only you can prevent a security breach
TRANSCRIPT
Only You Can Prevent a
Security Breach
#12NTCitsec
Kate Bladow
Peter Campbell
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad!
or online using #12NTCitsec at www.nten.org/ntc/eval
Slide 3 Only You Can Prevent a Security Breach
Horror Stories?
Slide 4 Only You Can Prevent a Security Breach
Nonprofts Aren’t
Immune
A security breach can
• Harm your organization’s reputation
• Make it harder to attract donors
• Cause problems for advocates or
customers
• Support human trafficking, identity theft,
child pornography and other problems you
are working against
Only You Can Prevent a Security Breach Slide 5
Security Matters
• Spam
• Fraud
• Obscene or offensive content
• Harassment
• Child pornography
• Drug trafficking
• Cyber terrorism
• Cyber warfare
Only You Can Prevent a Security Breach Slide 6
Cyber Crime
• Script kiddies
• Hacktivists
• Individual miscreants
• National & transnational organized criminal
enterprises
• Nation states
Only You Can Prevent a Security Breach Slide 7
Who Is Behind It?
• Train your staff and volunteers
• Password practices
• Laptops, USB keys, Smartphones and Mobile
• Viruses and malware
• Social Networks
• Malicious actors
• Establish policies and follow them
Only You Can Prevent a Security Breach Slide 8
A Practical Approach
Password
practices
Laptops, USB
keys, and
smartphones
Viruses and
malware
Social
Networks
Malicious actors
Only You Can Prevent a Security Breach Slide 14
Policies
Only You Can Prevent a Security Breach Slide 15
What Keeps You Up?
What Do You Do About It?
What Do You Do When an
Incident Happens?
Only You Can Prevent a Security Breach Slide 16
Technical Resources
• NSA Security Configuration Guides http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/index.shtml
• US CERT http://www.us-cert.gov/nav/t01/
• SANS Institute http://www.sans.org/
• Team Cymru http://www.team-cymru.org/
• Is It Safe? http://tig.lsc.gov/sites/default/files/TIG/Is_it_Safe.pdf
Only You Can Prevent a Security Breach Slide 17
Management
Resources • Cybercrime Reporting
http://www.cybercrime.gov/reporting.htm
• Stay Safe Online http://www.staysafeonline.org/
• US CERT http://www.us-cert.gov/nav/nt01/
• OnGuard Online http://www.onguardonline.gov/topics/computer-security.aspx
• Ouch! Free, Monthly Security Awareness
Newsletter http://www.securingthehuman.org/resources/newsletters/ouch
Peter Campbell
EarthJustice [email protected]
Kate Bladow
Powered Pursuits [email protected]
Only You Can Prevent a Security Breach Slide 18
Contact Information
In order • http://www.flickr.com/photos/esm723/4377802647/
• http://www.flickr.com/photos/stukjefotogebeuren/2081170312/
• http://www.flickr.com/photos/booleansplit/4650422195/
• http://www.flickr.com/photos/stevendepolo/4027405671/
• http://imgs.xkcd.com/comics/online_communities_2.png
• http://www.flickr.com/photos/dunechaser/385847284/sizes/l/
• http://www.flickr.com/photos/smithsonian/2422570279/in/photostream/
Only You Can Prevent a Security Breach Slide 19
Picture Attributions
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad!
or Online using #12NTCitsec at www.nten.org/ntc/eval