Information Technology Security for Small Business (video script) Descriptive Text for the Visually Impaired August 11, 2009



Similar documents
SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Top 10 Tips to Keep Your Small Business Safe

Small businesses: What you need to know about cyber security

S. ll IN THE SENATE OF THE UNITED STATES

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

National Cyber Security Month 2015: Daily Security Awareness Tips

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

Cybersecurity Protecting Yourself, Your Business, Your Clients

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

TMCEC CYBER SECURITY TRAINING

AN INFORMATION GOVERNANCE BEST

This factsheet is for: Senior management of small firms that handle, store or dispose of customers personal data in the course of their business.

Beyond the Hype: Advanced Persistent Threats

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Digital Barracuda Information Security Reports that the Risk from Viruses and Worms is Only the Tip of the Iceberg FACT SHEET

Cyber Security Strategies for the Small Business Market

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

PCI Compliance for Healthcare

Cyber Security Strategies for the Small Business Market

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Building a Business Case:

AUDIT TAX SYSTEMS ADVISORY

Small Business Cybersecurity Dos and Don ts. Helping Businesses Grow and Succeed For Over 30 Years. September 25, 2015 Dover Downs

White Paper: Are there Payment Threats Lurking in Your Hospital?

Small businesses: What you need to know about cyber security

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

CSI/FBI 2000 COMPUTER CRIME AND SECURITY SURVEY

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

Five keys to a more secure data environment

EXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS

90% of health insurers surveyed have had a data breach 3. 72% increase in cyberattacks against healthcare companies occurred between 2013 and

FBI CHALLENGES IN A CYBER-BASED WORLD

CYBER EXPOSURES OF SMALL AND MIDSIZE BUSINESSES A DIGITAL PANDEMIC. October Sponsored by:

How-To Guide: Cyber Security. Content Provided by

Perspectives on Cybersecurity in Healthcare June 2015

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Network Security Landscape

Malware & Botnets. Botnets

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Information Security Awareness: How to Get Users Asking for More

Data Security. So many businesses leave their data exposed, That doesn t mean you have to Computerbilities, Inc.

What Do You Mean My Cloud Data Isn t Secure?

FORBIDDEN - Ethical Hacking Workshop Duration

INFORMATION SECURITY FOR YOUR AGENCY

Insuring Innovation. CyberFirst Coverage for Technology Companies

How To Protect Yourself From Cyber Threats

CYBER SECURITY GUIDANCE

How To Protect Your Organization From Insider Threats

Cybersecurity Policies and Best Practices: Protecting small firms, large firms, and professional services from malware and other cyber-threats

BE SAFE ONLINE: Lesson Plan

Data Loss Prevention in the Enterprise

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Loophole+ with Ethical Hacking and Penetration Testing

Sytorus Information Security Assessment Overview

Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance

October Is National Cyber Security Awareness Month!

SECURITY IN THE CLOUD

Cyber Security for audit committees

National Infrastructure Protection Center

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Cyber Threats: Exposures and Breach Costs

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

An Introduction on How to Better Protect Your Computer and Sensitive Data

Understanding Layered Security and Defense in Depth

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Identifying & Managing IT Risks to Your Business

10 Quick Tips to Mobile Security

INTRODUCTION DEVELOPMENT AND PHENOMENA

Recognize Nefarious Cyber Activity and Catch Those Responsible with IBM InfoSphere Entity Analytic Solutions

5 Tools For Passing a

MONTHLY WEBSITE MAINTENANCE PACKAGES

CYBERCRIME AND THE HEALTHCARE INDUSTRY

Fraud Prevention Checklist for Small Businesses

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

A NEW APPROACH TO CYBER SECURITY

Are your people playing an effective role in your cyber resilience?

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

Stay ahead of insiderthreats with predictive,intelligent security

7 VITAL FACTS ABOUT HEALTHCARE BREACHES.

Breakthrough Cyber Security Strategies. Introducing Honeywell Risk Manager

Preemptive security solutions for healthcare

The Impact of Cybercrime on Business

CYBER INFORMATION SECURITY AWARENESS AND PROTECTION PRACTICES. Strengthening Your Community at the Organizational Level

10 best practice suggestions for common smartphone threats

U. S. Attorney Office Northern District of Texas March 2013

Cybersecurity Academies roundtable Tina Allison

Presented By: Corporate Security Information Security Treasury Management

Unit 3 Cyber security

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Session 46 Information Security Creating Awareness, Educating Staff, and Protecting Information

Is your Organization SAFE?

Nine Steps to Smart Security for Small Businesses

Developments in cybercrime and cybersecurity

Transcription:

Information Technology Security for Small Business (video script) Descriptive Text for the Visually Impaired August 11, 2009 By Joan Porter Visual: Images related to computer and internet use and images symbolic of information technology security and cyber crime. No matter how well you protect your business your information is still very much at risk and that puts your business at risk. Visual: A computer keyboard and a cell phone. Text: The words, Names, Emails, Phone Numbers, Account Numbers, Files, Passwords, User Ids, Payroll, Internet Transactions, Credit Card Numbers, Electronic Commerce and Employee Databases appear. The dangers change and grow every day and the threats they pose to your business and others can be devastating. Text: The words, The best defense against these growing attacks? appear. The best defense against these growing attacks? Text: The words, Information Technology Security for Small Business and It s not just good business. It s essential business appear. Information Technology Security. It s not just good business. It s essential business. Visual: Scenes of employees working at computers and working in a variety of jobs at different kinds of small businesses. 1

Today protecting your business s information is just as critical as protecting every other asset you have your property, your employees and your products. It doesn t matter what kind of business you re in or its size whether you have one employee or 500. The fact is, your information is valuable and it s at risk. Visual: Matthew Scholl, Group Manager, Security Management and Assurance Computer Security Division, NIST on camera. It s important that small businesses make IT security a top priority in order to protect their businesses. They make other security decisions everyday. They lock their doors, they have alarm systems, they have trusted employees working behind the counters. They should exercise the same level of security and due diligence to their IT space where they have just as much exposure. Visual: Richard Kissel, Information Security Analyst, Computer Security Division, NIST on camera. Cyberspace is a dangerous place to be. We all are there because we have to be there because that s where technology forces us to go right now. And if you don t understand that climate and the things that are involved there then you can get into trouble really quickly. Visual: Jane Boorman, Project Manager, Office of Entrepreneurship Education, U.S. Small Business Administration on camera. There are some 26 million small businesses in this country and they all need to pay attention to the dangers of cyber crime. It s one of the greatest risks they face but many people don t realize it. Small businesses are open for business! They want their customers to come in but they re so open for business they sometimes don t take the time. They don t really realize that their entire business is at stake and when they are careless about their information technology protection, they can lose the entire business. Visual: Matthew Scholl on camera The threats that are faced by small businesses are very similar to the threats faced by the federal government and large businesses as a whole. The truth of the matter is they don t care who you are. All they care about is that they can access your assets for their purposes. Visual: An image showing the globe and a computer keyboard. 2

Text: The words, Who are they? appear. But who are they? Who is responsible for this? Text: The words, Hackers; Experimenters and Vandals; Hacktivists; Cyber Criminals and Information Warriors appear. There are four main types of hackers. Experimenters and vandals are usually amateurs who do it for the thrill or to make a reputation for themselves. Hacktivists have a personal or political agenda. Cyber criminals are in it for the money. Other hackers are Information Warriors. Visual: Digital program code over image of Earth as seen from outer space. They are professionals who work for nation-states which may have missions to disrupt the Internet for example, or take out a city s electrical grid. Visual: Scenes of employees working at computers in a variety of kinds of businesses. But all the dangers don t come from the outside. Businesses can be severely damaged - intentionally or unintentionally - by their own employees. Text: The words, Insider Threats appear. Visual: Scenes of employees and computers at different businesses. These insider threats are responsible for nearly 80% of the problems that most small businesses have. No matter where the threat is coming from, the target is still the same access to a business s systems and information. Visual: Richard Kissel on camera The reality is that there s dangers out there in all kinds of forms. Visual: Image of computer code zeroes and ones. 3

Text: The words, Theft of Data and Resources appear. Richard Kissel: You have theft of data, theft of resources, things like walking off with a laptop. Visual: Richard Kissell on camera You have the electronic PDAs of various kinds and literally some people run their businesses from these devices not understanding that all that sensitive information on those devices is vulnerable and it s not encrypted, it s not protected and so if they lose the device or somebody walks off with it all that data is gone. And may come back to haunt them later on. Visual: Image of a hacker typing on a laptop Text: The words, Denial-of-Service Attacks appear. Visual: Richard Kissel on camera You have other activities that nefarious folks can take and that s denial-of-service where they just hammer a system until it just stops functioning and sometimes this is done to blackmail a business. They demonstrate that they can take down the system or the network and they say, if you don t pay us, we will take you out, and they mean it. Text: The words, Malicious Code appear. Visual: Richard Kissel on camera Then you have people releasing malicious code. Once it gets on a system then it ll do whatever it s programmed to do. Malicious code can include things like keystroke loggers, which if somebody puts one on your system, it sits there and silently watches every keystroke you make which includes little things like bank account numbers, the passwords you use to get into your accounts, the answers you give to the security verification questions. Text: The word, Viruses appears. Visual: Several computer screens Richard Kissel: And viruses are a case of malicious code and in terms of viruses there s about 70,000 active viruses out there right now. The number goes up every year. 4

Visual: Richard Kissel on camera So these are the kind of threats that we look at, we see out there. These are general classes of things that can go wrong and they all have the potential to damage or destroy an average small business. Visual: Employees working at computers and a meeting of one company s employees. A survey by the Computer Security Institute showed that a third of all data breaches in just one year came at the expense of businesses with 100 employees or less. Text: The words, Computer Security Institute Survey; 42% - Laptop Theft; 44% - Insider Abuse; 21% - Denial-of-Service Attacks; 50% - Computer Viruses and 20% - Systems made into bots appear. Another survey of businesses 23% of which were small businesses - showed that 42% reported laptop theft, 44% reported insider abuse, 21% reported denial-of- service attacks, 50% detected computer viruses and 20% reported systems being made into bots. Visual: A variety of people in typing on computers and other activities at different types of businesses. A bot is one of many computers that cybercriminals have taken over to make a botnet that they can use to attack other businesses, large industrial and even governmental systems. So, the vulnerability of one small business may not seem significant. But with over 26 million small businesses in the US, a threat that s common to a large percentage of them could pose a threat to the nation. Visual: A variety of employees working at different businesses including offices, stores, restaurants and manufacturing. Matt Scholl There are no silver bullets. So outsourcing is definitely an option that a small business can take to help them identify their risks and provide information security appropriately but it s important that a small business understand the basics of information security, what their risks are and the different ways they can mitigate those risks effectively. And that they should not solely rely on an outsourcing solution. 5

Information security can be an expense and there is a significant knowledge curve that needs to happen which is one of the reasons why we are doing this. Because in our belief this is essential to maintain the business and it can be done in a cost effective manner that is also effective for the small business owner. We have an understanding of the small business as a part of the critical infrastructure of the nation economically and socially and its importance as a national asset that needs to be protected which is why SBA, FBI and NIST have partnered together on this work. Visual: Employees working at a variety of businesses with logo representing NIST, SBA and the FBI s collaboration. Text: The words, Computer Security is Good Business appear. The collaboration between NIST, the Small Business Administration, and the FBI provides small businesses with a wealth of information and resources at the national and local levels including training and education, networking opportunities and practical assistance. Visual: Scenes of people working and meeting at a variety of businesses. Text: The words, Right Investment; Define Needs; Security Practices; Stay Current appear. Business owners can learn how to make the right investment, define their information security needs, establish common security practices, and stay current. These are just a few of the topics available to help small businesses protect their information. Visual: Image of a padlock on a computer motherboard and other images that represent information technology security. Text: The words, Information Technology Laboratory, Computer Security Resource Center and web address http://csrc.nist.gov/groups/sma/sbc/index.html appear. The web site for NIST s Computer Security Resource Center can guide small business owners to the kind of help they need whether they re just getting started or staying up to date with the latest in information technology security. 6

Visual: Richard Kissel on camera There s a very small set of things, actions that a small business can do to avoid being an easy target. But they have to be done. And they have to be done consistently. So it s easy to avoid being the easy mark but you do have to work at it. You can t just sit still. You sit still and you re gone. Text: The words, Information Technology Security for Small Business and It s not just good business. It s essential business appear. Text: The following production credits appear. Writer Joan Porter Videography Chris Sciannella Editors Joanna Pearson Chris Sciannella Technical Advisor Magdalena Benitez Computer Security Division, NIST Special Thanks To Jane Boorman U.S. Small Business Administration Matthew Scholl Computer Security Division, NIST Richard Kissel Computer Security Division, NIST Executive Producer Ron E. Meininger NIST Public and Business Affairs Disclaimer The display of products and services in this program is for demonstration purposes only and does not imply an endorsement by NIST 7

Produced by Computer Security Division Information Technology Laboratory National Institute of Standards and Technology U.S. Department of Commerce July 2009 Visual: Fade to black 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information