i t p a s s w o r d s to m e m o r y. D O N O T ke e p p a s s w o r d s n e a r yo u r c o m p u t e r o r o n yo u r d e s k.

PA SSWO R D P ROT ECT IO N T IP S C h a n g e p a s s w o r d s o f t e n. M o s t a p p l i c a t i o n s w i l l r e m i n d yo u to d o t h i s b u t i f n o t, s e t u p a r e m i n d e r i n yo u r c a l e n d a r a t l e a s t e v e r y 6 0 d ay s. C h a n g e p a s s w o r d i m m e d i a te l y i f yo u s u s p e c t i t i s c o m p r o m i s e d. C r e a te a d i f f e r e n t p a s s w o r d f o r e a c h s y s t e m o r a p p l i c a t i o n. D o n o t r e u s e p a s s w o r d s. D o n o t u s e g e n e r i c i n f o r m a t i o n t h a t c a n b e e a s i l y o b t a i n e d l i k e f a m i l y m e m b e r n a m e s, p e t n a m e s, b i r t h d a t e s, p h o n e n u m b e r s, v e h i c l e i n f o r m a t i o n, e t c. N E V E R s h a r e yo u r p a s s w o r d w i t h a nyo n e.

TA ILG AT ING W h e n a n u n a u t h o r i z e d p e r s o n f o l l o w s s o m e o n e to a r e s t r i c t e d a r e a w i t h o u t t h e c o n s e n t o f t h e a u t h o r i z e d p e r s o n. N e v e r a l l o w a nyo n e to f o l l o w yo u i n to a s e c u r e a r e a w i t h o u t p r o p e r a u t h o r i z a t i o n. B e a wa r e o f p r o c e d u r e s f o r e n t e r i n g a s e c u r e a r e a, s e c u r i n g yo u r w o r k s t a t i o n w h e n yo u l e av e t h e o f f i c e, a n d s e c u r i n g yo u r w o r k s t a t i o n d u r i n g e m e r g e n c i e s. D o n o t b e a f r a i d to c h a l l e n g e o r r e p o r t a nyo n e w h o d o e s n o t a p p e a r to b e a n a u t h o r i z e d i n d i v i d u a l / v i s i to r. E s c o r t v i s i to r s to a n d f r o m yo u r o f f i c e a n d a r o u n d t h e f a c i l i t y. R e p o r t a ny s u s p i c i o u s a c t i v i t y to t h e p r o p e r p e r s o n n e l.

P HYS ICAL S EC U RIT Y P ROT EC T ION T IP S L o c k yo u r c o m p u t e r w h e n i t i s n o t i n u s e b y u s i n g C T R L + A LT + D E L. S to r e a n d t r a n s p o r t r e m o v a b l e m e d i a s u c h a s C D s, DV D s, f l a s h d r i v e s, a n d e x t e r n a l h a r d d r i v e s i n a s e c u r e m a n n e r to p r e v e n t t h e f t o r l o s s. O n l y c o n n e c t b a n k - a u t h o r i z e d r e m o v a b l e m e d i a d e v i c e s. E n c r y p t a l l d e v i c e s w h i c h c o n t a i n s e n s i t i v e i n f o r m a t i o n. Ke e p s e n s i t i v e i n f o r m a t i o n o u t o f s i g h t w h e n v i s i to r s a r e p r e s e n t. Q u i c k l y r e t r i e v e f a x e s a n d p r i n t j o b s c o n t a i n i n g s e n s i t i v e i n f o r m a t i o n.

EM A IL S EC U R IT Y E m a i l s t h a t c o n t a i n s e n s i t i v e d a t a m u s t b e e n c r y p t e d b e f o r e b e i n g s e n t.

S O C IAL EN GIN EER ING T h e s e i n d i v i d u a l s m ay l o o k t r u s t w o r t h y, b u t i n f a c t a r e s o p h i s t i c a te d c y b e r c r i m i n a l s. T h ey u s e s o c i a l e n g i n e e r i n g t e c h n i q u e s to o b t a i n yo u r p e r s o n a l i n f o r m a t i o n, a c c e s s s e n s i t i v e g o v e r n m e n t i n f o r m a t i o n, a n d e v e n s t e a l yo u r i d e n t i t y.

S O C IAL EN GIN EER ING S o c i a l e n g i n e e r i n g i s c l a s s i c a l l y d e f i n e d a s t h e a r t o f m a n i p u l a t i n g a n d e x p l o i t i n g h u m a n b e h a v i o r to g a i n u n a u t h o r i z e d a c c e s s to s y s t e m s a n d i n f o r m a t i o n f o r f r a u d u l e n t o r c r i m i n a l p u r p o s e s. S o c i a l e n g i n e e r i n g a t t a c k s a r e m o r e c o m m o n a n d m o r e s u c c e s s f u l t h a n c o m p u t e r h a c k i n g a t t a c k s a g a i n s t t h e n e t w o r k. S o c i a l e n g i n e e r s w i l l g a i n i n f o r m a t i o n b y e x p l o i t i n g t h e d e s i r e o f h u m a n s t o t r u s t a n d h e l p e a c h o t h e r. C r i m i n a l s c a n b y p a s s n e t w o r k f i r e wa l l s a n d b u i l d i n g a c c e s s s y s t e m s to s t e a l d a t a a n d d i s r u p t o p e r a t i o n s w i t h a s u c c e s s f u l s o c i a l e n g i n e e r i n g a t t a c k.

S O C IAL EN GIN EER ING S o c i a l e n g i n e e r i n g a t t a c k s a r e b a s e d o n n a t u r a l h u m a n d e s i r e s l i k e : Tr u s t D e s i r e to h e l p D e s i r e to a v o i d c o n f l i c t Fe a r C u r i o s i t y I g n o r a n c e a n d c a r e l e s s n e s s

S O C IAL EN GIN EER ING S o c i a l e n g i n e e r s wa n t a ny i n f o r m a t i o n t h a t w i l l g i v e t h e m a c c e s s to s e c u r e s y s t e m s o r f a c i l i t i e s. C o m m o n t a r g e t s a r e : P a s s wo r d s S e c u r i t y b a d g e s A c c e s s to s e c u r e a r e a s o f t h e b u i l d i n g S m a r t p h o n e s Wa l l e t s Pe r s o n a l i n f o r m a t i o n

C O M BAT S O C IAL EN GINEERING B e c a r e f u l a b o u t d i s c u s s i n g w o r k, yo u r f a m i l y, o r p e r s o n a l i n f o r m a t i o n i n p u b l i c. Yo u n e v e r k n o w w h o i s l i s t e n i n g. B e c a u t i o u s o f t h e p e r s o n a l i n f o r m a t i o n t h a t yo u s h a r e o n s o c i a l m e d i a s i t e s l i k e Fa c e b o o k. C r i m i n a l s c a n u s e t h e i n f o r m a t i o n yo u p o s t i n a s o c i a l e n g i n e e r i n g s c a m.

P HIS HING AT TAC K S P h i s h i n g i s a s o c i a l e n g i n e e r i n g s c a m w h e r e b y i n t r u d e r s s e e k a c c e s s t o y o u r p e r s o n a l i n f o r m a t i o n o r p a s s w o r d s b y p o s i n g a s a l e g i t i m a t e b u s i n e s s o r o r g a n i z a t i o n w i t h l e g i t i m a t e r e a s o n t o r e q u e s t i n f o r m a t i o n. U s u a l l y a n e m a i l ( o r t e x t ) a l e r t s y o u t o a p r o b l e m w i t h y o u r a c c o u n t a n d a s k s y o u t o c l i c k o n a l i n k a n d p r o v i d e i n f o r m a t i o n t o c o r r e c t t h e s i t u a t i o n. T h e s e e m a i l s l o o k r e a l a n d o f t e n c o n t a i n t h e o r g a n i z a t i o n s l o g o a n d t r a d e m a r k. T h e U R L i n t h e e m a i l r e s e m b l e s t h e l e g i t i m a t e w e b a d d r e s s. F o r e x a m p l e A m a z o n s. c o m. S p e a r p h i s h i n g i s a n a t t a c k t h a t t a r g e t s a s p e c i f i c i n d i v i d u a l o r b u s i n e s s. T h e e m a i l i s a d d r e s s e d t o y o u a n d a p p e a r s t o b e s e n t f r o m a n o r g a n i z a t i o n y o u k n o w a n d t r u s t, l i k e a g o v e r n m e n t a g e n c y o r a p r o f e s s i o n a l a s s o c i a t i o n. W h a l i n g i s a p h i s h i n g o r s p e a r p h i s h i n g a t t a c k a i m e d a t a s e n i o r o f f i c i a l i n t h e o r g a n i z a t i o n.

C O M BAT P HIS HING N E V E R p r o v i d e yo u r p a s s w o r d to a nyo n e v i a e m a i l. B e s u s p i c i o u s o f a ny e m a i l t h a t : Requests per sonal information. Contains spelling and grammatical error s. Asks you to click on a link or image or open an attachment. Is unexpected or from a company or organization with whom you do not have a relationship. I f yo u a r e s u s p i c i o u s o f a n e m a i l : Do not click on the links provided in the email. Do not open any attachments in the email. Do not provide per sonal information or financial data. Do not for ward the email. Delete it from your Inbox.

ID EN T IT Y T HEF T T h e Fe d e r a l Tr a d e C o m m i s s i o n e s t i m a t e s t h a t 9 m i l l i o n p e o p l e h a v e t h e i r i d e n t i t y s to l e n e a c h y e a r. I d e n t i t y t h i e v e s u s e n a m e s, a d d r e s s e s, S o c i a l S e c u r i t y n u m b e r s, a n d f i n a n c i a l i n f o r m a t i o n o f t h e i r v i c t i m s to o b t a i n c r e d i t c a r d s, l o a n s, a n d b a n k a c c o u n t s f o r t h e m s e l v e s.

P R EVENT ING ID EN T IT Y T HEF T B e c a u t i o u s w h e n p r o v i d i n g yo u r S o c i a l S e c u r i t y n u m b e r. K n o w h o w a n d w h y i t w i l l b e u s e d. R e v i e w c r e d i t c a r d a n d b a n k s t a t e m e n t s a t l e a s t m o n t h l y f o r u n a u t h o r i z e d t r a n s a c t i o n s. U s e s t r o n g p a s s w o r d s f o r yo u r h o m e c o m p u t e r a n d w e b s i t e s yo u v i s i t, e s p e c i a l l y e m a i l a c c o u n t s a n d f i n a n c i a l i n s t i t u t i o n s. L e a v e yo u r S o c i a l S e c u r i t y c a r d a n d p a s s p o r t a t h o m e. N e v e r l e a v e t h e m i n yo u r p u r s e o r wa l l e t u n l e s s n e c e s s a r y. S h r e d s e n s i t i v e d o c u m e n t s a n d m a i l c o n t a i n i n g yo u r n a m e a n d a d d r e s s.

M A LWA RE M a l wa r e ( s h o r t f o r m a l i c i o u s s o f t wa r e ) d o e s d a m a g e to, s t e a l s i n f o r m a t i o n f r o m, o r d i s r u p t s a c o m p u t e r s y s t e m. Malware is commonly installed through email attachments, downloading infected files, or visiting an infected web site. It can corrupt files, erase your hard drive, or give a hacker access to your computer.

C O M BAT M A LWA R E S c a n a t t a c h m e n t s w i t h a n t i v i r u s s o f t wa r e b e f o r e d o w n l o a d i n g. D o n o t t r u s t a ny a t t a c h m e n t s, e v e n t h o s e t h a t c o m e f r o m r e c o g n i z e d s e n d e r s. D e l e te s u s p i c i o u s e m a i l s w i t h o u t o p e n i n g t h e m. I f yo u b e l i ev e yo u r c o m p u t e r i s i n f e c t e d, c o n t a c t t h e a p p r o p r i a te I T p e r s o n n e l.

S EC URIT Y O U T S ID E O F T HE O F F IC E S e c u r i t y r e s e a r c h e r s s ay t h a t 3 5 % o f d a t a b r e a c h e s a t U. S. c o m p a n i e s a r e c a u s e d b y l o s i n g l a p to p s o r o t h e r m o b i l e d e v i c e s. B e v i g i l a n t a b o u t p r o t e c t i n g i n f o r m a t i o n a n d i n f o r m a t i o n s y s t e m s o u t s i d e o f t h e h o m e o r o f f i c e.

M O BIL E D EVIC E LO S S A N D T HEF T C y b e r a t t a c k s a r e a d a n g e r o u s t h r e a t to t h e B a n k s n e t w o r k s a n d d a t a, h o w e v e r a l a r g e n u m b e r o f b r e a c h e s o c c u r b e c a u s e o f l o s s o r t h e f t o f m o b i l e d e v i c e s. N e v e r l e av e l a p to p s, c e l l p h o n e s, o r o t h e r m o b i l e d e v i c e s u n a t t e n d e d e s p e c i a l l y w h e n t r av e l l i n g. E n s u r e t h a t t h e w i r e l e s s s e c u r i t y f e a t u r e s a r e p r o p e r l y c o n f i g u r e d. W h e n a way f r o m yo u r d e s k, u s e a c o m p u t e r l o c k f o r yo u r l a p to p o r p l a c e i t i n a l o c ke d c a b i n e t. M o b i l e d e v i c e s t h a t c o n t a i n P e r s o n a l l y i d e n t i f i a b l e i n f o r m a t i o n m u s t b e e n c r y p t e d. R e p o r t l o s t o r s to l e n d e v i c e s i m m e d i a t e l y.

PER S ONALLY ID EN TIF IABLE IN FO RMAT ION P e r s o n a l l y i d e n t i f i a b l e i n f o r m a t i o n ( P I I ) c a n b e u s e d to d i s t i n g u i s h o r t r a c e s o m e o n e s i d e n t i t y, o r c a n b e l i n k e d to a s p e c i f i c i n d i v i d u a l. A ny s u c h i t e m o f i n f o r m a t i o n c a n b e P I I, i n c l u d i n g : Sensitive data - financial or legal information ; Neutral information - name, facial photos, work address ; or Contextual information - file folder for a specific customer that contains a list of account number s. P I I m u s t b e p r o t e c t e d, w h e t h e r i n p a p e r, e l e c t r o n i c, o r o r a l f o r m. S e e m i n g l y i n n o c u o u s i n f o r m a t i o n c a n i d e n t i f y a n i n d i v i d u a l w h e n c o m b i n e d w i t h o t h e r d a t a o r c o m p a r e d to a d a t a s e t t h a t i n c l u d e s o t h e r P I I.

C O M M ON EXA M P L ES O F P II N a m e S o c i a l S e c u r i t y n u m b e r ( S S N ) D a t e o f b i r t h ( D O B ) M o t h e r s m a i d e n n a m e F i n a n c i a l r e c o r d s E m a i l a d d r e s s D r i v e r s l i c e n s e n u m b e r P a s s p o r t n u m b e r

S a f e g u a r d p e r s o n a l i n f o r m a t i o n i n yo u r p o s s e s s i o n, w h e t h e r i t b e i n p a p e r o r e l e c t r o n i c f o r m a t. R e p o r t s u s p e c t e d p r i va c y v i o l a t i o n s o r i n c i d e n t s. S h r e d d o c u m e n t s c o n t a i n i n g P I I ; N E V E R p l a c e t h e m i n t h e t r a s h.

D o n t l e av e d o c u m e n t s t h a t c o n t a i n P I I o n p r i n t e r s a n d f a x m a c h i n e s. D o n t l e av e f i l e s o r d o c u m e n t s c o n t a i n i n g P I I u n s e c u r e d o n yo u r d e s k w h e n yo u a r e n o t t h e r e. Fo l l o w t h e t e c h n i c a l, p e r s o n n e l, a d m i n i s t r a t i v e, a n d t e l e c o m m u n i c a t i o n s a f e g u a r d s fo r c o m p u t e r s y s t e m s yo u u s e. Ta ke u s e r a wa r e n e s s t r a i n i n g a n n u a l l y.

C O M M ON S C EN ARIOS P r i va c y i n c i d e n t s m o s t o f t e n o c c u r f r o m : L o s s, d a m a g e, t h e f t, o r i m p r o p e r d i s p o s a l o f e q u i p m e n t, m e d i a, o r p a p e r s c o n t a i n i n g P I I. A c c i d e n t a l l y s e n d i n g a f i l e c o n t a i n i n g P I I to a p e r s o n n o t a u t h o r i z e d to v i e w t h e f i l e o r s e n d i n g i t i n a n u n p r o t e c t e d m a n n e r ( e. g., u n e n c r y p t e d ). A l l o w i n g a n u n a u t h o r i z e d p e r s o n to u s e yo u r c o m p u t e r o r c r e d e n t i a l s to a c c e s s P I I. A ny s e c u r i t y s i t u a t i o n t h a t c o u l d c o m p r o m i s e P I I ( e. g., v i r u s, p h i s h i n g e m a i l, s o c i a l e n g i n e e r i n g a t t a c k ).

HO M E S EC U RIT Y M a ny o f t h e t i p s i n t h i s p r e s e n t a t i o n c a n b e u s e d to p r o t e c t yo u r h o m e c o m p u t e r. C r i m i n a l s c a n u s e yo u r p e r s o n a l i n f o r m a t i o n to s t e a l yo u r i d e n t i t y a n d r u i n yo u r f i n a n c e s. P r o t e c t i n g yo u r s e l f a n d yo u r f a m i l y o n t h e I n t e r n e t a t h o m e i s j u s t a s i m p o r t a n t a s p r o t e c t i n g i n f o r m a t i o n s y s t e m s a t w o r k.

SA F EGUAR D YO U R HO M E C O M P UT ER U s e p a s s w o r d s o n p e r s o n a l c o m p u te r s a n d m o b i l e d e v i c e s. I n s t a l l a n d u p d a te a n t i v i r u s s o f t wa r e o n yo u r h o m e c o m p u te r. E n a b l e t h e f i r e wa l l o n yo u r c o m p u te r. R o u t i n e l y b a c k u p yo u r f i l e s. Fo l l o w t h e i n s t r u c t i o n s i n t h e u s e r m a n u a l to e n a b l e e n c r y p t i o n f o r yo u r w i r e l e s s r o u t e r.

C O N GR ATUL AT IO NS

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information