SlideShare une entreprise Scribd logo

Keeping your business safe online cosy club

Get up to Speed
Get up to Speed

Keeping your Business Safe Online Cosy Club

Technologie
1  sur  61
Keeping your business safe online Nina Goodwin @GUTS_SW @Cosmic_UK
Housekeeping
Welcome & Introductions
Agenda • Background to Connecting & Devon and Somerset; Get up to Speed; • Security and Privacy; • Are you a Cyber Threat? • 7 steps to Basic Cyber Security • Risk Management: make a plan; • Further advice & Support.
Connecting Devon and Somerset • A ground breaking partnership encompassing 6 LA areas to deliver improved and superfast broadband to rural areas; • Improved broadband (>2mbps) to every business and community across Devon and Somerset by 2016; • Faster broadband (>24mbps) to at least 90% of the area by 2016. Without this project 700,000 residents and 26,000 businesses, with a combined turnover of £9 billion, have no certainty of receiving improved or superfast broadband from a commercial rollout
Where & When?
CDS Broadband Voucher Scheme • CDS has committed to bringing broadband to everyone within the programme area. If you are not yet able to receive broadband speeds of over 2Mbps you may be able to get connected through the CDS voucher scheme. • The scheme will provide a subsidy of up to £500, in the form of a voucher code, to fund the installation of a new broadband connection. Each premise can choose their supplier with every solution guaranteeing a minimum of 10Mbps download speed. • The scheme will run for one year up until the March 2017 and is open to individual residents, small businesses and communities. https://www.connectingdevonandsomerset.co.uk/cds-broadband- voucher-form/
The Process • There are four stages in the process: Step 1 • Check eligibility and apply online; Step 2 • Verification & Approval; Step 3 • Choosing a supplier – If eligible you are granted a voucher code that can be used to subsidise the costs of installing a broadband technology chosen by you to suit your property from our list of available providers. Step 4 • Agree an installation. Get online faster with your increased broadband speed.
What is Get up to speed? • Fully funded business and community support alongside roll-out of Superfast Broadband • Helping to ensure we all make the most out of the superfast broadband Delivered by Cosmic Peninsula Consortium.
• Free sessions; • Showcase new technologies; • Hands-on Workshops; • Gadget shows; • Seminars; • Briefings; • Taster sessions; • Signposting to free advice and support. https://www.connectingdevonandsomerset.co.uk/get-up-to- speed/events/
Keeping your Business Safe Online Security & Privacy
Cyber Crime 2015
While its scale puts it among the largest on record, I am perhaps most troubled by news that this breach occurred in 2014, and yet the public is only learning details of it today US Senator Mark Warner “The company has demonstrated that it isn’t quick to implement best practices and available security technologies, such as the delay in encrypting IM communications, implementing https for its web properties and more. These types of breaches highlight why all companies, need to be cybersecurity leaders, not followers.” Kurt Baumgartner from Kaspersky Lab
“The majority of companies are still flying blind when it comes to data security, because 60 per cent still think that it doesn’t affect them,” Barnett said. Imperva CTO speculated that the hack was carried out using SQL injection, the same method an expert hacker claimed was used to breach Carphone Warehouse security in August. Discussions about TalkTalk’s unencrypted databases and at least 11 so-called cross-site scripting vulnerabilities took place on online forums used by hackers weeks before the actual attack on the company was announced.
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
"We're no longer in a situation where it's a case of 'if I am going to get breached'. It's more a case of how often you are going to get breached and how long those people are going to be in for." Cyber forensics pro Dr David Day.
Latest figures • 74% of small businesses, and 90% of major businesses, has had a cyber breach of security in the last year. https://www.gov.uk/government/news/uk-businesses-urged-to- protect-themselves-from-growing-cyber-threat • Cyber crime cost the UK £27 billion and costs small businesses on average between £35k and £65k
ll Now Cyber crime has been included in our crime statistics for the first time.
It’s not just about networks and computers
1) Script kiddies: A wannabe hacker. 2) Scammers: Your email inbox is probably full of their work. Discount pharmaceuticals, time-shares, personal ads from available women in Russia…sound familiar? 3) Hacker groups: Usually work anonymously and create tools for hacking. 4) Phishers: Gotten an email recently claiming your bank account is about to expire? Don’t fall for these jerks.
5) Political/religious/commercial groups: Tend to not be interested in financial gain. These guys develop malware for political ends. If you think this group is harmless, think Stuxnet. The Stuxnet worm which attacked Iran’s Atomic Program of Its Nuclear Facilities was believed to be created by a foreign government. 6) Insiders: They may only be 20% of the threat, but they produce 80% of the damage. These attackers are considered to be the highest risk. To make matters worse, as the name suggests, they often reside within an organization. 7) Advanced Persistent Threat (APT) Agents: This group is responsible for highly targeted attacks carried out by extremely organized state-sponsored groups. Their technical skills are deep and they have access to vast computing resources.
Chatham Town FC It’s not just the big boys
Get the Basics Right
7 Steps to Basic Cyber Security
1. Download Software Updates • Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe. • If you don’t update your website, someone can use a loophole in the old version of even simple things such as plugins in order to damage your website. Visit : www.cyberstreetwise.com/software
2. Use Complex Passwords One simple way of creating a password is: • Take the first letters of a phrase you always remember (i.e. Never cast a clout till may goes out’ Ncactmgo • Add some characters to the phrase, particularly at the beginning $&Ncactmgo • Now add some unique content to help identify the site i.e. Google GE, $&NcactmgoGE • Now add some numbers, i.e. 16 $&NcactmgoGE16 • Change your passwords regularly, at least twice a year.
Prioritise Passwords • Make sure you use a different password for your online banking and email/social accounts. • Symbols and numbers should be included
Store Passwords somewhere Safe • Store them off line or in a password manager (your password for your password manager needs to be really complex and not use anywhere else!) • Passpack • LastPass • 1password • Keepass • Trend Micro Password Manager
PassPack
3. Use anti-virus software & email filtering You do need to invest in good antivirus, free software isn’t good enough these days: • Web root • Trend Micro • Bitdefender • Eset • Kaspersky • Many cyber-attacks come through email with a link, install a good quality email filtering system.
• Delete suspicious emails as they may contain fraudulent requests for information or links to viruses. • Have a good spam filter in place Fusemail or Hushmail https://www.sonicwall.com/phishing/ 4. Delete suspicious emails
https://haveibeenpwned.com/
• If you are using Dropbox, Google Apps, Office 365 or any cloud based software, set up two factor authentication • • Usually this means you need your mobile phone with you to approve your sign up. It’s very simple, but it will alert you to any attempts to access your information. • Google authenticator • Authy • Entrust 5. Set up two factor authentication
Make sure everything that’s important to you is backed up. Good backup services include: • iDrive • CrashPlan • Carbonite • Backblaze • Mozy *http://uk.pcmag.com/backup-products-1/8648/guide/the-best- online-backup-services-for-2016 6. Back up
Things to Consider…………….. 1. Pricing plans All back up services are subscription based; Some online backup services' prices only cover one PC. How much will it cost you over the year? 2. Choosing What to Back Up Different services allow different types of files from differing sources. Some don't let you protect system and program files. Others don't let you back up files and folders on external or network drives; 3. Security; 4. When do you want the back up to happen? Fixed or Continuous? 5. Performance; 6. Restoring Folders and Files.
7. Train your staff • Make your staff aware of cyber security threats and how to deal with them. The Government offers free online training courses tailored for you and your staff which take around 60 minutes to complete. Visit • Website Admin.
www.nationalarchives.gov.uk/sme
https://ico.org.uk/for-organisations/business/
Have a plan • Be ready with a plan in place; • List possible incidents and rate their impact to your business; • For each incident list communication methods – internal and external; • Have email and telephone scripts ready for action; • How do you know when you are hacked? Analytics.
Where do I report online crime? • Action Fraud is the UK's national reporting centre for fraud and internet crime, which provides support to citizens and a reporting service for crime and crime related incidents through its web based and contact centre channels. Visit www.actionfraud.police.uk or call the contact centre on 0300 123 2040.
GDPR Privacy by design Right to be forgotten Data portability Explicit consent
UK Government’s repsonse to Cyber CrimeCyber Essentials
Where to get more information, help and advice • Cyber Streetwise simple advice to help you and your business stay safe online www.cyberstreetwise.com • Responsible for Information free training course www.nationalarchives.gov.uk/sme • Coelition provide tools and support for businesses, helping them to provide consumers with personal services that handle data responsibly www.coelition.org • Action Fraud Report internet and cyber crime online www.actionfraud.police.uk • UK Cyber Security Strategy and programme: www.gov.uk/government/policies/keeping-the-uk-safe-in-cyberspace • Get Safe Online www.getsafeonline.org/businesses Payment Card Industry Security Standards Council Practical advice on all aspects of cyber protection for small businesses • www.pcisecuritystandards.org • Ransomware Information www.nomoreransom.org
Summary • Background to Connecting & Devon and Somerset; Get up to Speed; • Security and Privacy; • Are you a Cyber Threat? • 7 steps to Basic Cyber Security • Risk Management: make a plan; • Further advice & Support.
Questions Please fill in your evaluation forms
Contact us www.get-up-to-speed.co.uk info@get-up-to-speed.co.uk

Recommandé

Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: Fortinet
Jisc
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
Cyber Hygiene
Cyber HygieneCyber Hygiene
Cyber Hygiene
GAURAV. H .TANDON
 
Cyber Security Conference 2017
Cyber Security Conference 2017Cyber Security Conference 2017
Cyber Security Conference 2017
Norfolk Chamber of Commerce
 
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open EnterpriseEnhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open Enterprise
Symantec
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...
Jisc
 
Attack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesAttack Toolkits and Malicious Websites
Attack Toolkits and Malicious Websites
Symantec
 

Recommandé

Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: Fortinet
Jisc
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
Cyber Hygiene
Cyber HygieneCyber Hygiene
Cyber Hygiene
GAURAV. H .TANDON
 
Cyber Security Conference 2017
Cyber Security Conference 2017Cyber Security Conference 2017
Cyber Security Conference 2017
Norfolk Chamber of Commerce
 
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open EnterpriseEnhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open Enterprise
Symantec
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...
Jisc
 
Attack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesAttack Toolkits and Malicious Websites
Attack Toolkits and Malicious Websites
Symantec
 
Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital Hygiene
Lars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Chris Hails
 
How to Take the Ransom Out of Ransomware
How to Take the Ransom Out of RansomwareHow to Take the Ransom Out of Ransomware
How to Take the Ransom Out of Ransomware
marketingunitrends
 
Privacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsPrivacy & Security for the Internet of Things
Privacy & Security for the Internet of Things
Gerry Elman
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
Lancope, Inc.
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
vngundi
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
marketingunitrends
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
xband
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
Martin Opsahl
 
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
IBM Sverige
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
Imperva
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
APNIC
 
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VARSafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
SafeDNS
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
Community IT Innovators
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
PreetiDevidas
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
TechSoup
 

Contenu connexe

Tendances

Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Chris Hails
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
Lancope, Inc.
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
Darren Argyle
 

Tendances (20)

Personal Digital Hygiene
Personal Digital HygienePersonal Digital Hygiene
Personal Digital Hygiene
 
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
Auckland (ISC)2 Chapter - Building the ‘Bob Semple Cyber Tank'
 
How to Take the Ransom Out of Ransomware
How to Take the Ransom Out of RansomwareHow to Take the Ransom Out of Ransomware
How to Take the Ransom Out of Ransomware
 
Privacy & Security for the Internet of Things
Privacy & Security for the Internet of ThingsPrivacy & Security for the Internet of Things
Privacy & Security for the Internet of Things
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
 
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VARSafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
SafeDNS Cloud-based Web Filtering for MSP, MSSP and VAR
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
 

Similaire à Keeping your business safe online cosy club

First Union Bank Report
First Union Bank ReportFirst Union Bank Report
First Union Bank Report
Yogesh Kumar
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptx
PREMTRIVEDI5
 
Cyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptxCyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptx
javed75
 
Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awareness
Imran Khan
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 

Similaire à Keeping your business safe online cosy club (20)

IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
First Union Bank Report
First Union Bank ReportFirst Union Bank Report
First Union Bank Report
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptx
 
Cyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptxCyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptx
 
Cyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdfCyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdf
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptx
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
awareness.pdf
awareness.pdfawareness.pdf
awareness.pdf
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
 
Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awareness
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
TPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptxTPC_Presentation - Copy.pptx
TPC_Presentation - Copy.pptx
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
 

Plus de Get up to Speed

Get up to speed getting to grips with seo wells
Get up to speed getting to grips with seo wellsGet up to speed getting to grips with seo wells
Get up to speed getting to grips with seo wells
Get up to Speed
 
Online marketing & selling online for small businesses long ashton
Online marketing & selling online for small businesses long ashtonOnline marketing & selling online for small businesses long ashton
Online marketing & selling online for small businesses long ashton
Get up to Speed
 
Benefits of superfast and day in life buy with confidence - plymouth 29.10
Benefits of superfast and day in life buy with confidence - plymouth 29.10Benefits of superfast and day in life buy with confidence - plymouth 29.10
Benefits of superfast and day in life buy with confidence - plymouth 29.10
Get up to Speed
 
Stand out on Social Media Workshop - Doing Good for Somerset
Stand out on Social Media Workshop - Doing Good for SomersetStand out on Social Media Workshop - Doing Good for Somerset
Stand out on Social Media Workshop - Doing Good for Somerset
Get up to Speed
 

Plus de Get up to Speed (20)

Facebook for Business
Facebook for BusinessFacebook for Business
Facebook for Business
 
Get up to speed getting to grips with seo wells
Get up to speed getting to grips with seo wellsGet up to speed getting to grips with seo wells
Get up to speed getting to grips with seo wells
 
Online marketing & selling online for small businesses long ashton
Online marketing & selling online for small businesses long ashtonOnline marketing & selling online for small businesses long ashton
Online marketing & selling online for small businesses long ashton
 
iPads & Apps Tiverton
iPads & Apps TivertoniPads & Apps Tiverton
iPads & Apps Tiverton
 
Digital Trends 2017 Final
Digital Trends 2017 FinalDigital Trends 2017 Final
Digital Trends 2017 Final
 
Mobile devices and apps for your business south west growers
Mobile devices and apps for your business south west growersMobile devices and apps for your business south west growers
Mobile devices and apps for your business south west growers
 
Social media how to make it work for your business south west growers
Social media how to make it work for your business south west growersSocial media how to make it work for your business south west growers
Social media how to make it work for your business south west growers
 
GUTS DEVA presentation 25th october
GUTS DEVA presentation 25th octoberGUTS DEVA presentation 25th october
GUTS DEVA presentation 25th october
 
Digital marketing 2017 final
Digital marketing 2017 finalDigital marketing 2017 final
Digital marketing 2017 final
 
Online marketing with a focus on social enterprises
Online marketing with a focus on social enterprisesOnline marketing with a focus on social enterprises
Online marketing with a focus on social enterprises
 
Getting to know the cloud
Getting to know the cloud Getting to know the cloud
Getting to know the cloud
 
Stand out on Social Media
Stand out on Social MediaStand out on Social Media
Stand out on Social Media
 
Get Connected Minehead 05.04
Get Connected Minehead 05.04Get Connected Minehead 05.04
Get Connected Minehead 05.04
 
FSB Networking event a day in the life of your mobile phone
FSB Networking event a day in the life of your mobile phoneFSB Networking event a day in the life of your mobile phone
FSB Networking event a day in the life of your mobile phone
 
Benefits of superfast and day in life buy with confidence - plymouth 29.10
Benefits of superfast and day in life buy with confidence - plymouth 29.10Benefits of superfast and day in life buy with confidence - plymouth 29.10
Benefits of superfast and day in life buy with confidence - plymouth 29.10
 
Beginners guide to the internet 26.10.15 & 30.10.15
Beginners guide to the internet 26.10.15 & 30.10.15Beginners guide to the internet 26.10.15 & 30.10.15
Beginners guide to the internet 26.10.15 & 30.10.15
 
WLE Exeter Library 19th nov
WLE Exeter Library 19th novWLE Exeter Library 19th nov
WLE Exeter Library 19th nov
 
Deva conference - Maximising digital Tools
Deva conference - Maximising digital ToolsDeva conference - Maximising digital Tools
Deva conference - Maximising digital Tools
 
Stand out on Social Media Workshop - Doing Good for Somerset
Stand out on Social Media Workshop - Doing Good for SomersetStand out on Social Media Workshop - Doing Good for Somerset
Stand out on Social Media Workshop - Doing Good for Somerset
 
Gadgets gizmos and apps
Gadgets gizmos and appsGadgets gizmos and apps
Gadgets gizmos and apps
 

Dernier

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Keeping your business safe online cosy club

  • 1. Keeping your business safe online Nina Goodwin @GUTS_SW @Cosmic_UK
  • 2.
  • 5. Agenda • Background to Connecting & Devon and Somerset; Get up to Speed; • Security and Privacy; • Are you a Cyber Threat? • 7 steps to Basic Cyber Security • Risk Management: make a plan; • Further advice & Support.
  • 6. Connecting Devon and Somerset • A ground breaking partnership encompassing 6 LA areas to deliver improved and superfast broadband to rural areas; • Improved broadband (>2mbps) to every business and community across Devon and Somerset by 2016; • Faster broadband (>24mbps) to at least 90% of the area by 2016. Without this project 700,000 residents and 26,000 businesses, with a combined turnover of £9 billion, have no certainty of receiving improved or superfast broadband from a commercial rollout
  • 8. CDS Broadband Voucher Scheme • CDS has committed to bringing broadband to everyone within the programme area. If you are not yet able to receive broadband speeds of over 2Mbps you may be able to get connected through the CDS voucher scheme. • The scheme will provide a subsidy of up to £500, in the form of a voucher code, to fund the installation of a new broadband connection. Each premise can choose their supplier with every solution guaranteeing a minimum of 10Mbps download speed. • The scheme will run for one year up until the March 2017 and is open to individual residents, small businesses and communities. https://www.connectingdevonandsomerset.co.uk/cds-broadband- voucher-form/
  • 9. The Process • There are four stages in the process: Step 1 • Check eligibility and apply online; Step 2 • Verification & Approval; Step 3 • Choosing a supplier – If eligible you are granted a voucher code that can be used to subsidise the costs of installing a broadband technology chosen by you to suit your property from our list of available providers. Step 4 • Agree an installation. Get online faster with your increased broadband speed.
  • 10. What is Get up to speed? • Fully funded business and community support alongside roll-out of Superfast Broadband • Helping to ensure we all make the most out of the superfast broadband Delivered by Cosmic Peninsula Consortium.
  • 11. • Free sessions; • Showcase new technologies; • Hands-on Workshops; • Gadget shows; • Seminars; • Briefings; • Taster sessions; • Signposting to free advice and support. https://www.connectingdevonandsomerset.co.uk/get-up-to- speed/events/
  • 12. Keeping your Business Safe Online Security & Privacy
  • 14.
  • 15. While its scale puts it among the largest on record, I am perhaps most troubled by news that this breach occurred in 2014, and yet the public is only learning details of it today US Senator Mark Warner “The company has demonstrated that it isn’t quick to implement best practices and available security technologies, such as the delay in encrypting IM communications, implementing https for its web properties and more. These types of breaches highlight why all companies, need to be cybersecurity leaders, not followers.” Kurt Baumgartner from Kaspersky Lab
  • 16. “The majority of companies are still flying blind when it comes to data security, because 60 per cent still think that it doesn’t affect them,” Barnett said. Imperva CTO speculated that the hack was carried out using SQL injection, the same method an expert hacker claimed was used to breach Carphone Warehouse security in August. Discussions about TalkTalk’s unencrypted databases and at least 11 so-called cross-site scripting vulnerabilities took place on online forums used by hackers weeks before the actual attack on the company was announced.
  • 18. "We're no longer in a situation where it's a case of 'if I am going to get breached'. It's more a case of how often you are going to get breached and how long those people are going to be in for." Cyber forensics pro Dr David Day.
  • 19. Latest figures • 74% of small businesses, and 90% of major businesses, has had a cyber breach of security in the last year. https://www.gov.uk/government/news/uk-businesses-urged-to- protect-themselves-from-growing-cyber-threat • Cyber crime cost the UK £27 billion and costs small businesses on average between £35k and £65k
  • 20. ll Now Cyber crime has been included in our crime statistics for the first time.
  • 21. It’s not just about networks and computers
  • 22.
  • 23.
  • 24. 1) Script kiddies: A wannabe hacker. 2) Scammers: Your email inbox is probably full of their work. Discount pharmaceuticals, time-shares, personal ads from available women in Russia…sound familiar? 3) Hacker groups: Usually work anonymously and create tools for hacking. 4) Phishers: Gotten an email recently claiming your bank account is about to expire? Don’t fall for these jerks.
  • 25. 5) Political/religious/commercial groups: Tend to not be interested in financial gain. These guys develop malware for political ends. If you think this group is harmless, think Stuxnet. The Stuxnet worm which attacked Iran’s Atomic Program of Its Nuclear Facilities was believed to be created by a foreign government. 6) Insiders: They may only be 20% of the threat, but they produce 80% of the damage. These attackers are considered to be the highest risk. To make matters worse, as the name suggests, they often reside within an organization. 7) Advanced Persistent Threat (APT) Agents: This group is responsible for highly targeted attacks carried out by extremely organized state-sponsored groups. Their technical skills are deep and they have access to vast computing resources.
  • 26.
  • 27.
  • 28. Chatham Town FC It’s not just the big boys
  • 29.
  • 30.
  • 31. Get the Basics Right
  • 32. 7 Steps to Basic Cyber Security
  • 33. 1. Download Software Updates • Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe. • If you don’t update your website, someone can use a loophole in the old version of even simple things such as plugins in order to damage your website. Visit : www.cyberstreetwise.com/software
  • 34. 2. Use Complex Passwords One simple way of creating a password is: • Take the first letters of a phrase you always remember (i.e. Never cast a clout till may goes out’ Ncactmgo • Add some characters to the phrase, particularly at the beginning $&Ncactmgo • Now add some unique content to help identify the site i.e. Google GE, $&NcactmgoGE • Now add some numbers, i.e. 16 $&NcactmgoGE16 • Change your passwords regularly, at least twice a year.
  • 35.
  • 36.
  • 37. Prioritise Passwords • Make sure you use a different password for your online banking and email/social accounts. • Symbols and numbers should be included
  • 38. Store Passwords somewhere Safe • Store them off line or in a password manager (your password for your password manager needs to be really complex and not use anywhere else!) • Passpack • LastPass • 1password • Keepass • Trend Micro Password Manager
  • 40.
  • 41.
  • 42. 3. Use anti-virus software & email filtering You do need to invest in good antivirus, free software isn’t good enough these days: • Web root • Trend Micro • Bitdefender • Eset • Kaspersky • Many cyber-attacks come through email with a link, install a good quality email filtering system.
  • 43. • Delete suspicious emails as they may contain fraudulent requests for information or links to viruses. • Have a good spam filter in place Fusemail or Hushmail https://www.sonicwall.com/phishing/ 4. Delete suspicious emails
  • 45. • If you are using Dropbox, Google Apps, Office 365 or any cloud based software, set up two factor authentication • • Usually this means you need your mobile phone with you to approve your sign up. It’s very simple, but it will alert you to any attempts to access your information. • Google authenticator • Authy • Entrust 5. Set up two factor authentication
  • 46. Make sure everything that’s important to you is backed up. Good backup services include: • iDrive • CrashPlan • Carbonite • Backblaze • Mozy *http://uk.pcmag.com/backup-products-1/8648/guide/the-best- online-backup-services-for-2016 6. Back up
  • 47. Things to Consider…………….. 1. Pricing plans All back up services are subscription based; Some online backup services' prices only cover one PC. How much will it cost you over the year? 2. Choosing What to Back Up Different services allow different types of files from differing sources. Some don't let you protect system and program files. Others don't let you back up files and folders on external or network drives; 3. Security; 4. When do you want the back up to happen? Fixed or Continuous? 5. Performance; 6. Restoring Folders and Files.
  • 48. 7. Train your staff • Make your staff aware of cyber security threats and how to deal with them. The Government offers free online training courses tailored for you and your staff which take around 60 minutes to complete. Visit • Website Admin.
  • 51. Have a plan • Be ready with a plan in place; • List possible incidents and rate their impact to your business; • For each incident list communication methods – internal and external; • Have email and telephone scripts ready for action; • How do you know when you are hacked? Analytics.
  • 52.
  • 53.
  • 54. Where do I report online crime? • Action Fraud is the UK's national reporting centre for fraud and internet crime, which provides support to citizens and a reporting service for crime and crime related incidents through its web based and contact centre channels. Visit www.actionfraud.police.uk or call the contact centre on 0300 123 2040.
  • 55. GDPR Privacy by design Right to be forgotten Data portability Explicit consent
  • 56.
  • 57. UK Government’s repsonse to Cyber CrimeCyber Essentials
  • 58. Where to get more information, help and advice • Cyber Streetwise simple advice to help you and your business stay safe online www.cyberstreetwise.com • Responsible for Information free training course www.nationalarchives.gov.uk/sme • Coelition provide tools and support for businesses, helping them to provide consumers with personal services that handle data responsibly www.coelition.org • Action Fraud Report internet and cyber crime online www.actionfraud.police.uk • UK Cyber Security Strategy and programme: www.gov.uk/government/policies/keeping-the-uk-safe-in-cyberspace • Get Safe Online www.getsafeonline.org/businesses Payment Card Industry Security Standards Council Practical advice on all aspects of cyber protection for small businesses • www.pcisecuritystandards.org • Ransomware Information www.nomoreransom.org
  • 59. Summary • Background to Connecting & Devon and Somerset; Get up to Speed; • Security and Privacy; • Are you a Cyber Threat? • 7 steps to Basic Cyber Security • Risk Management: make a plan; • Further advice & Support.
  • 60. Questions Please fill in your evaluation forms

Notes de l'éditeur

  1. Protecting any business against the latest web threats has become an incredibly complicated task. The consequences of external attacks, internal security breaches and Internet abuse have placed Internet security high on the small business agenda. Join the Taunton Jelly and Get up to Speed and find out what do you need to know about security and what are the key elements to ensure your business is and remains safe online.
  2. Go through Housekeeping
  3. To kick things off get learners to introduce themselves; Write up expectations on a flip chart; explain which will/will not be met.
  4. LA = Local Authorities Update March 2015: More than 100,000 homes and businesses in the two counties now have access to fibre broadband as a result of the CDS Almost 90% of those can access speeds in excess of 24mbps Engineers have installed more than 78,000 km of underground optical fibres 456 new fibre broadband cabinets are now ‘live’ A further 224 fibre cabinets have been installed and are waiting for final works to be completed
  5. Security & Privacy is are the most important things to care about if you own a website. Nowadays, with lots of skilled hackers everywhere around just urging to put their hands on anything they possibly can, your website can suffer some serious damage and that’s why it’s so important to protect you and your precious pages. If you own a business and have a website handling online payments then it’s absolutely crucial to protect it properly
  6. because if it falls prey to the hackers, personal user data such as email addresses, phone numbers and credit card details may be compromised and as an effect you may be facing some serious legal troubles.
  7. Andrew Bailey, head of the Financial Conduct Authority, said an urgent analysis of what lay behind the cyber attack was needed; It affected around one in seven of the bank's 136,000 current accounts. Suspicious activity was tracked across 40,000 accounts
  8. Details including names, passwords, email addresses, phone numbers and security questions were taken from the company’s network in late 2014 believed to be a state-sponsored hacking group; credit card or bank details were not included in the stolen data.
  9. Four million customers of broadband provider at risk after it was hit by second major cyber attack within the last year Good Technology VP of global sales Phil Barnett Major hacks are rising The truth is, it’s no longer just a conversation for banks and governments, recent hacks and data breaches show that anyone and everyone is a potential victim
  10. http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Information is beautiful – Live Current biggest hacks Ebay: hackers attacked between late Feb and March; login creditably from a small number of employees and access the database and copied the Information Evernote: Requested users to change passwords after an attempted hack Twitter: hackers had access to user and passwords.
  11. In our businesses today we all know that the risks of digital technologies being abused in order to gain access to our systems, processes and data is ever-present. Multiple high profile instances of cyber attacks on businesses have brought this issue to the forefront and made it a key issue for all business leaders to understand and plan around. In other words cyber-attacks are common and businesses of all sizes, sectors and industries will now find themselves subject to these attacks. Some attacks will appear low-level, for example breaches on your website which result in pages being hacked, or mass-mailing attempts to or from your email servers. Other attacks will be definite and deliberate attempts to gain access to the core systems and data. And indeed an attack which may seem low-level initially could simply be the first stage of a bigger event – the hackers using opportunities to ‘test’ the strength of your security.
  12. Whilst businesses are reaping the benefits of operating online and now earn £1 in every £5 from the Internet, cyber attacks are now considered a serious threat to UK businesses. The latest figures reveal that 74 per cent of small businesses, and 90 per cent of major businesses, has had a cyber breach of security in the last year.
  13. 15th Oct 2015 Crime is reducing oh no it’s not!
  14. allowing hackers to take over control of the vehicles with passengers inside and the first website hacking attempt (DDoS) has been made by smart fridges! Hackers have found a way to exploit a Samsung smart fridge in order to access the owner's Gmail credentials
  15. Can’t deal with the attack! No money resources.
  16. It’s often Kids in any web company will happen in summer holidays/dark web they can play a game; get points; Script kiddies: A wannabe hacker. Someone who wants to be a hacker (or thinks they are) but lacks any serious technical expertise. They are usually only able to attack very weakly secured systems. 2) Scammers: Your email inbox is probably full of their work. Discount pharmaceuticals, time-shares, personal ads from available women in Russia…sound familiar? 3) Hacker groups:  Usually work anonymously and create tools for hacking. They often hack computers for no criminal reason and are sometimes even hired by companies wanting to test their security. 4) Phishers: Gotten an email recently claiming your bank account is about to expire? Don’t fall for these jerks. They want your personal information and, most likely, your identity, by directing you to a phony websites.
  17. 5) Political/religious/commercial groups: Tend to not be interested in financial gain. These guys develop malware for political ends. If you think this group is harmless, think Stuxnet. The Stuxnet worm which attacked Iran’s Atomic Program of Its Nuclear Facilities was believed to be created by a foreign government. 6) Insiders: They may only be 20% of the threat, but they produce 80% of the damage. These attackers are considered to be the highest risk. To make matters worse, as the name suggests, they often reside within an organization. 7) Advanced Persistent Threat (APT) Agents: This group is responsible for highly targeted attacks carried out by extremely organized state-sponsored groups. Their technical skills are deep and they have access to vast computing resources.
  18. Norse Attack – Shows the live cyber across the world.
  19. This Cyber Security Information Portal (CSIP) is a unique resource providing practical advice and step-by-step guidelines for general users, SMEs, and schools
  20. Chatham Town were at the centre of a jihadi attack, after a bungling hacker targeted their club website - mistaking it for a Premier League club. The Muslim hacker, who called himself Abdellah Elmaghribi, targeted Chatham Town website on Saturday ahead of its clash with Tilbury FC - which attracted a crowd of just 63. The website was shut down for 12 hours after an image of a machine-gun wielding man wearing a gas mask was posted with a message asking: 'Where is the security?'
  21. 11;00 attacks on the London Olympics Site every second. the 2016 Summer Olympics in Rio de Janeiro highlighted unbelievable athletic performances, the spirit of competition and cyber-security vulnerabilities, as waves of cyber-attacks hit organizations at both the city and state level, along with other government and Olympic websites. Throughout the games, there were reports that the Anonymous hacking group had been trying to disrupt the Olympics to call attention to humanitarian and political issues in Brazil using distributed denial-of-service (DDoS) attacks and data dumps, while actively targeting more personal, financial and log-in information. The attacks made the Olympics yet another wake-up call for organizations still vulnerable to common attack vectors. In these situations, it's often the underprepared who become targets and feel the full brunt of the attacks although every organization associated with the Olympics was a potential target when the goal was publicity.
  22. Travel West – Local Bus Company in Bristol Muslim extremists hoping to disrupt international travel across the Western world fell a little short of their goal when they hacked into a Bristol bus timetable instead. A group calling itself, Darkshadow - an Arab Security Team – mistakenly hijacked TravelWest’s journey planner website and replaced it with a sinister Islamic State-style black page. It is thought the cyberterrorists, who claim to be based in Tunisia and the Ivory Coast, believed that by hacking TravelWest, they were infiltrating a major international travel website for Europe and the United States.
  23. Street Wise – A good guide 5 steps into 7. Print Off for this. Disaster Planning
  24. 1. Download software updates 2. Use complex passwords 3 Use antivirus and email filtering 4. delete suspicious emails 5. Use two factor authentication 6. Back up data 7. Train your staff Having good cyber security measures in place will help protect your cashflow, your customer data and your reputation.
  25. Keeping software up to date is incredibly important if you want to keep your website secure. Countless websites are compromised every day due to the outdated and insecure software used to run them. Updates contain very important security fixes, which may prevent many breaches. If you don’t update your website, someone can use a loophole in the old version of even simple things such as plugins in order to damage your website. Wordpress sites/ plugins Download software updates and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe.
  26. Passwords are still the easiest way into most datasets and platforms Create more complicated passwords for yourself and customers This sounds like web security basics, but it needs to be said. Both employees and customers struggle to create complex passwords and consistently commit to changing them at least every 90 days. According to SecurityScorecard CEO, Aleksander Yampolskiy, “A big portion of the breaches out there is because of weak passwords.” Companies need to be cognizant and place an emphasis on the importance of avoid simple data breaches due to easy to guess passwords. One best practice is installing a program on employees’ computers that force them to change their passwords every 90 days with character requirements. Another great method could be to send recurring reminder e-mails and/or website notifications to customers to request that they change their passwords based on character type and minimum requirements.
  27. https://www.betterbuys.com/estimating-password-cracking-times/
  28. 12:30
  29. How many of us will honestly admit to using the same passwords for certain accounts? Never use any word which is related to you and may be easy to guess, for example by looking at your social media pages. Absolutely never use: Current partner’s name Child’s name Other family members’ name Pet’s name Place of birth Favourite holiday Something related to your favourite sports team And never share your password with anyone.
  30. Not essential
  31. Can store up to 100 passwords for free with one user; pricing starts from $1.50 for 3 users,
  32. Your computers, tablets and smartphones can easily become infected by small pieces of software known as viruses or malware. Install internet security software like anti-virus on all your devices to help prevent infection. Web root – Don’t use free!
  33. Fusemail: 14 day free trail; cloud based services provide simple, secure, and scalable solutions for email security, spam and virus filtering, email archiving and hosted Exchange. From email spam and virus filtering, archiving, encryption and business continuity, more than twenty five million mailboxes around the world rely on FuseMail® every day to ensure secure and reliable delivery of their critical messages. Hushmail: Small Business plan, $5.99 per user plus set up charge gives you: Automatic encryption between all your employees and on-demand encryption with anyone outside your company. The ability to keep your current business email address that uses your own domain Administrative tools to create, delete and manage users, as well as set up rules that redirect generic email addresses. Delete suspicious emails as they may contain fraudulent requests for information or links to viruses
  34. Hard drive crashes and editing mishaps aren't the only things online backup can protect you from: There are also more traditional disasters such as fires, floods, and earthquakes, which can spell the end of your digital media and documents. Even if you're among the very few of us who diligently perform backups at regular intervals, those calamities can still result in data loss if you didn't store backups off-site. That's a good reason why an online backup service may be the best way to protect your irreplaceable digital goods. Backup of your website; ask your web developer. You never know when your hard drive is going to crash, or when you're going to accidentally overwrite a key file. Use an online backup service to automatically and securely protect your documents, photos, and other media.
  35. Most services encrypt your files with strong systems such as AES 256 or Blowfish before sending them up to the servers. But how the encryption keys are generated is a big differentiator. Several services, such as SpiderOakOne offer a security-and-privacy option in which you alone possess the password, which is never stored on the service's server computers. Others, such as SOS Online and CrashPlan can have you use a separate password from your main account password for the encryption. The caveat for these higher levels of security and privacy is that, if you forget your passphrase, not even the provider's employees will be able to restore your data. Even if compelled by law enforcement, they won't be able to decrypt your files. Yet you'll want it to be a strong, hard-to-crack password, too, since it will grant access to so much of your digital life. Your best bet is to use a password manager to keep track of it for you. The speed with which a service can prep your files (usually involving encryption and compression) and transfer them to their servers doesn't only impact how long it will take to get a large amount of data—often numbering many gigabytes—up to the servers. The speed also affects how much of an impact on your computer its processing will have. Make sure to check out our speed test results in the review of any service you're contemplating purchasing.
  36. Sometimes, your employees just do not know that it is not good cyber hygiene to send sensitive customer data via e-mail. Clearly distinguish and teach your employees on what information should be sent via email and what should not. If they need to send that information via e-mail, then make sure that you have a strong data encryption service in your e-mail system. Website According to Jayne Friedland Holland, Chief Security Officer and associate general counsel at technology firm NIC Inc., it is also a good idea to educate your employees about any laws that pertain to protecting customer data, as they have a legal obligation to protect sensitive customer personal information.
  37. This free 60 minute e-learning module helps you and your staff understand information security risks and how to protect against fraud and cyber crime. Other courses available are For HR Professionals; For Lawyers and Accountants; For Procurement Professionals.
  38. You are required by law to protect data you hold and process about your customers, suppliers and staff. Find out more about the Data Protection Act and get simple, practical advice on how to keep your customers, suppliers and employees’ personal information secure
  39. What is directly at risk? Your money, your IT equipment, your IT-based services and your information. Information is an asset that can take many forms: client lists, customer databases, your financial details, your customers’ financial details, deals you are making or considering, your pricing information, product designs or manufacturing processes. There is a risk to your IT services and information wherever they are stored, whether held on your own systems and devices, or on third-party hosted systems (the cloud). Cyber risk is not about technology alone; it’s about people and processes; leadership and management Who is responsible for business-critical data and systems – as well as representatives of IT security, information security, procurement, human resources (HR) and legal?
  40. On Tesco Website
  41. SW Cyber Security Cluster working with businesses across the region to increase awareness and encourage improvement. South West Cyber Security Cluster; We support businesses of any size, from SMEs to Public / Private Sector. Our members can meet with you to understand your needs and requirements. Through consultations we can help you be one step ahead in Cyber Security If your business has been a victim of cyber crime, you can report it to the police via Action Fraud.
  42. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union (EU). It also addresses export of personal data outside the EU Directly applicable to all EU member states without a need for national implementing legislation. Create and enforce privacy throughout your systems' lifecycles to meet the "privacy by design" requirement, whether you buy or develop. This will ensure privacy controls are stronger, simpler to implement, harder to by-pass and totally embedded in a system’s core functionality. Prepare your organisation to fulfil the "right to be forgotten", "right to erasure" and the "right to data portability". A strategy covering topics such as data classification, retention, collection, destruction, storage and search will be required – and it should cover all mechanisms by which data is collected, including the internet, call centres and paper. Read up on this Courses on the future; store and you will liable
  43. http://www.computerweekly.com/feature/Do-not-delay-EU-data-protection-changes-on-the-way
  44. Shows you how to put technical measures in place to protect your business against the most common internet threats. You can also apply for a Cyber Essentials badge to demonstrate to customers your business takes this issue seriously. Cyber Essentials is recommended by Government for all organisations which rely on the internet. Next steps for a business; goes into deeper; if you have contracts with government in future will ask you to have this in place.
  45. Finish 12:50