• Home

  • Business

  • Cybersecurity: Are Your Employees Your Weakest Link?
12
fecinc.c om Cybersecurity: Are Your Employees the Weakest Link?

Cybersecurity: Are Your Employees Your Weakest Link?

Embed Size (px)

Citation preview

Page 1: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Cybersecurity: Are Your Employees the Weakest Link?

Page 2: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

External attacks Viruses and worms Phishing and

Pretexting Data Leakage

Understanding the Risk Landscape

Page 3: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

A shift in thinkingExternal threats are most familiar

Inside threats getting more attention

Page 4: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Internal risk events– Weak credentials– Credential sharing– Unauthorized application use– Device loss/theft– Disgruntled workers on social

media Targeted information

– Private customer data– Financials– Intellectual Property

Consequences– Legal liability– Stock manipulation– Lost revenue

Looking Inside for Risks

Page 5: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

• Publish and educate• Require Strong

Passwords• Complex and strong

are different– Longer is better

than random complexity

– Easy to remember is better

• Cycle Passwords

A Working Password Policy

Page 6: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

• Commonly a focus• Hobbles usability• Users circumvent

• Focus on strength instead.– Long– Memorable

The Complexity Problem

Page 7: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Policies, Inventories, Logs and Reports– Documentation is key– Tracking and Reporting

Software-based enforcement

Internal Audits– Systemic– Manual

External Audits– Consultants– Certifications

Measuring Effectiveness

Page 8: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

• Have one• Keep it current• Consider usability• Educate

– Frame the Discussion

– Set an expectation

Effective Security Policies

Page 9: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Bank Tellers and Retail Cashiers

Page 10: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Preventing Data Leakage:Keeping the Good “In”

Methods of Data Leakage– Lost Equipment– Stolen Equipment– Equipment gifted or sold to former

employees– USB drives– Unauthorized software access via

stolen or shared credentials– Social Media Posts– Unauthorized Cloud sharing

Stopping Leaks– Firewall Rules– Data encryption and MDM– Equipment release process– Have a USB drive policy or– Lock USB ports out– Pay attention to good work process– Social Media Use Policy or– Block social media posting

Page 11: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Overall security– https://www.sans.org/critical-security-controls/control/14

Data Leakage Prevention Papers– http://

www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html

– http://resources.infosecinstitute.com/data-loss-prevention-dlp-strategy-guide/

Password Strength Article– http://

www.infoworld.com/article/2616157/security/creating-strong-passwords-is-easier-than-you-think.html?page=2

Additional Information

https://www.sans.org/critical-security-controls/control/14
https://www.sans.org/critical-security-controls/control/14
http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html
http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html
http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html
http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html
http://resources.infosecinstitute.com/data-loss-prevention-dlp-strategy-guide/
http://resources.infosecinstitute.com/data-loss-prevention-dlp-strategy-guide/
http://resources.infosecinstitute.com/data-loss-prevention-dlp-strategy-guide/
http://www.infoworld.com/article/2616157/security/creating-strong-passwords-is-easier-than-you-think.html?page=2
http://www.infoworld.com/article/2616157/security/creating-strong-passwords-is-easier-than-you-think.html?page=2
http://www.infoworld.com/article/2616157/security/creating-strong-passwords-is-easier-than-you-think.html?page=2
Page 12: Cybersecurity: Are Your Employees Your Weakest Link?

fecinc.com

Mike OckengaManager IP Services

Finley Engineering [email protected]

952-582-2912

Discussion

mailto:[email protected]

Cybersecurity: Your future, your cloud, and your smartphone...CYBERSECURITY: Your Future, Your Cloud, Your Smartphone Dan Lohrmann, Michigan Chief Security Officer ... Time permitting

Cybersecurity: Your future, your cloud, and your smartphone...CYBERSECURITY: Your Future, Your Cloud, Your Smartphone Dan Lohrmann, Michigan Chief Security Officer ... Time permitting

Documents
Protect your WEAKEST SECURITY LINK · 2020-04-13 · Protect your weakest security link—end users 1 —Bruce SchneierCT, O Counterpane Internet Security, Inc.1 2015 MARKED AN IMPORTANT

Protect your WEAKEST SECURITY LINK · 2020-04-13 · Protect your weakest security link—end users 1 —Bruce SchneierCT, O Counterpane Internet Security, Inc.1 2015 MARKED AN IMPORTANT

Documents
February 12, 2019 · 2019. 2. 27. · ATM Jackpotting. 4 │ Footer │ Classificatie: commercial in confidence ... •Weakest link •Change “Make your weakest link the strongest”

February 12, 2019 · 2019. 2. 27. · ATM Jackpotting. 4 │ Footer │ Classificatie: commercial in confidence ... •Weakest link •Change “Make your weakest link the strongest”

Documents
Transforming your endpoints from the weakest link …...©2019 heck Point Software Technologies Ltd. 1Konstantina Koukou, Security Engineer Transforming your endpoints from the weakest

Transforming your endpoints from the weakest link …...©2019 heck Point Software Technologies Ltd. 1Konstantina Koukou, Security Engineer Transforming your endpoints from the weakest

Documents
Is the Effectiveness of your Equipment your Weakest Link ... · PDF fileIs the Effectiveness of your Equipment your Weakest Link? And can TPM Strengthen your Supply Chain? ... Spares

Is the Effectiveness of your Equipment your Weakest Link ... · PDF fileIs the Effectiveness of your Equipment your Weakest Link? And can TPM Strengthen your Supply Chain? ... Spares

Documents
Cybersecurity For Your Business

Cybersecurity For Your Business

Technology
CYBERSECURITY EXPERTS ON YOUR SIDE

CYBERSECURITY EXPERTS ON YOUR SIDE

Documents
Cybersecurity: Protecting Your Buildings - and Your Company. Michael...Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley, PhD GICSP PMP LEED AP President

Cybersecurity: Protecting Your Buildings - and Your Company. Michael...Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley, PhD GICSP PMP LEED AP President

Documents
CYBERSECURITY 2021 THREATSCAPE & PROTECTING YOUR …

CYBERSECURITY 2021 THREATSCAPE & PROTECTING YOUR …

Documents
Optimizing Your Cybersecurity Investments

Optimizing Your Cybersecurity Investments

Documents
Cybersecurity: Protecting Your Buildings - and …cng.files.cms-plus.com/FileDownloads/Dr. Michael Chipley...Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley,

Cybersecurity: Protecting Your Buildings - and …cng.files.cms-plus.com/FileDownloads/Dr. Michael Chipley...Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley,

Documents
Weakest Knight

Weakest Knight

Documents
2020 MARKETING - Cybersecurity Insiders...Post your news, articles or blog posts to Cybersecurity Insiders to elevate visibility for your brand in the cybersecurity community [posts

2020 MARKETING - Cybersecurity Insiders...Post your news, articles or blog posts to Cybersecurity Insiders to elevate visibility for your brand in the cybersecurity community [posts

Documents
First Line of Defense3. Plan for the weakest link: your people. When you plan to overhaul your cybersecurity infrastructure, it’s important to keep the weakest link in mind: the

First Line of Defense3. Plan for the weakest link: your people. When you plan to overhaul your cybersecurity infrastructure, it’s important to keep the weakest link in mind: the

Documents
How to Crush 6 of Your Weakest Habits

How to Crush 6 of Your Weakest Habits

Career
events editorial - GCSEC · often the weakest link in complex cybersecurity systems and do make mistakes. If you are a cybersecurity professional or security enthusiast, this article

events editorial - GCSEC · often the weakest link in complex cybersecurity systems and do make mistakes. If you are a cybersecurity professional or security enthusiast, this article

Documents
Webinar - Reducing Your Cybersecurity Risk

Webinar - Reducing Your Cybersecurity Risk

Technology
Ted - CyberSecurity for your Business

Ted - CyberSecurity for your Business

Documents
Weakest Link… or really a game that’s similar to Weakest Link

Weakest Link… or really a game that’s similar to Weakest Link

Documents
S21sec – Your Cybersecurity Company

S21sec – Your Cybersecurity Company

Documents
Connect 4G-X · your cell phone and/or placing calls in different locations. Weakest Signal Number:_____ Weakest Signal Location: _____ Place your Inside Antenna in this poor signal

Connect 4G-X · your cell phone and/or placing calls in different locations. Weakest Signal Number:_____ Weakest Signal Location: _____ Place your Inside Antenna in this poor signal

Documents
Your Trusted Cybersecurity Advisory Partner

Your Trusted Cybersecurity Advisory Partner

Documents
5 Tips for Cybersecurity€¦ · 3/5/2019  · EMPLOYEES ARE YOUR WEAKEST SECURITY LINK An IBM study found that 95% of data breaches are caused by employee mistakes. These mistakes

5 Tips for Cybersecurity€¦ · 3/5/2019  · EMPLOYEES ARE YOUR WEAKEST SECURITY LINK An IBM study found that 95% of data breaches are caused by employee mistakes. These mistakes

Documents
Building your cybersecurity apprenticeship

Building your cybersecurity apprenticeship

Technology
Cyber Crime What's YOUR Weakest Link?

Cyber Crime What's YOUR Weakest Link?

Documents
Cybersecurity: You and I Are the Weakest LinksCybersecurity: You and I Are the Weakest Links March 3, 2016. Servio F. Medina . Acting, Policy Branch Chief of Operations, Cybersecurity

Cybersecurity: You and I Are the Weakest LinksCybersecurity: You and I Are the Weakest Links March 3, 2016. Servio F. Medina . Acting, Policy Branch Chief of Operations, Cybersecurity

Documents
Protect your WEAKEST SECURITY LINK - info.microsoft.cominfo.microsoft.com/rs/157-GQE-382/images/CO-EN... · Protect your weakest security link—end users 1 —Bruce SchneierCT, O

Protect your WEAKEST SECURITY LINK - info.microsoft.cominfo.microsoft.com/rs/157-GQE-382/images/CO-EN... · Protect your weakest security link—end users 1 —Bruce SchneierCT, O

Documents
Joints Articulating your body. Joints (Articulations) Weakest parts of the skeleton Weakest parts of the skeleton Articulation – site where two or more

Joints Articulating your body. Joints (Articulations) Weakest parts of the skeleton Weakest parts of the skeleton Articulation – site where two or more

Documents
Broadening Your Cybersecurity Mindset

Broadening Your Cybersecurity Mindset

Technology
Security Awareness Training: Addressing Your Weakest Link · 2020-02-22 · Security Awareness Training: Addressing Your Weakest Link ... Session Objectives • Define Information

Security Awareness Training: Addressing Your Weakest Link · 2020-02-22 · Security Awareness Training: Addressing Your Weakest Link ... Session Objectives • Define Information

Documents