cybersecurity - securing your company and client information
TRANSCRIPT
CybersecuritySecuring Your Company and Client Information
Why Do we Need Cybersecurity?
Identifying the Need forSecurity
Recognize Social Engineering
Why Do We Need Cybersecurity?
“Any act that influences a person to take an action that may or may not be in their best interest.”
What is Social Engineering?
Types of Social EngineeringAttacks
Phishing Whaling
Spear PhishingVishing
ImpersonationTailgating
Cybersecurity Agenda
Cyber Security Overview
Cybersecurity Agenda
Best PracticesEstablish a Cybersecurity Strategy
Before an Intrusion Occurs
Responding to a Computer Intrusion (Executing Your Incident Response Plan)
What Not to Do
After a Computer Incident
Establish a Cybersecurity Strategy
How is your data being handled?• Data is most at risk when on the move
Identify the types of data you have in your business• Personally Identifiable Information (PII)• Employee Information• Business Information
Who has access to data and why?• Data inventory• Assign data access rights
Develop a Privacy Policy
Before an Intrusion OccursHave an Action Plan
• Who has lead responsibility?• Critical contact information• Critical data / network / services• EDUCATE / TEST / DOCUMENT
Have appropriate technology in place• Internal network• Cloud-based services
Responding to a Computer Intrusion
Make an Initial Assessment• Affected computer systems• Apparent origin• Malware or any remote servers involved• Identify other victim organization
Minimize Continuing DamageCollect and Record InformationNotify
• People within the organization• Other potential victims• Law enforcement
What Not To DoDo Not Use the Compromised SystemDo Not Hack Into or Damage Another System
After a Computer IncidentContinue to MonitorConduct Post-Incident Review
Security Program Maturity
Let Omni run a security risk
assessment for your company.
Call us today for a consultation: 800.300.5543
Visit us online: omniperforms.com