KEMBAR78
Cyber Security Training Module 2025.pptx
Uploaded bysurnil7785
PPTX, PDF855 views

Cyber Security Training Module 2025.pptx

Training

Downloaded 21 times
Agenda Threats Overview Password Safety Web Protection Email Protection Preventive Measures 1 2 3 4 5
THREATS OVERVIEW
Root Cause of Data Breaches 25% Human Error 27% Process Failure 48% Malicious
Lost or stolen device Data Breach Breakdown Human Error
Data Breach Breakdown Malicious Breaches Overview
Threats Overview Malware Phishing Social Engineering
Threats Overview Malware
Malware includes numerous threat families, all with different names. Viruses Trojans Ransomware Rootkits Bootkits Worms
Top Tips to Avoid Malware Install Endpoint Security on all devices. Be careful what you plug in. Be careful what you click. Get awareness training for entire family. 1 2 3 4
Threats Overview Phishing
Phishing Examples Not paypal.com
Phishing Examples
Top Tips to Avoid Phishing Check who the email sender is. Check the email for grammar and spelling mistakes. Mouse over the link to see where it goes. Do not click the link – manually type it in. 1 2 3 4
Threats Overview Social Engineering
• Manipulation of people into divulging confidential or sensitive information • Most commonly done over email, but also regularly carried out over the phone Social Engineering
• Can be a slow gain of information • Can attempt to gain all information needed at once Social Engineering
• Phone call targets employees at a business. • Caller asks who the boss/CEO is. • Requests his/her email address. • Now the attacker has the username and the name of the person targeted for compromise. Social Engineering Examples
• A person walks into office pretending to be a contractor. • Due to his/her uniform, people assume it’s OK. • Person walks into room with sensitive info and steals it. Social Engineering Examples
Top Tips to Avoid Social Engineering Be careful with the information you disclose. Verify credentials of contractors. If you have any doubts on the identity of callers, hang up and call their official company number back. 1 2 3
PASSWORD SAFETY
• What city did you grow up in? • What is your dog’s name? • What high school did you attend? • What is your favorite book? • What is your dream job? • What is your mother’s maiden name? Can these answers be found on your Facebook account?
Does this look familiar?
How about this?
• Typically, users are honest when filling out security questions. • Malicious parties can utilize social media to find out the answers to these questions, which allows them to reset your password. • Best practice is to not be honest when filling out these questions. Treat security questions as another password field. Security Questions
• Typically, users practice risky behavior with respect to passwords. • Passwords nowadays can be a gateway into identity theft. Users and Poor Password Hygiene
Document or sticky note with passwords written on it Poor Password Hygiene
Freely sharing password with friends, family members, colleagues Poor Password Hygiene
Poor Password Hygiene 8 characters 8 characters + 1 number 8 characters + 1 number + 1 symbol 8 characters + 1 number + 1 symbol + 1 capital elephant elephant1 elephant1! Elephant1! = = = =
elephant1! elephant2@ elephant3# elephant4$ Poor Password Hygiene Change password every 90 days !
• Passwords sometimes are extracted • Very simple to try all alternative options of password-base Data breaches lead to password problems because… Example •Password that was stolen was elephant •Password required by website is 8 characters 1 symbol •32 symbols on the computer(would take a human 5 minutes) •Computers can carry out these tasks in fractions of a second
• If you have trouble remembering passwords or creating unique passwords, utilize a password manager. • There are several very secure password managers on the market that work across all Oses. • They will remember and auto-complete your passwords for you once your “master” password is entered. Password Managers
https://haveibeenpwned.com/ • Currently checks 210 websites • 2.6 billion compromised accounts contained • Treat it like a credit-check Password Hygiene Checkup
• As opposed to the standard password authentication, 2FA OTP (one-time password) uses two elements. These are “something that user knows,” such as a password or a PIN code, and “something that user has,” typically a mobile phone or hardware token. • Used in combination, they provide greatly enhanced security for data access. Two-factor Authentication (2FA) Explained
• Data breach through weak or stolen passwords • User-created passwords that are not random characters • Re-use of passwords intended for access to company assets for private accounts • Passwords containing user-specific data – e.g. name, date of birth • Simple patterns to derive new passwords, such as “elephant1,” “elephant2,” etc. 2FA solves the problem of:
Top Tips for Password Safety Utilize unique passwords across all websites/applications Enable and utilize 2FA on all websites that allow it Choose unique, non-true security questions 1 2 3
INTERNET PROTECTION
Internet Protection Overview Search Engine Safety Web Content Filter HTTPS Public Wi-Fi Internet of Things
Internet Protection Overview Search Engine Safety
• Even if the website is reputable, the advertisement being displayed could be malicious and infect your computer or mobile device. • Free things (music, movies, game cheats, etc.) are very commonly filled with malware, and are rarely what they say they are. Search Engine Safety
Top Tips for Search Engines Stick to clicking on sites on the first page of results. Be careful when clicking on non- name recognizable sites. Malware commonly masquerades as free things. 1 2 3
Internet Protection Overview Web Content Filter
• Filters web traffic based off pre-configured policies set by the administrator. • There are both home versions and corporate versions. • Home versions focus on child safety, while corporate versions focus on employee productivity. Web Content Filter
• Not only can it restrict the content that is displayed to a certain audience, it can also be utilized to filter malicious content and protect the user. Web Content Filter
Top Tips for Web Content Filter Increase employee productivity by implementing a web filter. Curb risky user behavior and reduce malware exposure by implementing a web filter. Protect children’s mobile devices and computers from displaying inappropriate content with a web filter. 1 2 3
Internet Protection Overview HTTPS
• Is a protocol for secure communication over a computer network which is widely used on the internet • HTTPS is typically notated by displaying a green lock in the web address bar: HTTPS
Top Tips for Secure Websites (HTTPS) Before entering sensitive information, check to see if the site is secured by HTTPS. Check to make sure this is a reputable website before entering credit card information; don’t just depend on the HTTPS indicator. 1 2
Internet Protection Overview Public Wi-Fi
Top Tips for Public Wi-Fi Verify the Wi-Fi name with the business owner prior to connecting. Treat public Wi-Fi connections as compromised (unsafe). Utilize an anti-malware product to help prevent against cyberattacks while connected. 1 2 3
Internet Protection Overview Internet of Things
Top Tips for Internet of Things (IoT) Change default usernames and passwords on all devices including routers. If you do not utilize the web features, disable them. Make sure all IoT devices, including routers, are kept up to date with the newest firmware (software). 1 2 3
EMAIL PROTECTION
Email Protection Overview 2FA Password Reset Spam Protection Attachment Policy
Email Protection Overview 2FA
Top Tips for 2FA and Email Password protect or utilize fingerprint reader to protect your 2FA app in case of a lost device. Do not utilize SMS if you can help it as a 2FA method; always use an application or push. Enable 2FA not just on email but all critical websites and applications that allow it. 1 2 3
Email Protection Overview Password Reset
Top Tips for Password Reset Utilize strong unique passwords. Utilize strong, not correct, security questions. Monitor attempted password resets on your accounts for fraudulent activity. 1 2 3
Email Protection Overview Spam Protection
Top Tips for Spam Protection Utilize a different provider or 3rd party product if necessary. Never click, open or respond to spam messages. When posting email to classified sites, use the following format to keep spam bots from retrieving and using your address: john.smith (at) email.com. 1 2 3
Email Protection Overview Attachment Policy
Top Tips for Attachment Policies Employees need training and a clear attachment policy. Never open or save attachments from an unknown sender. Even though something looks like a file that you do not think is malicious… doesn’t mean it isn’t malicious. 1 2 3
PREVENTIVE MEASURES
Top Tips for Preventive Measures Utilize an AV product on all devices, not just Windows computers. Define a clear attachment policy coupled with a spam filter. Implement a Web content filter to help with malicious content, inappropriate content, and productivity issues. Utilize unique passwords and maintain a clear password policy. If needed, use a password manager. Keep all internet-connected devices up to date, including routers, IoT devices, computers, mobile devices. 1 2 3 4 5
Thank you!

More Related Content

PDF
CyberSecurity Awareness Training Presentation v2025.09
byDallasHaselhorst
 
PPT
Cyber Security Awareness Training by Win-Pro
byRonald Soh
 
PPT
Cyber security awareness training by cyber security infotech(csi)
byCyber Security Infotech
 
PPTX
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
PPT
General Awareness On Cyber Security
byDominic Rajesh
 
PPTX
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
byDavid Menken
 
PPTX
Cyber Security Awareness Program.pptx
byDinesh582831
 
PPTX
User security awareness
byK. A. M Lutfullah
 
CyberSecurity Awareness Training Presentation v2025.09
byDallasHaselhorst
 
Cyber Security Awareness Training by Win-Pro
byRonald Soh
 
Cyber security awareness training by cyber security infotech(csi)
byCyber Security Infotech
 
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
General Awareness On Cyber Security
byDominic Rajesh
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
byDavid Menken
 
Cyber Security Awareness Program.pptx
byDinesh582831
 
User security awareness
byK. A. M Lutfullah
 

What's hot

PDF
Employee Security Awareness Program
bydavidcurriecia
 
PPTX
Mobile device forensics
bySuresh Kumar
 
PPT
Employee Security Training[1]@
byR_Yanus
 
PPTX
Employee Security Awareness Training
byDenis kisina
 
PPTX
Cybersecurity Awareness Training
byDave Monahan
 
PPTX
Security awareness
byJosh Chandler
 
PPT
IT Security Awareness-v1.7.ppt
byOoXair
 
PPTX
Information Security Awareness Training Open
byFred Beck MBA, CPA
 
PDF
Cybersecurity Awareness Training Presentation v1.3
byDallasHaselhorst
 
PPT
Malware Analysis Made Simple
byPaul Melson
 
PPTX
information security awareness course
byAbdul Manaf Vellakodath
 
PPTX
Password Attack
bySina Manavi
 
PDF
Cybersecurity Awareness Training Presentation v2021.08
byDallasHaselhorst
 
PPTX
Social Engineering new.pptx
bySanthosh Prabhu
 
PPTX
Phishing awareness
byPhishingBox
 
PDF
Customer information security awareness training
byAbdalrhmanTHassan
 
PPTX
Security Awareness Training.pptx
byMohammedYaseen638128
 
PDF
Ransomware
bym3 Networks Limited
 
PDF
Information Security Awareness Training
byRandy Bowman
 
PPTX
Cybersecurity Awareness for employees.pptx
byAbdullaFatiya3
 
Employee Security Awareness Program
bydavidcurriecia
 
Mobile device forensics
bySuresh Kumar
 
Employee Security Training[1]@
byR_Yanus
 
Employee Security Awareness Training
byDenis kisina
 
Cybersecurity Awareness Training
byDave Monahan
 
Security awareness
byJosh Chandler
 
IT Security Awareness-v1.7.ppt
byOoXair
 
Information Security Awareness Training Open
byFred Beck MBA, CPA
 
Cybersecurity Awareness Training Presentation v1.3
byDallasHaselhorst
 
Malware Analysis Made Simple
byPaul Melson
 
information security awareness course
byAbdul Manaf Vellakodath
 
Password Attack
bySina Manavi
 
Cybersecurity Awareness Training Presentation v2021.08
byDallasHaselhorst
 
Social Engineering new.pptx
bySanthosh Prabhu
 
Phishing awareness
byPhishingBox
 
Customer information security awareness training
byAbdalrhmanTHassan
 
Security Awareness Training.pptx
byMohammedYaseen638128
 
Ransomware
bym3 Networks Limited
 
Information Security Awareness Training
byRandy Bowman
 
Cybersecurity Awareness for employees.pptx
byAbdullaFatiya3
 

Similar to Cyber Security Training Module 2025.pptx

PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPT
12990739.ppt
byMuhammadShahidulIsla8
 
PPTX
Phish training final
byJen Ruhman
 
PPTX
Information security awareness - 101
bymateenzero
 
PPTX
Cybersecurity awareness _20241220_223916_0000.pptx
byjoyabisha1
 
PDF
Be Cyber Smart! (DLH 10/25/2019)
byDavid Herrington
 
PDF
Introduction to information security
byHarish Jangid
 
PPT
Online Self Defense
byBarry Caplin
 
PDF
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
byamiinaaa
 
PPTX
Computer / Internet Security WHPL
byWest Haven Public Library
 
PPTX
Information Security Awareness With Shawn Changes
byMichael Dessecker
 
PDF
Mc physics colloquium2018-03-30.-handouts
byKevin Wall
 
PPTX
Security - 101 - ISSA
byPedro Serrano
 
PDF
Masterclass_ Cybersecurity and Data Privacy Basics
byExcellence Foundation for South Sudan
 
PDF
Executive Directors Chat:It's easy to stay safe online.pdf
byTechSoup
 
PPTX
7 Things People Do To Endanger Their Networks
byjaymemcree
 
PPTX
Private Data and Prying Eyes
byEllie Sherven
 
PPTX
Cyber privacy and password protection
bysajeena81
 
PPTX
How to Protect Yourself From Heartbleed Security Flaw
byConnectSafely
 
Hyphenet Security Awareness Training
byJen Ruhman
 
Hyphenet Security Awareness Training
byJen Ruhman
 
12990739.ppt
byMuhammadShahidulIsla8
 
Phish training final
byJen Ruhman
 
Information security awareness - 101
bymateenzero
 
Cybersecurity awareness _20241220_223916_0000.pptx
byjoyabisha1
 
Be Cyber Smart! (DLH 10/25/2019)
byDavid Herrington
 
Introduction to information security
byHarish Jangid
 
Online Self Defense
byBarry Caplin
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
byamiinaaa
 
Computer / Internet Security WHPL
byWest Haven Public Library
 
Information Security Awareness With Shawn Changes
byMichael Dessecker
 
Mc physics colloquium2018-03-30.-handouts
byKevin Wall
 
Security - 101 - ISSA
byPedro Serrano
 
Masterclass_ Cybersecurity and Data Privacy Basics
byExcellence Foundation for South Sudan
 
Executive Directors Chat:It's easy to stay safe online.pdf
byTechSoup
 
7 Things People Do To Endanger Their Networks
byjaymemcree
 
Private Data and Prying Eyes
byEllie Sherven
 
Cyber privacy and password protection
bysajeena81
 
How to Protect Yourself From Heartbleed Security Flaw
byConnectSafely
 

More from surnil7785

PPTX
Responsible-Business-Alliance-RBA for staff.pptx
bysurnil7785
 
PPTX
Smeta-Ppt-Hindi.pptx training for staaff
bysurnil7785
 
PPTX
Digital & SIP Training Security Training Module.pptx
bysurnil7785
 
PPTX
FACILITY-SECURITY-PLAN-training pptx.pptx
bysurnil7785
 
PPTX
JPPIPL Carbon awareness Footprint Training.pptx
bysurnil7785
 
PPTX
shra-awareness performance-appraisal.pptx
bysurnil7785
 
PPTX
781544553-HSE-awareness Induction-Template.pptx
bysurnil7785
 
PPTX
Cyber security-awareness-training security-.pptx
bysurnil7785
 
PDF
Chemical Safety Tool Box Talk. safety pdf ppt
bysurnil7785
 
PPTX
Environment Protection Awareness Training.pptx
bysurnil7785
 
PPTX
Code of Conduct & Workplace Ethics - JP.pptx
bysurnil7785
 
PPT
Dining Etiquette - JP.ppt awareness training
bysurnil7785
 
PPTX
posh_pink__blue-archies.pptx awareness training
bysurnil7785
 
PPTX
CyberSecurityPPT_V3_1.pptx training module
bysurnil7785
 
PPTX
Parenting Style.pptx training for parents
bysurnil7785
 
PPTX
Parental Support.pptx training for paremts
bysurnil7785
 
PPTX
cyber-security-training-presentation-q320.pptx
bysurnil7785
 
PPTX
Chemical Storage & handling training ppt.pptx
bysurnil7785
 
PPTX
GRIEVANCE PROCEDURE PPT HINDI JP 2024.pptx
bysurnil7785
 
PPTX
grievanceitshandlingprocedure-171027101500.pptx
bysurnil7785
 
Responsible-Business-Alliance-RBA for staff.pptx
bysurnil7785
 
Smeta-Ppt-Hindi.pptx training for staaff
bysurnil7785
 
Digital & SIP Training Security Training Module.pptx
bysurnil7785
 
FACILITY-SECURITY-PLAN-training pptx.pptx
bysurnil7785
 
JPPIPL Carbon awareness Footprint Training.pptx
bysurnil7785
 
shra-awareness performance-appraisal.pptx
bysurnil7785
 
781544553-HSE-awareness Induction-Template.pptx
bysurnil7785
 
Cyber security-awareness-training security-.pptx
bysurnil7785
 
Chemical Safety Tool Box Talk. safety pdf ppt
bysurnil7785
 
Environment Protection Awareness Training.pptx
bysurnil7785
 
Code of Conduct & Workplace Ethics - JP.pptx
bysurnil7785
 
Dining Etiquette - JP.ppt awareness training
bysurnil7785
 
posh_pink__blue-archies.pptx awareness training
bysurnil7785
 
CyberSecurityPPT_V3_1.pptx training module
bysurnil7785
 
Parenting Style.pptx training for parents
bysurnil7785
 
Parental Support.pptx training for paremts
bysurnil7785
 
cyber-security-training-presentation-q320.pptx
bysurnil7785
 
Chemical Storage & handling training ppt.pptx
bysurnil7785
 
GRIEVANCE PROCEDURE PPT HINDI JP 2024.pptx
bysurnil7785
 
grievanceitshandlingprocedure-171027101500.pptx
bysurnil7785
 

Recently uploaded

DOCX
What Makes The All United As One Beach Towel So Meaningful?
bymelissahall19940
 
PPTX
Artificial intelligence, disinformation, and social media: distribution, not ...
byRobert Pinter
 
PPTX
TRANSMISSION MEDIA in Information Technology.pptx
byCollegeofComputerStu
 
PDF
RDWP-12 – The Drift Principle: Why Meaning Erodes Gradually
byTheRealityDrift
 
DOCX
>Mooncraft Wines | Premium Fusion & Classic Wines
bysirishasaree2000
 
PPTX
Trinity College of Engineering and Technology
byRammohanreddyRajidi2
 
PPTX
Cybercrime_Prevention_Act_Presentation.pptx
byRudyGuzman8
 
PDF
Social Media Growth Strategies by Niki Puls
bynikipulsofficial
 
What Makes The All United As One Beach Towel So Meaningful?
bymelissahall19940
 
Artificial intelligence, disinformation, and social media: distribution, not ...
byRobert Pinter
 
TRANSMISSION MEDIA in Information Technology.pptx
byCollegeofComputerStu
 
RDWP-12 – The Drift Principle: Why Meaning Erodes Gradually
byTheRealityDrift
 
>Mooncraft Wines | Premium Fusion & Classic Wines
bysirishasaree2000
 
Trinity College of Engineering and Technology
byRammohanreddyRajidi2
 
Cybercrime_Prevention_Act_Presentation.pptx
byRudyGuzman8
 
Social Media Growth Strategies by Niki Puls
bynikipulsofficial
 

Cyber Security Training Module 2025.pptx

  • 2.
    Agenda Threats Overview Password Safety WebProtection Email Protection Preventive Measures 1 2 3 4 5
  • 3.
  • 4.
    Root Cause ofData Breaches 25% Human Error 27% Process Failure 48% Malicious
  • 5.
    Lost or stolen device Data BreachBreakdown Human Error
  • 6.
  • 7.
  • 8.
  • 9.
    Malware includes numerousthreat families, all with different names. Viruses Trojans Ransomware Rootkits Bootkits Worms
  • 10.
    Top Tips toAvoid Malware Install Endpoint Security on all devices. Be careful what you plug in. Be careful what you click. Get awareness training for entire family. 1 2 3 4
  • 11.
  • 12.
  • 13.
  • 14.
    Top Tips toAvoid Phishing Check who the email sender is. Check the email for grammar and spelling mistakes. Mouse over the link to see where it goes. Do not click the link – manually type it in. 1 2 3 4
  • 15.
  • 16.
    • Manipulation ofpeople into divulging confidential or sensitive information • Most commonly done over email, but also regularly carried out over the phone Social Engineering
  • 17.
    • Can bea slow gain of information • Can attempt to gain all information needed at once Social Engineering
  • 18.
    • Phone calltargets employees at a business. • Caller asks who the boss/CEO is. • Requests his/her email address. • Now the attacker has the username and the name of the person targeted for compromise. Social Engineering Examples
  • 19.
    • A personwalks into office pretending to be a contractor. • Due to his/her uniform, people assume it’s OK. • Person walks into room with sensitive info and steals it. Social Engineering Examples
  • 20.
    Top Tips toAvoid Social Engineering Be careful with the information you disclose. Verify credentials of contractors. If you have any doubts on the identity of callers, hang up and call their official company number back. 1 2 3
  • 21.
  • 22.
    • What citydid you grow up in? • What is your dog’s name? • What high school did you attend? • What is your favorite book? • What is your dream job? • What is your mother’s maiden name? Can these answers be found on your Facebook account?
  • 23.
  • 24.
  • 25.
    • Typically, usersare honest when filling out security questions. • Malicious parties can utilize social media to find out the answers to these questions, which allows them to reset your password. • Best practice is to not be honest when filling out these questions. Treat security questions as another password field. Security Questions
  • 26.
    • Typically, userspractice risky behavior with respect to passwords. • Passwords nowadays can be a gateway into identity theft. Users and Poor Password Hygiene
  • 27.
    Document or stickynote with passwords written on it Poor Password Hygiene
  • 28.
    Freely sharing passwordwith friends, family members, colleagues Poor Password Hygiene
  • 29.
    Poor Password Hygiene 8characters 8 characters + 1 number 8 characters + 1 number + 1 symbol 8 characters + 1 number + 1 symbol + 1 capital elephant elephant1 elephant1! Elephant1! = = = =
  • 30.
  • 31.
    • Passwords sometimesare extracted • Very simple to try all alternative options of password-base Data breaches lead to password problems because… Example •Password that was stolen was elephant •Password required by website is 8 characters 1 symbol •32 symbols on the computer(would take a human 5 minutes) •Computers can carry out these tasks in fractions of a second
  • 32.
    • If youhave trouble remembering passwords or creating unique passwords, utilize a password manager. • There are several very secure password managers on the market that work across all Oses. • They will remember and auto-complete your passwords for you once your “master” password is entered. Password Managers
  • 33.
    https://haveibeenpwned.com/ • Currently checks210 websites • 2.6 billion compromised accounts contained • Treat it like a credit-check Password Hygiene Checkup
  • 34.
    • As opposedto the standard password authentication, 2FA OTP (one-time password) uses two elements. These are “something that user knows,” such as a password or a PIN code, and “something that user has,” typically a mobile phone or hardware token. • Used in combination, they provide greatly enhanced security for data access. Two-factor Authentication (2FA) Explained
  • 35.
    • Data breachthrough weak or stolen passwords • User-created passwords that are not random characters • Re-use of passwords intended for access to company assets for private accounts • Passwords containing user-specific data – e.g. name, date of birth • Simple patterns to derive new passwords, such as “elephant1,” “elephant2,” etc. 2FA solves the problem of:
  • 36.
    Top Tips forPassword Safety Utilize unique passwords across all websites/applications Enable and utilize 2FA on all websites that allow it Choose unique, non-true security questions 1 2 3
  • 37.
  • 38.
  • 39.
  • 40.
    • Even ifthe website is reputable, the advertisement being displayed could be malicious and infect your computer or mobile device. • Free things (music, movies, game cheats, etc.) are very commonly filled with malware, and are rarely what they say they are. Search Engine Safety
  • 41.
    Top Tips forSearch Engines Stick to clicking on sites on the first page of results. Be careful when clicking on non- name recognizable sites. Malware commonly masquerades as free things. 1 2 3
  • 42.
  • 43.
    • Filters webtraffic based off pre-configured policies set by the administrator. • There are both home versions and corporate versions. • Home versions focus on child safety, while corporate versions focus on employee productivity. Web Content Filter
  • 44.
    • Not onlycan it restrict the content that is displayed to a certain audience, it can also be utilized to filter malicious content and protect the user. Web Content Filter
  • 45.
    Top Tips forWeb Content Filter Increase employee productivity by implementing a web filter. Curb risky user behavior and reduce malware exposure by implementing a web filter. Protect children’s mobile devices and computers from displaying inappropriate content with a web filter. 1 2 3
  • 46.
  • 47.
    • Is aprotocol for secure communication over a computer network which is widely used on the internet • HTTPS is typically notated by displaying a green lock in the web address bar: HTTPS
  • 48.
    Top Tips forSecure Websites (HTTPS) Before entering sensitive information, check to see if the site is secured by HTTPS. Check to make sure this is a reputable website before entering credit card information; don’t just depend on the HTTPS indicator. 1 2
  • 49.
  • 50.
    Top Tips forPublic Wi-Fi Verify the Wi-Fi name with the business owner prior to connecting. Treat public Wi-Fi connections as compromised (unsafe). Utilize an anti-malware product to help prevent against cyberattacks while connected. 1 2 3
  • 51.
  • 52.
    Top Tips forInternet of Things (IoT) Change default usernames and passwords on all devices including routers. If you do not utilize the web features, disable them. Make sure all IoT devices, including routers, are kept up to date with the newest firmware (software). 1 2 3
  • 53.
  • 54.
    Email Protection Overview 2FAPassword Reset Spam Protection Attachment Policy
  • 55.
  • 56.
    Top Tips for2FA and Email Password protect or utilize fingerprint reader to protect your 2FA app in case of a lost device. Do not utilize SMS if you can help it as a 2FA method; always use an application or push. Enable 2FA not just on email but all critical websites and applications that allow it. 1 2 3
  • 57.
  • 58.
    Top Tips forPassword Reset Utilize strong unique passwords. Utilize strong, not correct, security questions. Monitor attempted password resets on your accounts for fraudulent activity. 1 2 3
  • 59.
  • 60.
    Top Tips forSpam Protection Utilize a different provider or 3rd party product if necessary. Never click, open or respond to spam messages. When posting email to classified sites, use the following format to keep spam bots from retrieving and using your address: john.smith (at) email.com. 1 2 3
  • 61.
  • 62.
    Top Tips forAttachment Policies Employees need training and a clear attachment policy. Never open or save attachments from an unknown sender. Even though something looks like a file that you do not think is malicious… doesn’t mean it isn’t malicious. 1 2 3
  • 63.
  • 64.
    Top Tips forPreventive Measures Utilize an AV product on all devices, not just Windows computers. Define a clear attachment policy coupled with a spam filter. Implement a Web content filter to help with malicious content, inappropriate content, and productivity issues. Utilize unique passwords and maintain a clear password policy. If needed, use a password manager. Keep all internet-connected devices up to date, including routers, IoT devices, computers, mobile devices. 1 2 3 4 5
  • 65.

Editor's Notes

  • #2  First we will go through a threats overview, which is designed to bring awareness to the different security concerns surrounding specific threats. Next Password Safety that will run through some best practices not just when creating passwords but utilizing them. Then Web Protection, which will go through different things to know about when utilizing the internet Then Email Protection, which will focus on email borne threats and spam. Then finally we will finish up with preventative measures. Keep in mind throughout this webinar I will be giving tips and best practices not just for you to utilize in the business world, but at home as well
  • #23 Does this screen or others like this look familiar?
  • #24 How about this? This is extremely important in the conversation around passwords due to the fact that most passwords can be simply changed or reset by knowing a few answers to questions about yourself. Most of these answers can be commonly found on users’ social media accounts. So it is very important to not just practice good password policies but also strong security questions as well.
  • #27 So typically due to the complexity requirements of passwords usually users end up writing their passwords on sticky notes or in documents on their desktop.
  • #28 Others freely share their passwords with other users. We see this especially in organizations that require users to clock in at the beginning and end of the day. They do not want to be late again so they call their friend who is already at work and ask them to clock in for them.
  • #29 Current password policies that are often used today are not adequate at protecting users. As you can see this is what a typical user does. If a password requires 8 characters they might choose something like elephant. But if they go to another application or website and now it requires a number, they are not going to think of a brand new unique password, they are just going to tack on a 1 at the end. This continues when websites require a symbol, or capital. Users are re-using the exact same password base, which is Elephant.
  • #30 This leads to current password policies that typically have users change their password every 90 days or every 6 months. Users are not increasing your businesses security by changing their password on these scheduled intervals due to them doing the above. They are simply going to the next number and next symbol on the keyboard. In fact now NIST is recommending against having users change passwords every 90 days due to the above.
  • #31 So when data breaches occur passwords are sometimes extracted, it would be very easy for me to go to another website and figure out what your password is. For example if the password that was stolen was elephant, and I went to a website that required 8 characters and 1 symbol. There are only 32 symbols on the keyboard, therefore I only need to type in elephant and then try every symbol and see if I gain access into whatever system I am trying to break into.
  • #33 So a great resource to inform your users about is this website. which will check all of the databases of compromised credentials to see if your credentials are any of the ones that have been stolen. You can enter in your commonly used usernames or email address and it will let you know if there has been a breach and what was breached. If your password was stolen it is recommended to completely change your password, don’t just change the number or symbol!
  • #34 So Two-Factor is a solution that can prevent poor password policies, and ultimately turns the login process into requiring a User, Password, and a One time password. This one time password typically comes from a mobile device or hard token. So it turns the password authentication into something that the user knows (such as a password) and something they have (a cell phone). If you do not have both pieces of information you are unable to log in.