cybersecurity: are your employees your weakest link?
TRANSCRIPT
![Page 1: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/1.jpg)
fecinc.com
Cybersecurity: Are Your Employees the Weakest Link?
![Page 2: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/2.jpg)
fecinc.com
External attacks Viruses and worms Phishing and
Pretexting Data Leakage
Understanding the Risk Landscape
![Page 3: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/3.jpg)
fecinc.com
A shift in thinkingExternal threats are most familiar
Inside threats getting more attention
![Page 4: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/4.jpg)
fecinc.com
Internal risk events– Weak credentials– Credential sharing– Unauthorized application use– Device loss/theft– Disgruntled workers on social
media Targeted information
– Private customer data– Financials– Intellectual Property
Consequences– Legal liability– Stock manipulation– Lost revenue
Looking Inside for Risks
![Page 5: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/5.jpg)
fecinc.com
• Publish and educate• Require Strong
Passwords• Complex and strong
are different– Longer is better
than random complexity
– Easy to remember is better
• Cycle Passwords
A Working Password Policy
![Page 6: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/6.jpg)
fecinc.com
• Commonly a focus• Hobbles usability• Users circumvent
• Focus on strength instead.– Long– Memorable
The Complexity Problem
![Page 7: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/7.jpg)
fecinc.com
Policies, Inventories, Logs and Reports– Documentation is key– Tracking and Reporting
Software-based enforcement
Internal Audits– Systemic– Manual
External Audits– Consultants– Certifications
Measuring Effectiveness
![Page 8: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/8.jpg)
fecinc.com
• Have one• Keep it current• Consider usability• Educate
– Frame the Discussion
– Set an expectation
Effective Security Policies
![Page 9: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/9.jpg)
fecinc.com
Bank Tellers and Retail Cashiers
![Page 10: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/10.jpg)
fecinc.com
Preventing Data Leakage:Keeping the Good “In”
Methods of Data Leakage– Lost Equipment– Stolen Equipment– Equipment gifted or sold to former
employees– USB drives– Unauthorized software access via
stolen or shared credentials– Social Media Posts– Unauthorized Cloud sharing
Stopping Leaks– Firewall Rules– Data encryption and MDM– Equipment release process– Have a USB drive policy or– Lock USB ports out– Pay attention to good work process– Social Media Use Policy or– Block social media posting
![Page 11: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/11.jpg)
fecinc.com
Overall security– https://www.sans.org/critical-security-controls/control/14
Data Leakage Prevention Papers– http://
www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-503131.html
– http://resources.infosecinstitute.com/data-loss-prevention-dlp-strategy-guide/
Password Strength Article– http://
www.infoworld.com/article/2616157/security/creating-strong-passwords-is-easier-than-you-think.html?page=2
Additional Information
![Page 12: Cybersecurity: Are Your Employees Your Weakest Link?](https://reader034.vdocuments.mx/reader034/viewer/2022042706/58a7d3921a28ab8a7e8b4e2b/html5/thumbnails/12.jpg)
fecinc.com
Mike OckengaManager IP Services
Finley Engineering [email protected]
952-582-2912
Discussion