SlideShare una empresa de Scribd logo

How to Secure Your Organisation Data

Phannarith Ou, G-CISO
Phannarith Ou, G-CISO
Educación
1 de 31
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 1"
!  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
3"
ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
•  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
. - : @ . ! 11"
Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
13"
Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
•  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
•  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
18"
•  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
How"to"secure"your"password" . - : @ . ! 22"
23"
. - : @ . ! 24"
. - : @ . ! 25"
. - : @ . ! 26"
. - : @ . ! 27"
28"
User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 31"

Recomendados

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hackinghackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots
HoneypotsHoneypots
HoneypotsBilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 

Recomendados

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hackinghackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots
HoneypotsHoneypots
HoneypotsBilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Ulrich Janßen
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crimearitraranjan
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assuranceVaughan Olufemi ACIB, AICEN, ANIM
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hackedPhannarith Ou, G-CISO
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRajendra Dangwal
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeTushar Malhotra
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPTAnshuman Tripathi
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureCodemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesYair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A NetworkPhil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal levelArnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumBob Rudis
 

Más contenido relacionado

Destacado

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Ulrich Janßen
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 

Destacado (10)

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 

Similar a How to Secure Your Organisation Data

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureCodemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesYair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A NetworkPhil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal levelArnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumBob Rudis
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tpinkflawd
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoTMONICA-Project
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013JimWhite
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...JoAnna Cheshire
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themVlad Styran
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elementsahmed_vr
 

Similar a How to Secure Your Organisation Data (20)

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the Trenches
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A Network
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal level
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity Symposium
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoT
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elements
 

Más de Phannarith Ou, G-CISO

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computerPhannarith Ou, G-CISO
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your informationPhannarith Ou, G-CISO
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Phannarith Ou, G-CISO
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006Phannarith Ou, G-CISO
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterprisePhannarith Ou, G-CISO
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU StudentPhannarith Ou, G-CISO
 

Más de Phannarith Ou, G-CISO (20)

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Reconnaisance
Reconnaisance Reconnaisance
Reconnaisance
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your information
 
Case - How to protect your website
Case - How to protect your websiteCase - How to protect your website
Case - How to protect your website
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)
 
Internet Security Policy - Khmer
Internet Security Policy - Khmer Internet Security Policy - Khmer
Internet Security Policy - Khmer
 
How to Protect Computer From Virus
How to Protect Computer From VirusHow to Protect Computer From Virus
How to Protect Computer From Virus
 
How to Secure Your WiFi
How to Secure Your WiFiHow to Secure Your WiFi
How to Secure Your WiFi
 
Facebook Security in 3 Ways
Facebook Security in 3 Ways Facebook Security in 3 Ways
Facebook Security in 3 Ways
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding Keylogger
 
Exchange Server 2003
Exchange Server 2003Exchange Server 2003
Exchange Server 2003
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 Enterprise
 
Secure System Development Proposal
Secure System Development ProposalSecure System Development Proposal
Secure System Development Proposal
 
ូUnderstanding DNS Spoofing
ូUnderstanding DNS SpoofingូUnderstanding DNS Spoofing
ូUnderstanding DNS Spoofing
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU Student
 
Heartbleed vulnerability
Heartbleed vulnerabilityHeartbleed vulnerability
Heartbleed vulnerability
 
P12 r202t8 05-spam
P12 r202t8 05-spamP12 r202t8 05-spam
P12 r202t8 05-spam
 
P12 r202t8 04-d-dos
P12 r202t8 04-d-dosP12 r202t8 04-d-dos
P12 r202t8 04-d-dos
 

Último

ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptshraddhaparab530
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 

Último (20)

ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 

How to Secure Your Organisation Data

  • 2. !  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
  • 3. 3"
  • 4. ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
  • 5. Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
  • 6. Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
  • 7. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
  • 8. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
  • 9. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
  • 10. •  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
  • 11. . - : @ . ! 11"
  • 12. Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
  • 13. 13"
  • 14. Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
  • 15. •  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
  • 16. •  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
  • 17. Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
  • 18. 18"
  • 19. •  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
  • 20. Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
  • 21. Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
  • 23. 23"
  • 24. . - : @ . ! 24"
  • 25. . - : @ . ! 25"
  • 26. . - : @ . ! 26"
  • 27. . - : @ . ! 27"
  • 28. 28"
  • 29. User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
  • 30. You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"