Information Security
-
Upload
chief-optimist -
Category
Technology
-
view
550 -
download
1
description
Transcript of Information Security
Information Security The issue, why you should care and how you can help keep
your data safe.
•Data breaches cost companies millions if not billions of dollars each year.
•With more than 50,000 new threats emerging each day, it can be challenging to keep your organization protected.
April 8, 2023
Why is data security an important issue?
of these attacks were attributed to external agents
81% of attacks involved some sort of digitalhacking
174 million records were compromised
There were
data breaches
in 2011 alone
There were
data breaches
in 2011 alone
855
were targets of opportunity
of victims
Security by the Numbers
79%
April 8, 20233 Source: 2012 Data Breach Investigations Report
98%
Fraud
These attacks are after credit card numbers, bank accounts, pass-words … anything they can use themselves or sell for profit.
Industrial Espionage
This is the most difficult motive to protect yourself against because specific proprietary information is targeted.
Activism
Activists disagree with a particular political or social stance you take, and want only to create chaos and embarrass your company until you’ve learned your lesson.
Why are you being attacked?
April 8, 2023 4
Top Three Security Threats
Once you’re able to identify your organization’s potential targets, it’s important to understand the most common types of attacks could face.
• Malware
• Internet-facing applications
• Social engineering
April 8, 2023
Social Engineering: You Are the Weakest Link
For a company with more than 30 employees, one expert puts the success rate of social engineering at 100%.
Social engineering is the art of deceptively influencing a person face to face, over the phone, via email, etc., to get the information you want.
For example:Convincing an employee to share a company
password over the phoneTricking someone into opening a malicious
email attachmentSending a company “free” hardware that’s
been pre-infected
There is a bright side . . .
“Criminals are lazy and don’t want to work, so they go after the low-hanging fruit. Companies need to think about this so their baseline of security is above the level of low-hanging fruit.”
—Kevin Mitnick, the world’s most famous former hacker
April 8, 2023 Xerox Internal Use Only 8
How can you help keep your organization safe?
• Educate and train your staff on the dangers of social engineering.
• Perform a security audit to find and fix any glaring vulnerabilities.
• Ask yourself (or whoever is in charge of IT) five simple questions . . .
April 8, 20238
“What security controls and processes are set up in the organization to prevent and detect security breaches?”
“What is the response capability if a security incident is detected?”
“Do we test our security posture on an annual basis (called pen testing)?”
“Are we able to handle our security requirements in-house or do we need to outsource them?”
April 8, 2023 9
“If we need to outsource it, how do we find the best provider?”54321
1. Establish a VPN connection when using free Wi-Fi. This keeps bad guys from eavesdropping on your internet usage.
2. Use Google Chrome as your default browser. This isn’t a plug for Google—Internet Explorer is the most frequently targeted browser.
3. Make sure all of your software is up to date. Enable automatic update settings and frequently check for newer versions of software.
4. Be wary of peer-to-peer sharing. Downloading certain file-sharing utilities can open up your entire hard drive to the world.
5. Diversify your passwords. If you’re having trouble keeping them straight, use a free, downloadable password manager.
April 8, 2023 10
Follow These Everyday Rules of Thumb
For more valuable insights, visit GetOptimistic.com
Presented by Xerox