Welcome everyone. This short presentation will introduce you to some of the basics of cybersecurity. Our objectives today are to define cybersecurity, discuss what exactly we're protecting and the various cyber threats we face today. So what is cybersecurity? As you can see from the slide? There's no completely authoritative definition for cybersecurity, just plenty of opinions. However, one can say for certain that it has far reaching coverage. Everything from the protection of technology to the people that use that technology and everything in between. Most everything we do today is connected in one way or another. Their power grid, transportation systems, even the machines that control the water we drink are all vulnerable to threats across the internet. Connecting everything in this way has provided plenty of business growth and opportunity. But it's also opened up risks for every platform, every device, everything else that we have interconnected. We must be able to protect all of it from cyber attacks, which can come from many sources. So just a moment ago I mentioned a few terms, risk, threat and vulnerability. But what do they really mean? Well, let me give you an analogy, let's say we're responsible for the protection of the Empire State building. Our job is to keep everyone out that doesn't belong and protect the people that do. As someone responsible for the security of the building. We need to make sure that there are no break ins from people That would try to cause harm to the building or two occupants. That is the threat, people getting in and causing mayhem. So we lock all the windows and doors to the entire facility. And we placed guards at the entrances to the building. But then we find out we have someone on the 60th floor who happens to be claustrophobic. And needs to have an open window. We weigh the safety and security of the building against the possibility that someone could get up to the 60th floor break in. And we decided that the chance of them climbing up the side of the building and getting into the open window is minimal at best. We have just introduced a risk into our building. That's a risk. The chance that someone could enter our building without authorization. It's a calculated and well reasoned decision but it's a risk nonetheless. Now, what about vulnerability? Well, this building was built long before some of the security safeguards of modern times were implemented. Therefore we have doors at the back of the building that should only be used in emergencies because they were built a long time ago. They can be unlocked from the outside. The same key that everyone else uses to get into the building. We still have a risk that someone can gain unauthorized access, because we have chosen to leave old locks on the outside doors. But we also have a vulnerability and that the key to be used as a common key. So what exactly were protecting when we talk about cybersecurity and of a business? Well, there are many things we have to protect. First and foremost, let's talk about intellectual property. Most times we think of assets that's tangible items such as merchandise, trade marks and company assets. But did you stop to think of the customers who trust the company to keep their private information private? Their information in most cases is more valuable to someone than the most precious and expensive items the company owns. That personal information needs to be protected. Much of it can be used for identity theft or worse yet targeting those individuals. We call this personally identifiable information or PII. As you can see from the list, there are several pieces of information here that can be used to open accounts, steal information, money or create documents such as passports. But what about medical records? Medical facilities have compliancy requirements in addition to the personal information that must be protected by law. With this information out in the public, it could cause many issues, not the least of which could be used to deny coverage or create other identity information. So what can we do as security professionals to keep this information safe? Well, there's plenty we can do first. Let's make sure all the infrastructure we have on our systems is properly configured up to date and managed appropriately. This includes not only computers, but tablets, smartphones and any other technology that can be used to access our data. It's not just enough that we keep everything up to date. We need to continually monitor the situation to be constantly vigilant of new vulnerabilities and anything else that can be used to compromise our systems. You see, the job of the security professional is never ending and it never lets up. You have to constantly tend to trust advances and keep testing the limits of your system. New information and new vulnerabilities are always popping up. Meaning that if you want to do this job properly, you have to be reading and researching all the time. [COUGH] Perform vulnerability assessments routinely, train your employees constantly. Keep on applying security patches and recommended security settings. Make sure you have the ability to recover data in the case of the situation like a ransomware attack and above all, protect your data. So how do we do this? Well, one thing that we can do is only get our software from a legitimate source. Free is nice, but not when it comes to protecting your systems as a business. Downloading something from a non reputable site can cost your company thousands or tens of thousands of dollars in losses. Use several defenses, not just antivirus and firewalls, but anti malware, anti spyware, intrusion detection systems, intrusion prevention systems and even anti hardware. You should have a layered approach to managing your systems. Set permissions to the least possible access needed by people to do their jobs. This is not punitive, it's not punishment. It's a way of keeping your system secure and training. Training, training, I cannot overstate the requirement for training as well as policy documentation. These two areas will go a very long way in helping you protect your systems. Your weakest link is the least trained employee. Train them on recognizing social engineering. Train them on recognizing phishing attempts and spam and suspicious you or else talk to them about the dangers of clicking on an unsafe link. Defense and depth. This is a layer approach I've been talking about. It starts with the user's, works its way through the your physical perimeter including fences, bollards, security guards and cameras. It also involves your internet service provider and the boundary defense of your network through all of your infrastructure down to the individual work stations through the application and to the data itself. It all needs to be protected. And layer defense is what's going to get you there. So who should we be on the look out for? Well, the threats are everywhere from nation state hacking to the script kiddies just playing the part of a hacker. Then we have insider threats, those employees who might have a grudge, google learned this the hard way a few months back when they didn't follow proper off boarding procedures. Now what is off boarding? So we have on boarding and off boarding. Onboarding is when somebody checks into a business, they start working there and they get their credentials and they get their email accounts and all the other things that they take. Off boarding is when somebody is leaving the company or they're fired from the company. You take away all their access is and you lock their accounts out. Well, they didn't follow the proper off boarding procedures and an ex cloud administrator deleted terabytes, terabytes worth of customer data. The list goes on and on of the different things that can happen. We have people break into computer systems. We have programs out there that mean to cause harm to our systems. Doesn't matter why the people do this. They just do for many reasons. They might be doing it for fun. They might be just practicing. They might have some political gain or profit that they want to exploit. We also have to worry about the lack of policies to help our employees understand what they can and what they cannot do with your information systems. And then there's phishing. There are several different types from just random email being sent to random folks, targeting executives or other employees through spear, phishing and whaling. It could be done by computer. It can be done by chat program. It could be done by E-Mail, SMS messages or even using the phone. The predator out there, your job is to keep all the systems safe and make sure you and all of your employees stay vigilant at all times. Let's not forget that there are endless ways people can penetrate our network from probing, spoofing other people that we think that's the right person. Maybe for instance, they get your PII and they can start cracking passwords. And then there's wireless,. As you can see, there are many different ways you can be attacked through something as simple as an electromagnetic radio waves. So how does all this fit into our cybersecurity world? We all need communications for nearly everything we do. Without this type of connectivity, our world would come to a standstill, literally. We want faster, better technology and more convenience. But all of this comes at a price and that price can be expensive if you don't have the proper safeguards in place. Bottom line, there are a lot of threats out there. Doing this job can be sometimes thankless, but it's very, very important. It can be tough and you may not see the rewards outright. In fact, if you're doing your job properly, no one will even notice at all. It'll seem seamless. But you'll know. This needs to be a team effort across the board. In fact, you might actually consider outsourcing some of your security. To companies that have the resources and expertise to help protect your systems such as Amazon, such as Microsoft as you are, such as google. You're not alone. We all need to help each other and we all need to work through this stuff.
