View
3
Download
0
Category
Preview:
Citation preview
10/1/2019
1
Securing Your Users Cyber Safe Workforce LLC
Securing Your Users Cyber Safe Workforce LLC
Michelle WardStarted Cyber Safe Workforce in 2015
Spent 12 prior years as a systems engineer in federal civilservice and defense contracting
Technical background in secure web app development
Pen testing, compliance
CISSP®, CSSLP
Passionate about Information Security
Volunteer organizations:Cyberthon, FDLE RDSTF1 Cyber Committee,WiCyS, Girl Scouts
Lives in Fort Walton Beach, FL with husband and two kids
Securing Your Users Cyber Safe Workforce LLC
Why Users?
The information provided here is for informational and educational purposes and current as of the date of publication. The information is not a substitute for legal advice and does not necessarily reflect the opinion or policy position of the Municipal Association of South Carolina. Consult your attorney for advice concerning specific situations.
10/1/2019
2
Securing Your Users Cyber Safe Workforce LLC
Securing Your Users Cyber Safe Workforce LLC
Employees check e-mail
@ Version 2019 DBIR
Phishing was involved in 32% ofbreaches
Majority of malware is delivered byemail
Business E-mail Compromise (BEC)was responsible for loss of $10billion from U.S. victims(Oct 2013 – Jul 2019)
Securing Your Users Cyber Safe Workforce LLC
Employees go online
Hacked websites trick users intodownloading malicious code
Webroot®’s 2019 Threat Reportstates that 40% of malicious URLswere found on good domains
10/1/2019
3
Securing Your Users Cyber Safe Workforce LLC
Employees also…
Receive Calls Work On-the-GoHandle Sensitive
Information
Securing Your Users Cyber Safe Workforce LLC
While employees are at work…
They touch
Data/Information
Network
Resources
Securing Your Users Cyber Safe Workforce LLC
“
”Nothing badcould happen…Right?
10/1/2019
4
Securing Your Users Cyber Safe Workforce LLC
Securing Your Users Cyber Safe Workforce LLC
True Stories
Pasquotank-Camden EmergencyMedical Services had over 40kmedical records compromised due toa third party vendor vulnerability.
NC / Feb 2019
The City of Thomasville accidentallyreleased the Social Security numbersof 269 employees when answering apublic records request.
NC / Feb 2018
Securing Your Users Cyber Safe Workforce LLC
True Stories
Orange County was infected withransomware which led to several daysof service disruptions.
NC / Mar 2019
City of Greenville had slowed orstopped operations because ofransomware.
NC / Apr 2019
10/1/2019
5
Securing Your Users Cyber Safe Workforce LLC
True Stories
Jackson County pays $400k ransomdemand.
GA / Mar 2019
Dorchester School District 2 paid a$2,900 ransom to have the data on 25servers decrypted after a ransomwareattack.
SC / Aug 2017
Securing Your Users Cyber Safe Workforce LLC
Shoring up the Weakest Link
A Security Awareness and Training Program is meant to reduce therisk that HUMANS introduce
Do you need to have it?
State of SC Information Security Policy on Human Resources andSecurity Awareness
HIPAA §164.308.(a).(5).(i)
PCI DSS §12.6
NIST Cybersecurity Framework (PR.AT)
ISACA COBIT 5 APO07.03, BAI05.07
ISO/IEC 27001:2013 A.7.2.2
CIS20
Securing Your Users Cyber Safe Workforce LLC
10/1/2019
6
Securing Your Users Cyber Safe Workforce LLC
Big Picture
NIST Cybersecurity Framework
Identify
Protect
Detect
Respond
Recover
Cyber Threats +
Use Policies +
Security products
Securing Your Users Cyber Safe Workforce LLC
Aware vs. Unaware
Aware employees will never give outpasswords
Unaware employees will fall for an ITadmin impersonator scam and revealtheir password
Securing Your Users Cyber Safe Workforce LLC
Aware vs. Unaware
Aware employees will call the helpdesk when their antivirus shows analert
Unaware employees will go home forthe day while ransomware encryptstheir files and files on mapped drives
10/1/2019
7
Securing Your Users Cyber Safe Workforce LLC
Aware vs. Unaware
Aware employees will encrypt e-mails containing PII/PHI
Unaware employees will send PII/PHIunencrypted, download it to USBstorage, and upload it to personalcloud storage
Securing Your Users Cyber Safe Workforce LLC
Aware vs. Unaware
Aware employees will alert you tosecurity issues or ask questions whenunsure
Unaware employees will shrug it off assomeone else’s responsibility
Securing Your Users Cyber Safe Workforce LLC
Awareness AND Training
Awareness (Why, What)
Our password policy is…
You must change your passwordevery X days because…
Training (How)
How to create a strong password
How to change your password
How to reset your password
10/1/2019
8
Securing Your Users Cyber Safe Workforce LLC
Big Picture *EDIT*
Employees are your unintentionalinsider threats
52% of databreaches arecaused by humanerror(Source: CompTIA InternationalTrends in Cybersecurity 2016)
Cyber Threats +
Use Policies +
Security products
Securing Your Users Cyber Safe Workforce LLC
Program StructureWHAT DO I PUT IN A SECURITY AWARENESS AND TRAINING PROGRAM?
CAN I DO THIS JUST ONCE?
Securing Your Users Cyber Safe Workforce LLC
Security Awareness and TrainingLifecycle (SATL)
10/1/2019
9
Securing Your Users Cyber Safe Workforce LLC
Security Awareness and TrainingLifecycle (SATL)
Securing Your Users Cyber Safe Workforce LLC
Identify & Define
Define scope, roles & responsibilities,compliance requirements, update interval(NIST SP800-53r4 AT-1)
Identify curriculum and learning objectives,the company’s goals, goal measurement,training delivery methods, time frames
Securing Your Users Cyber Safe Workforce LLC
Topics
PasswordsHow to create a strongpassword you can remember
PhishingRecognize and report
Physical SecurityLock workstations, questionaccess, clean desk
10/1/2019
10
Securing Your Users Cyber Safe Workforce LLC
Topics
Confidential InfoWhere to store?How to send?
Safer Web SurfingRecognize online scams
Acceptable UseReminders about usage, sharingaccounts, installingsoftware/extensions
Securing Your Users Cyber Safe Workforce LLC
Baseline
Gather data and statistics related togoals prior to training
Put mechanisms in place to track goals
Securing Your Users Cyber Safe Workforce LLC
Baseline
Record baseline results
10/1/2019
11
Securing Your Users Cyber Safe Workforce LLC
Train
Format
In-person presentations
CBTs
Who
New employees
Existing employees
High-risk groups
Securing Your Users Cyber Safe Workforce LLC
Train
Catch new employees asthey arrive…
Securing Your Users Cyber Safe Workforce LLC
Train
Participation logs and scores foreach training activity recorded
10/1/2019
12
Securing Your Users Cyber Safe Workforce LLC
“
”
How do you know yourmessage made animpact?
What you measure affects how people behave
Securing Your Users Cyber Safe Workforce LLC
Track & Measure
Audit participation
Gather goal-related metrics
Survey users
Conduct tests (social engineering,phishing, walkthrough inspections)
Securing Your Users Cyber Safe Workforce LLC
Track & Measure
Participation stats/scores
Feedback
Test Results
10/1/2019
13
Securing Your Users Cyber Safe Workforce LLC
Train, Track & Measure
Securing Your Users Cyber Safe Workforce LLC
Evaluate & Update
Review Training Report
New Threat Information?
New Technology/Policies/Controls?
Frequent Issues?
Securing Your Users Cyber Safe Workforce LLC
“
”
Did you meet your goals?
10/1/2019
14
Securing Your Users Cyber Safe Workforce LLC
Evaluate & Update
Review and update as needed
Securing Your Users Cyber Safe Workforce LLC
Security Awareness and TrainingArtifacts
Securing Your Users Cyber Safe Workforce LLC
But I Have No…support, budget, time, or content
10/1/2019
15
Securing Your Users Cyber Safe Workforce LLC
One Thing at a Time
What is your greatest threat?
Determine Cost & Likelihood
Focus on one outcome to improve
Securing Your Users Cyber Safe Workforce LLC
One Thing at a Time
Problem: Unlocked, unattended computers
Securing Your Users Cyber Safe Workforce LLC
Identify & Define
Outcomes:
All users voluntarily enable the screen lock on theircomputer
Users voluntarily secure work-issued smartphones andtablets in locked spaces while away
Measure:
Conduct walkthrough inspections
10/1/2019
16
Securing Your Users Cyber Safe Workforce LLC
Baseline
►Conduct a walkthrough inspection withoutrevealing your purpose
► Record each instance of a violation
Securing Your Users Cyber Safe Workforce LLC
Train
DEFINE the use policy onunattended workstations andmobile devices
WHY is it important?
HOW to lock your workstationor secure your devices
Securing Your Users Cyber Safe Workforce LLC
Train, Track & Measure
Several weeks after the training activity
Conduct an ANNOUNCED walkthrough inspection
Record results
10/1/2019
17
Securing Your Users Cyber Safe Workforce LLC
Track & Measure
Several weeks after the training activity
Conduct a discreet walkthrough inspection
Record results
Securing Your Users Cyber Safe Workforce LLC
Train, Track & Measure
Repeat as necessary
Securing Your Users Cyber Safe Workforce LLC
Evaluate & Update
If it’s not working, change it up!
10/1/2019
18
Securing Your Users Cyber Safe Workforce LLC
ResourcesSecurity awareness resources to use
Securing Your Users Cyber Safe Workforce LLC
Catch Their Attention
Gift Card Scam Stories
Tax Refund Fraud
Direct Deposit Diversions
The Internet Crime ComplaintCenter reports a 1240% increase ingift card scam complaintsbetween Jan 2017 and Aug 2018.(https://www.ic3.gov/media/2018/181024.aspx)
USE STORIESRelay stories whereindividual people wereaffected by cyber crime.
Securing Your Users Cyber Safe Workforce LLC
Passwords: Longer is BetterOFFER A STRATEGYProvide the “how” tocomplying with a strongpassword policy.
10/1/2019
19
Securing Your Users Cyber Safe Workforce LLC
Passwords: Breaches
haveibeenpwned.com/passwords
RUN A CONTESTHow many times has this password“1qaz2wsx” been seen?Use HaveIBeenPwned.com/passwords
Securing Your Users Cyber Safe Workforce LLC
Passwords: Social Engineering
Jimmy Kimmel: What’s your password?https://youtu.be/UzvPP6_LRHc
USE HUMORReinforce that youshould never share yourpassword with ANYONE.
Securing Your Users Cyber Safe Workforce LLC
Phishing
“Some emails are harmful”
Steal your information
Install malicious code onyour computer
10/1/2019
20
Securing Your Users Cyber Safe Workforce LLC
Phishing: What’s suspicious?
Unrecognized Sender
Unexpected
Involves money or valuableinformation
Out-of-character or unusual
SHOW vs. TELLShow how you can lookat email addresses evenon mobile devices.
Securing Your Users Cyber Safe Workforce LLC
Phishing: Unrecognized SenderEMAIL SAFETYLESSONSReinforce emailsafety with regularlessons or tests.
Securing Your Users Cyber Safe Workforce LLC
Phishing: Web Addresses
https://teachme.cybersafeworkforce.com
SHOW WEBSITE URLSUse our free resource toteach people to look atURL bars.
10/1/2019
21
Securing Your Users Cyber Safe Workforce LLC
Phishing: LinkAware
https://www.cybersafeworkforce.com/linkaware.html
A FREE BROWSER TOOLUse our free browser toolto help people identifywhat website they’rereally visiting.
Securing Your Users Cyber Safe Workforce LLC
Phishing: Additional Resources
Free Four-Minute Trainingtraining.cybersafeworkforce.com/s3/inbox-danger
New Storieswww.cybersafeworkforce.com/cyber-roundups.html
Google Phishing Quizphishingquiz.withgoogle.com
Securing Your Users Cyber Safe Workforce LLC
Conclusion
Are you helping users comply with security?
10/1/2019
22
Securing Your Users Cyber Safe Workforce LLC
Security products are necessary, but…
Give your users the know-how to complywith security-related policies and be on thelookout for cyber threats
Securing Your Users Cyber Safe Workforce LLC
Security Awareness and TrainingLifecycle (SATL)
Securing Your Users Cyber Safe Workforce LLC
“
”
Users become security-minded and start securityconversations.
Users identify security “gray” areas to be mitigated
Cyber security continues to improve
And… You’re compliant!
10/1/2019
23
Securing Your Users Cyber Safe Workforce LLC
How We Can Help
Securing Your Users Cyber Safe Workforce LLC
How We Can Help
Bite-sized Security Awareness
Quick tips on a regular basis
Phish & Learn
Email safety lessons and simulations/tests
Online Courses
Employee on-boarding
Mandatory training requirement
Securing Your Users Cyber Safe Workforce LLC
michelle@cybersafeworkforce.com877-829-4229More Security Awareness Tips and Tactics atblog.CyberSafeWorkforce.com
Recommended