SlideShare una empresa de Scribd logo

Making Information Security Fun

Descargar como PPTX, PDF
Ben Woelk, CISSP, CPTC
Ben Woelk, CISSP, CPTC

High level description of marketing plan and implementation of key messaging around security awareness at the Rochester Institute of Technology.

TecnologíaEducación
1 de 16
Making Information Security Fun Ben Woelk Policy and Awareness Analyst Information Security Office Rochester Institute of Technology 585.475.4122 Ben.woelk@rit.edu
Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
Avert Labs Malware Research 3 Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
Solution •We needed a plan – Systematic repeatable – Goals – Proactive
Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
Branding Consistency
Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
Social Media • Meet students where they are • Post directly from Facebook to Twitter
Private Information Management
Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
Orientation
Faculty • Participate in faculty events • Hit hot topics
Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16

Recomendados

Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Ei Lab4
Ei Lab4Ei Lab4
Ei Lab4rolandv
 
IT Security Human Resources
IT Security Human ResourcesIT Security Human Resources
IT Security Human Resourcesbudi rahardjo
 
Welcome To Computers
Welcome To ComputersWelcome To Computers
Welcome To Computersconnerk
 
Network security ppt
Network security pptNetwork security ppt
Network security pptKristi DeRoche
 
Embedding learning technology into practice
Embedding learning technology into practiceEmbedding learning technology into practice
Embedding learning technology into practiceRebecca Ferriday
 
ekongresume
ekongresumeekongresume
ekongresumeEkong Etuk
 

Recomendados

Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Hamline 7761
Hamline 7761Hamline 7761
Hamline 7761guestd388be
 
Ei Lab4
Ei Lab4Ei Lab4
Ei Lab4rolandv
 
IT Security Human Resources
IT Security Human ResourcesIT Security Human Resources
IT Security Human Resourcesbudi rahardjo
 
Welcome To Computers
Welcome To ComputersWelcome To Computers
Welcome To Computersconnerk
 
Network security ppt
Network security pptNetwork security ppt
Network security pptKristi DeRoche
 
Embedding learning technology into practice
Embedding learning technology into practiceEmbedding learning technology into practice
Embedding learning technology into practiceRebecca Ferriday
 
ekongresume
ekongresumeekongresume
ekongresumeEkong Etuk
 
Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network pptKristi DeRoche
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? IWMW
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009Scott Le Duc
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - PosterAndrew Kerr
 
Tech&writing at
Tech&writing atTech&writing at
Tech&writing atScott Kimball
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer TechniquesFrederick Lane
 
The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information SecuritySecurity BSides London
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshootingricharddxd
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterAtlantic Training, LLC.
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaAtlantic Training, LLC.
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsDuarte, Inc.
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpointIan Trimble
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsSketchBubble
 
Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Ben Woelk, CISSP, CPTC
 

Más contenido relacionado

La actualidad más candente

Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network pptKristi DeRoche
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? IWMW
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009Scott Le Duc
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - PosterAndrew Kerr
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer TechniquesFrederick Lane
 

La actualidad más candente (6)

Inappropriate use of the network ppt
Inappropriate use of the network pptInappropriate use of the network ppt
Inappropriate use of the network ppt
 
from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities? from individuals to networks and sustainable communities?
from individuals to networks and sustainable communities?
 
Secondary Tech Standards 2009
Secondary Tech Standards 2009Secondary Tech Standards 2009
Secondary Tech Standards 2009
 
Honours Project - Poster
Honours Project - PosterHonours Project - Poster
Honours Project - Poster
 
Tech&writing at
Tech&writing atTech&writing at
Tech&writing at
 
Forensic Computer Techniques
Forensic Computer TechniquesForensic Computer Techniques
Forensic Computer Techniques
 

Destacado

The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information SecuritySecurity BSides London
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshootingricharddxd
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsConnectSafely
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterAtlantic Training, LLC.
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeAtlantic Training, LLC.
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaAtlantic Training, LLC.
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsDuarte, Inc.
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpointIan Trimble
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsSketchBubble
 

Destacado (15)

The Funny Thing About Information Security
The Funny Thing About Information SecurityThe Funny Thing About Information Security
The Funny Thing About Information Security
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurity
 
Step6 troubleshooting
Step6 troubleshootingStep6 troubleshooting
Step6 troubleshooting
 
How to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique PasswordsHow to Create (use use) Strong & Unique Passwords
How to Create (use use) Strong & Unique Passwords
 
Security Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana ChapterSecurity Awareness Training by HIMSS Louisiana Chapter
Security Awareness Training by HIMSS Louisiana Chapter
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Security Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by PedrazaSecurity Training and Threat Awareness by Pedraza
Security Training and Threat Awareness by Pedraza
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
The Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in PresentationsThe Non-Comedian's Guide to Making Jokes in Presentations
The Non-Comedian's Guide to Making Jokes in Presentations
 
Death by powerpoint
Death by powerpointDeath by powerpoint
Death by powerpoint
 
An Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery TipsAn Exhaustive List of Presentation Delivery Tips
An Exhaustive List of Presentation Delivery Tips
 

Similar a Making Information Security Fun

Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
Use of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsUse of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsTony Ratcliffe
 
The Ethics of Digital Scholarship
The Ethics of Digital ScholarshipThe Ethics of Digital Scholarship
The Ethics of Digital ScholarshipMartin Weller
 
Ethical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerEthical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerThe Higher Education Academy
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...Damir Delija
 
Know you Digital Literacies
Know you Digital LiteraciesKnow you Digital Literacies
Know you Digital LiteraciesNeil Witt
 
QR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolQR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolJordan Hudson
 
Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Grainne Conole
 
Keeping learners safe online presentation
Keeping learners safe online presentationKeeping learners safe online presentation
Keeping learners safe online presentationJisc
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastJisc
 
Expertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesExpertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesEFSA EU
 
Social media March 2013
Social media March 2013Social media March 2013
Social media March 2013Timothy Holden
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?Phil Agcaoili
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Donald E. Hester
 

Similar a Making Information Security Fun (20)

Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013Security Awareness at RIT 2012-2013
Security Awareness at RIT 2012-2013
 
Jisc e-safety
Jisc e-safety Jisc e-safety
Jisc e-safety
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
Digital Self Defense
Digital Self DefenseDigital Self Defense
Digital Self Defense
 
Use of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionalsUse of PLEs by security and investigation professionals
Use of PLEs by security and investigation professionals
 
The Ethics of Digital Scholarship
The Ethics of Digital ScholarshipThe Ethics of Digital Scholarship
The Ethics of Digital Scholarship
 
Ethical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin WellerEthical dimensions of digital scholarship - Martin Weller
Ethical dimensions of digital scholarship - Martin Weller
 
Digital Self Defense at RIT
Digital Self Defense at RITDigital Self Defense at RIT
Digital Self Defense at RIT
 
6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...6528 opensource intelligence as the new introduction in the graduate cybersec...
6528 opensource intelligence as the new introduction in the graduate cybersec...
 
Know you Digital Literacies
Know you Digital LiteraciesKnow you Digital Literacies
Know you Digital Literacies
 
QR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting ToolQR Codes as a Survey Recruiting Tool
QR Codes as a Survey Recruiting Tool
 
Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015Conole plenary LINQ Conference Brussels 12 May 2015
Conole plenary LINQ Conference Brussels 12 May 2015
 
Keeping learners safe online presentation
Keeping learners safe online presentationKeeping learners safe online presentation
Keeping learners safe online presentation
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher Education
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - Mimecast
 
Expertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologiesExpertise for the future: harnessing the power of digital technologies
Expertise for the future: harnessing the power of digital technologies
 
Social media March 2013
Social media March 2013Social media March 2013
Social media March 2013
 
2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?2014 - KSU - So You Want to Be in Cyber Security?
2014 - KSU - So You Want to Be in Cyber Security?
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009
 

Más de Ben Woelk, CISSP, CPTC

Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceBen Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxBen Woelk, CISSP, CPTC
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesBen Woelk, CISSP, CPTC
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesBen Woelk, CISSP, CPTC
 
We're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessBen Woelk, CISSP, CPTC
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessBen Woelk, CISSP, CPTC
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBen Woelk, CISSP, CPTC
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipBen Woelk, CISSP, CPTC
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18Ben Woelk, CISSP, CPTC
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityBen Woelk, CISSP, CPTC
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfBen Woelk, CISSP, CPTC
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarBen Woelk, CISSP, CPTC
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsBen Woelk, CISSP, CPTC
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsBen Woelk, CISSP, CPTC
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Ben Woelk, CISSP, CPTC
 

Más de Ben Woelk, CISSP, CPTC (20)

Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
 
We're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security AwarenessWe're All Winners--Gamification and Security Awareness
We're All Winners--Gamification and Security Awareness
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
 
Digital self defense 101 me rit
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminar
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR Professionals
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
 
A Techcomm Bestiary Summit14
A Techcomm Bestiary Summit14A Techcomm Bestiary Summit14
A Techcomm Bestiary Summit14
 
A Techcomm Bestiary Spectrum14
A Techcomm Bestiary Spectrum14A Techcomm Bestiary Spectrum14
A Techcomm Bestiary Spectrum14
 

Último

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Último (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Making Information Security Fun

  • 1. Making Information Security Fun Ben Woelk Policy and Awareness Analyst Information Security Office Rochester Institute of Technology 585.475.4122 Ben.woelk@rit.edu
  • 2. Introduction—the Problem • Everyone is a target • Identity theft is big business • You can’t rely on others to protect you 2
  • 3. Avert Labs Malware Research 3 Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
  • 4. Phishing on Social Network Sites 4 http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
  • 5. Solution •We needed a plan – Systematic repeatable – Goals – Proactive
  • 6. Components of a Plan •Audience analysis •Key messages •Channels •Calendar •Relationships
  • 7. What are Our Key Messages? •Data handling •Mandatory compliance •Phishing, Social engineering •Protecting IP/Research
  • 8. RIT Profile Rochester Institute of Technology, founded 1829 • ~18,000 students, mainly residential • 10% international • 1300+ deaf or hard of hearing (NTID) • ~3000 faculty and staff Respected leader in professional and career-oriented education Eight colleges, 80 majors, 3600 co-op students yearly
  • 10. Web Presence • Use official university communications channels • Target messages to faculty, staff, and/or students
  • 11. Social Media • Meet students where they are • Post directly from Facebook to Twitter
  • 13. Phishing Awareness • Temporarily reduced response rate from ~25 per attempt to ~4 per attempt
  • 15. Faculty • Participate in faculty events • Hit hot topics
  • 16. Practice Digital Self Defense @RIT_Infosec www.facebook.com/RITInfosec Security.rit.edu 16

Notas del editor

  1. Per the MarkMonitor Brandjacking Index for Spring 2009:Phish attacks targeting social networks have grown 241 percent from Q1 2008 to Q1 2009 and have grown 1,500-fold since we first started tracking the category in 2007.
  2. University of North Carolina exposed ssn for about 114,000-180,000 women that was part of a multi-year medical research study. The server with this data stored on it was not located behind a firewall, a minimal security precaution. Fingers were pointed back and forth between the researcher and the IT dept. managing the servers.