Copyright © 2006 Prosoft Learning, a VCampus Company - All rights reserved. Telephony Networking.
INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President...
-
Upload
constance-watts -
Category
Documents
-
view
223 -
download
2
description
Transcript of INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President...
![Page 1: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/1.jpg)
INFORMATION SECURITY INFORMATION SECURITY AWARENESS AWARENESS
Whose Job is it Anyway?Whose Job is it Anyway?
• Ron Freedman Ron Freedman Vice PresidentVice President
VCampus CorporationVCampus Corporation
• Scott WrightScott WrightPresidentPresidentNetwork Security SolutionsNetwork Security Solutions
![Page 2: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/2.jpg)
Copyright 2002 VCampus Corporation2
Information Security Awareness
Today’s Agenda What is Information Security? The Goals of an Information Security Program External Threats Internal Threats It's Everyone's Job The Role of Online Learning Demonstration Questions and Answers
![Page 3: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/3.jpg)
Copyright 2002 VCampus Corporation3
What Is It?
First, a definition of “Information Security”
Then, we’ll talk about “Information Security Awareness”
![Page 4: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/4.jpg)
Copyright 2002 VCampus Corporation4
A Traditional Definition
“The protection afforded to an information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (including hardware, software, firmware, information/data, and telecommunications).”
The NIST Handbook
![Page 5: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/5.jpg)
Copyright 2002 VCampus Corporation5
Goals of Information Security
Traditional CIA– Confidentiality– Integrity– Availability
Add to that . . . – Accountability– Auditability– Nonrepudiation
![Page 6: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/6.jpg)
Copyright 2002 VCampus Corporation6
Purpose of Security Awareness
To create employee sensitivity to the threats and vulnerabilities of information systems
To help employees recognize the need to protect data and information
To help employees recognize that IT security is critical
To set the stage for information security training
![Page 7: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/7.jpg)
Copyright 2002 VCampus Corporation7
What Should Be Included
Start with policies– Explain that your organization values
information as a critical asset– Explain the threats to your information
systems and why you created the company policies
People tend to follow policies when they know the “why”
![Page 8: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/8.jpg)
Copyright 2002 VCampus Corporation8
External Threats
Hackers Viruses
![Page 9: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/9.jpg)
Copyright 2002 VCampus Corporation9
Well Known Hacker Groups
Cult of the Dead Cow
2600
Defcon 9.0
![Page 10: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/10.jpg)
Copyright 2002 VCampus Corporation10
Viruses
What is a virus… Just a program– To be a virus, a program must:
Reproduce and infect
It can do almost anything it wants to do, but …
The bigger it gets, the easier it is to find.
![Page 11: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/11.jpg)
Copyright 2002 VCampus Corporation11
Internal Threats
Contractors Visitors Employees “ECP”
![Page 12: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/12.jpg)
Copyright 2002 VCampus Corporation12
Coffee Break
![Page 13: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/13.jpg)
Copyright 2002 VCampus Corporation13
It’s Everyone’s Job
Management Technical Staff End Users
![Page 14: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/14.jpg)
Copyright 2002 VCampus Corporation14
The Role of Online Learning
Tailored content for various user communities Rapidly updated to address new threats Consistent message delivered to each
audience Ability to measure achievement of learning
objectives Tracking capability for compliance needs
![Page 15: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/15.jpg)
Copyright 2002 VCampus Corporation15
Online Demonstration
![Page 16: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/16.jpg)
Copyright 2002 VCampus Corporation16
What Can You Do?
Perform a Risk Analysis Create and publish security policies
– Your information security policies should include at least:
Password control and protection Internet access Virus prevention
Start an Awareness Program
![Page 17: INFORMATION SECURITY AWARENESS Whose Job is it Anyway? Ron Freedman Ron Freedman Vice President VCampus Corporation Scott Wright Scott WrightPresident.](https://reader035.fdocuments.in/reader035/viewer/2022062401/5a4d1ad77f8b9ab0599735b1/html5/thumbnails/17.jpg)
Copyright 2002 VCampus Corporation17
How Do I Learn More?
VCampus security courses include: Information Security Awareness Selecting a Good Password Internet Security Firewall Principles Secure Web Commerce PKI Workplace Security Air Travel Safety