Robert Zellers/Director of IT Security

IDG/CSO50 ParticipantsSpecial Thank You

For your assistance !!

VisionariesCIO-Roderick Houpe &

DCIO-C. Curtis Timmons

Special Thank You for the guidance in the creation of the Security Department

Department of Information Technology

Security Division Members

Carlos Artagos VI Russell MonkJohn Erne Stacy Clark-Warren

Special Thank you to Micheale Eccleston

Payroll Department & Jerry Krane (Intellinet)

Demographics

• 7500 Employees• 39,000 Students• 104 Buildings• 84.1 Square Miles• $1.5 Billion- Budget 2016-17

Our Story

• December 2016- Launched Online Payroll System• January 2017- Data Breach (74 Employees-$100K)• February 2017- Creation of the Security Division• May 2017- Attended CSO50 Conference

End users are the weakest link.

Over 95% of all security incidents investigated recognized human error as a contributing error.2

Why do we still care about security training?

75%of large organizations and 31% of smaller organizations fell victim to a staff-related

security breach in the last year.1

of organizations’ worst breaches were the result of inadvertent human error.150%

Act

Now

Intruders are becoming more sophisticated and are using highly targeted social engineering attacks that

are difficult to defend against. If you don’t have a current security awareness and training program, it is

time to join the 72% of large organizations and 68% of small organizations that conduct security training

on an ongoing basis.1

Many employees have access to system networks that

in turn can access confidential and sensitive

information. It is important to educate these users on

the best practices needed for them to protect both

themselves and the organization from any potential

threats or attacks.

55% of companies indicated that they believe

privileged users were the biggest internal threat to

corporate data.3

30% of data breaches globally are caused by

negligent end users.4

Sources: 1 – PwC 2015 Information Security Breaches Report, 2 – IBM Security Services 2014 Cyber Security Intelligence Index,

3 – 2015 Vormetric Insider Threat Report, 4 – Ponemon Institute, 2014 Cost of a Data Breach Study

Security Awareness Strategy

• CMSD Security Awareness Website

• Security Awareness Intervention

• Security Awareness Branding

• Security Hotline

• Security Email account

Security Awareness Results

• Reduction of lost funds

• Reduction of Phishing incidents

• Improved Security Awareness knowledge

• Continued training needed