[go: up one dir, main page]
Scribd
Upload
5 views75 pages

Security Awareness

The document emphasizes that cybersecurity is a shared responsibility, highlighting that users often represent the weakest link in security systems. It outlines the importance of awareness regarding threats like malware and social engineering, as well as the necessity of strong passwords and physical security measures. Key strategies include recognizing signs of malware, creating complex passwords, and maintaining vigilance against suspicious activities.

Uploaded by

tajindersin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
5 views75 pages

Security Awareness

The document emphasizes that cybersecurity is a shared responsibility, highlighting that users often represent the weakest link in security systems. It outlines the importance of awareness regarding threats like malware and social engineering, as well as the necessity of strong passwords and physical security measures. Key strategies include recognizing signs of malware, creating complex passwords, and maintaining vigilance against suspicious activities.

Uploaded by

tajindersin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 75

Cybersecurity Primer

Information Security Awareness


Information Security Awareness
Security is everyone’s
Responsibility

The Security of a system is as good


as its weakest Link.
If even one person does not pay
attention to security, the security of
the whole system is compromised.
Software vulnerabilities, though very
common are not the biggest threat to
security, Rather the real threat are your users
and your hardware.

People often Represent the weakest link in


the Security Chain and are responsible for
the failure of Security System.
Why do I need to learn about Security?

Good Security standards follow the “90/10”

Rule :
• 10% of the security safeguard are technical

• 90% of security safeguards rely on the


computer user (YOU) .
What is the definition of threat
and attack?
A Threat by definition is a
condition/circumstance which can cause
damage to the system/asset.

An Attack by definition is an intended action


to cause damage to system/asset.
Malicious Software

Malicious software also known as Malware is


a serious threat. These are the programs that
can infect other programs, damage hard
drives, erase critical information and forward
your data to external sites without your
knowledge.
Signs of Malware
Unusual items appear on the screen ( graphics,
odd messages or system error messages).
Corrupt or inaccessible program files or hard
disk.
Program taking longer to startup, running more
slowly than usual, or not running at all.
Increased number of pop-up advertisements.
Changed settings that can’t be changed back the
way they were.
Web browser contains additional components that
you don’t remember downloading.
Should you suspect that your
computer is infected, take
immediate action :
• Close all of your files and program
• Documents what symptoms were observed
• Shut Down your system
• Contact the help desk
Social Engineer
Email Phishing
Example: A social engineer sends an email that
appears to come from a fellow employee asking the
recipient to download an attachment or click on
link.
Pretext Phone Calls
Example: A social engineer calls and pretends to be
a fellow employee or a trusted outside authority
(such s law enforcement, vendor, or an auditor).
Physical Social Engineering
Example: piggy-backing/Tail-gaiting - Can you hold
the door for me? I don’t have my access card on me.
Use Strong Passwords
Use unique passwords for all of your
accounts
Lengthy At lest 8, more is better.
Complex Mix upper, lower, numbers, and
symbols
Do not use common or predictable passwords
Examples of bad passwords: your own
birthday, people's names, your phone number
Change passwords periodically (90 days)
Keep your passwords secret .Do not share
with others or write them down.
Strategies for Creating Strong Passwords
Avoiding common passwords
Word combinations rather than single word
Incorporating Acronyms or non-English
language words
Full sentence phrases
Substitute letters with numbers or symbols
Example: purp!3ClothingDiscOunt
Example: P4sswords@reg00d!
Physical Security
Question all Strangers. Alert security guards
and/or management to suspicious individuals.
Be sure authorized visitors/contractors have
properly checked in.
Make sure individuals use their own key
fobs/card keys when entering secure areas.
Piggy-backing or Tail-gating
Following employees into non-public areas
while pretending to be a vendor, employee, or
customer
Physical Security
Always lock your computer screen whenever
leaving your computer unattended.
 Secure sensitive paper documents when
leaving work areas unattended and at the end
of the day. Understand and comply with your
organization’s end-of-day closing procedures.
Use secure shred bins for disposing of
sensitive paper documents and electronic
media
Security Tips
Lock your computer before leaving your desk
unattended.
Don’t open suspicious or unsolicited
attachments.
Avoid responding to spam( especially links
that claim urgent or you will be removed from
the list.
Never provide credit card numbers,
passwords or person info in response to email
message (unless it is trusted).

You might also like