SlideShare une entreprise Scribd logo

Cyber Security Seminar

Jeremy Quadri
Jeremy Quadri

Digital Business Masterclass sponsored by Nat West: Fraud Awareness and Cyber Security. http://bit.do/eventbrite2

Technologie
1  sur  51
Télécharger pour lire hors ligne
Chamber Forum Workshop TITLE: CYBERSECURITY CONFERENCE Chamber Forum Facilitator: Quadri Consulting LTD Jeremy Quadri Date: 10.12.2015
ABOUT THE CHAMBER OF COMMERCE • INDEPENDENT AND NOT-FOR-PROFIT ORGANISATION • LINKS TO OVER 5,000 LOCAL BUSINESSES FROM FTSE 100 COMPANIES TO BUSINESS CONSULTANTS. • FACILITATE BROAD RANGE OF MONTHLY EVENTS; E.G. • BUSINESS BREAKFASTS, CONFERENCES, MASTERCLASSES • MEMBERSHIP INCLUDES 12 HOURS FREE ONE-TO-ONE BUSINESS MENTORING • ADVERTISING AND SPONSORSHIP OPPORTUNITIES
Jeremy Quadri - Director of Quadri Consulting Ltd - Director of TopDevCentral Ltd - BEng (Hons) Degree - Electrical & Electronics Engineerv1992 - IT Security Professional at Cable&Wireless Since 1998 - CISSP Certified (372063) - Certified Ethical Hacker Certification - Offensive Security Certified Professional certification (OSCP) - CompTIA SY0-301 Security+ - InfoSec Institute Web Application Security Certified - OWASP - Testing Secure Web Applications
TopDevCentral Ltd  Custom Software Development  Team augmentation  Data Warehousing/Big Data  BI Development  Project Rescue Quadri Consulting Ltd  Vulnerability Scanning  Penetration Testing  Professional Services  Threat Management  Awareness Training  BI Development Services
Why Are We Here?  What is Cybersecurity?  Who’s responsibility is it to keep cyber safe?  The Government or the private sector ?  Why YOU may become the next victim?  Who is doing the attacking?  What do they attack?  Why do they attack?  How to protect yourself, your family, and your business!
WHY THIS IS IMPORTANT ~ A LITTLE HISTORY~  90% of large organisation and 74% of small businesses reported some form of data breach  Online attacks have grown by 66% since 2009.  Cyber crime costs the UK economy £27bn a year  158 new malware created EVERY MINUTE : PandaLabs One for each one of us • Facebook Sees 600,000 Compromised Logins Per Day :TechCrunch
UK HACKED SITES
Hackers Don't Have Rules, Regulations They Don’t Have To Meet Compliance Such as PCI, Data Protection, ISO 27001 Etc...
COMMON FALSE RATIONALES? • There’s Nothing A Hacker Would Want On My PC. • I Don’t Store Sensitive Information On My PC. • I Only Use It For Checking E-mails. • My Company Isn’t Big Enough To Worry About Hackers? • Online Stores Will Keep Our Details Safe
How Valuable Is A Hacked Workstation
Websites & Blogs WordPress is used by 60.9% of all the websites. 1. Use the latest version of core and plugins. 2. Use strong passwords. For more security enable a 2-factor plugin 3. Get DDOS protection?
CLIENT SIDE ATTACK DEMO
WHATAN ATTACK MIGHT LOOK LIKE
Your data has been encrypted by ransomware malware/virus?
What is Bitcoin? Bitcoin vs USD chart statistics Your data has been encrypted by ransomware malware/virus?
HELPFUL TIP #6: WHAT TO DO IF BREACHED 1. Reboot your computer, choose safe mode. (Can someone tell me how to boot into safe mode — (press & hold the F8 key) 2. Install a Good Anti-virus 3. Run a Scan With Anti-Virus 4. Bios infected seek professional help
DARK WEB 1.ORIGINAL UK PASSPORTS : HTTP://VFQND6MIECCQYIIT.ONION/ 2.RENT A HACKER: HTTP://2OGMRLFZDTHNWKEZ.ONION/ 3.ASSASSIN FOR HIRE IN EUROPE: HTTP://YBP4OEZFHK24HXMB.ONION/ 4.EUROPEAN BASED ARMS-DEALER: HTTP://2KKA4F23PCXGQKPV.ONION/ 5.EU DRUG SALE: HTTP://S5Q54HFWW56OV2XC.ONION/ 6.COUNTERFEITS CURRENCY: HTTP://Y3FPIEIEZY2SIN4A.ONION/, HTTP://SLA2TCYPJZ774DNO.ONION/ 7.BUY A PAYPAL ACCOUNT & CLONED CARDS : What sort of things can you find on the deep web
HELPFUL TIP #1: BACKUP YOUR DATA 1. Run Daily Backups of Critical Data 2. Automated Offsite BackupsAre Invaluable 3. Check / Test Your Data Backups Monthly (Minimum) 50% of SMB’s Have No Backup & Disaster Recovery Plan Only 28% Have Tested Their Plan
HELPFUL TIP #1: BACKUP YOUR DATA
Why is Payment card data an attractive target to hackers
HELPFUL TIP #2: BANK CARD RULES • LOOKOUT FOR THE HTTPS LOCK ICON • AVOID SHOPPING OVER OPEN WI-FI • SECURE YOUR HOME NETWORK • DISABLE PHONE WI-FI & BLUETOOTH WHEN NOT IN USE • STICK TO REPUTABLE RETAILERS ONLY
How They Get Paid
REAL VALUE? One prominent credential seller in the underground reported: • iTunes accounts for $8 • Fedex.com, Continental.com and United.com accounts for USD $6 • Groupon.com accounts fetch $5 • $4 buys hacked credentials at registrar and hosting provider Godaddy.com, as well as wireless providers Att.com, Sprint.com, Verizonwireless.com, and Tmobile.com • Active accounts at Facebook and Twitter retail for just $2.50 each 93% of companies that lose their data - file for bankruptcy within 1 year [National Archives]
“3D PRINTING AND CREDIT CARD SKIMMERS!”
HELPFUL TIP #3: MULTIPLE BANK ACCOUNTS One Account for Payroll and Taxes – NO DEBIT OR CREDIT CARDS ASSOCIATED WITH THIS ACCOUNT 2. 3. 4. Check for padlock when shopping online 5. Place your hand over the keyboard when entering your pin One Account for Operations & Expenses Don't let your card's out of your site when shopping
Password Examples Social
Password Hacking Demo
HELPFUL TIP #4: PASSWORD RULES 1. DON’T SHARE PASSWORDS – This includes your “IT Guy” – Type your password for them One Password Per Account 2. 3. No Password POST-IT NOTES! 4. Change Your Password Every 60 Days 5. Use a phrase with numbers and characters: “I Only Have Eyes For You” ”!0hE4uAug” 6. Use a password manager
HELPFUL TIP #5: WINDOWS FIREWALL & UAC 1. Re-Enable Windows Firewall 2. Install CurrentAntiVirus Software (and keep it current please) 3. Enable UserAccess Control (UAC) -- We know it is considered obnoxious, but it really does work to help prevent attacks against your workstation >> Control Panel> UserAccounts 4. Seek professional help to secure your business network
HELPFUL TIP #7: WORK SMARTER 1. Name 2. Address 3. Phone 4. DOB? 5. Education (College/High School) 6. Mother’s Maiden Name? 7. Mothers fathers name 8. Friends names 9. Children’s names 10. Children's school 11. Children's DOB 12. Pets name 13. Browsing habits (websites, services, hobbies, likes, etc… 14. Don't include passport photograph's on social media
SOCIAL MEDIA AND PHISHING 1. Know who is authorized to add content 2. Type of content allowed 3. Who has access 4. Who has login info 5. Which sites are used 6. Employee Termination Policy According to a Microsoft study, phishing via social Networks grew from 8.3% in 2010 to 84.5% in 2011 (increasing steadily since then) Find out what percentage of your employees are Phish- prone™ with our free test https://www.knowbe4.com/phishing-security-test-offer
PHONE HACKING DEMO
If You Allow Users To Access • Corporate E-mail • Corporate Data • Remote Access To Corp Network Then You MUST have Mobile Device Management and use a policy to ensure You Can Wipe Your Corporate Data If The Device Is Lost Or Stolen.
-Install Tracker application on your smartphone, it could help trace your device if stolen -London: Most Of Crimes Reported Are Phone Theft
Where Do Employees Leave Your Corporate Data And Email? Put A Lock On Your Phone TODAY!
PERKELE: ANDROID MALWARE KIT 1. Can Help Defeat Multi-factor Authentication Used By Many Banks 2. Interacts With A Wide Variety Of Malware Already Resident On A Victim’s PC 3. WhenA Victim Visits His Bank’s Web Site, The Trojan Injects Malicious Code Prompting The User To Enter His Mobile Information, Including Phone Number And OS Type When the bank sends an SMS with a one-time code, Perkele intercepts that code and sends it to the attacker’s control server. Then the malicious script completes an unauthorized transaction.
THE MOST SECURE WAY TO COMMUNICATE 1. A LETTER SENT THROUGH SNAIL MAIL. (BY CONVENTIONAL POSTAL DELIVERY SERVICES) 2. OVERNIGHT PACKAGE SUCH AS FEDEX OR UPS. 3. A CALL MADE FROM ONE PREVIOUSLY UNUSED CELL PHONE TO ANOTHER PREVIOUSLY UNUSED CELL PHONE. 1. Tor 2. Red Phone  Free, Worldwide, Encrypted Phone Calls everything is end-to-end encrypted 3. Signal Desktop  [https://whispersystems.org/blog/signal- desktop/] Modern secure privacy tools Traditional
TOP 6 BEST ANTIVIRUS FOR ANDROID Anti-theft, lost phone check 1.Avast Mobile Security & Antivirus FREE 2. 360 Security – Antivirus FREE 4. CM Security Antivirus Applock by Cheetah Mobile — FREE 5. AVG Anti-Virus Security – FREE 6. Kaspersky -
Train Staff On Social Engineering! Know The Source Limit Telephone Information Sharing Physical Security Wireless “Hot Spots” & Hotel Internet Your Equipment @ Offsite Locations including Starbucks & Conferences Ability To Disable The Device If It’s Lost Or Stolen (LoJack, Encryption, Etc.) HELPFUL TIP #8: COMMON SENSE SECURITY
Use Malware protection Encrypt Your Hard Drive Use Email Hygiene Provider / Service Use Server Based Group Policies Use MSP to Manage Company Firewall(s) Establish Company-wide Data Policies HELPFUL TIP #9: ADVANCED SECURITY TIPS
All You Needed In The 80’s Tape Backup A Good Mullet An Afro
Patch Management Force Password Changes Implement Password Policies SecureALL Mobile Devices Review Workstation Security Review Network Security Enforce Content Filtering HELPFUL TIP #10: PATCHES, UPDATES, & YOUR NETWORK
WHAT’S NEXT ON CYBERCRIMINALS AGENDA? 1. WebsiteAccounts: Twitter, Facebook, Pinterest, YOUR WEBSITE 2. Home Automation Systems 3. Video Conferencing Systems 4. Video Surveillance Systems 5. Refrigerator and Other Network Appliances 6. HVAC Systems 7. 8. Automobiles, Phones, & Televisions All IOT ( internet of things ) ** Recent Paid Test Results In Disabled Brakes**
What’s Next on YOUR Agenda? Network Security Audit 1. Fill Out The Audit Contact Form 2. Business Development Will Schedule An On-site Pre-Audit Meeting 3. Engineer Will Be Scheduled For On- site Visit 4. Engineer and Business Development Will Discuss The Findings Of The Audit 5. Follow Up Client Meeting To Discuss RecommendationsAnd Findings Of The Audit
WHAT HAPPENS NEXT? ONE OF TWO THINGS HAPPENS 1. Do You have a security plan ? Can you implement it in house ? 3. Can you to outsource it ? 2. Analyse Plan Design Implement Operate Optimize
Analyse Plan Design Implement Operate Optimize WHAT HAPPENS NEXT? ONE OF TWO THINGS HAPPENS 2. You love the plan and ask us to get you protected ASAP. If that’s the case, we’ll knock it out of the park ... and that’s a promise.
QUESTIONS?
Founded 2013 About Quadri Consulting QUADRI CONSULTING LTD 3rd Floor 207 Regent Street London W1B 3HH UK www.quadriconsulting.com Phone+44-0800-044-5840
RECAP ON THE QUADRI CONSULTING LTD • NEXT WORKSHOP WILL BE MARCH 2016 ON THE SAME SUBJECT WITH MORE HACKING • BEERS, CONFERENCES, MASTERCLASSES • INCLUDES 1 HOUR FREE HACKING MENTORING • ADVERTISING AND SPONSORSHIP OPPORTUNITIES

Recommandé

Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businessesB2BPlanner Ltd.
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Infosec 4 The Home
Infosec 4 The HomeInfosec 4 The Home
Infosec 4 The Homejaysonstreet
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityDean Bonehill ♠Technology for Business♠
 
Harbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidHarbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidErnest Staats
 
30 Killer Internet Security Tips
30 Killer Internet Security Tips30 Killer Internet Security Tips
30 Killer Internet Security TipsQuick Heal Technologies Ltd.
 
Home and Business Computer Security 2014
Home and Business Computer Security 2014Home and Business Computer Security 2014
Home and Business Computer Security 2014B2BPlanner Ltd.
 

Contenu connexe

Tendances

Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideBenedek Menesi
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
Lenovo Presentation for Sys Logic Lunch and Learn
Lenovo Presentation for Sys Logic Lunch and LearnLenovo Presentation for Sys Logic Lunch and Learn
Lenovo Presentation for Sys Logic Lunch and LearnTony DeGonia (LION)
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guideNguyen Xuan Quang
 
How can EMM help with GDPR compliance?
How can EMM help with GDPR compliance?How can EMM help with GDPR compliance?
How can EMM help with GDPR compliance?Miradore
 
Year 7 - Week 5 esafety
Year 7 - Week 5 esafetyYear 7 - Week 5 esafety
Year 7 - Week 5 esafetyteachesict
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016William Slater III
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverIMMUNIO
 
Common Security Misconception
Common Security MisconceptionCommon Security Misconception
Common Security MisconceptionMatthew Ong
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityJFashant
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber WorldEmil Tan
 

Tendances (17)

Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed Adam
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
Lenovo Presentation for Sys Logic Lunch and Learn
Lenovo Presentation for Sys Logic Lunch and LearnLenovo Presentation for Sys Logic Lunch and Learn
Lenovo Presentation for Sys Logic Lunch and Learn
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
 
6 Security Tips for Using Public WiFi
6 Security Tips for Using Public WiFi6 Security Tips for Using Public WiFi
6 Security Tips for Using Public WiFi
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guide
 
Pcs academy october_2020_security
Pcs academy october_2020_securityPcs academy october_2020_security
Pcs academy october_2020_security
 
How can EMM help with GDPR compliance?
How can EMM help with GDPR compliance?How can EMM help with GDPR compliance?
How can EMM help with GDPR compliance?
 
Year 7 - Week 5 esafety
Year 7 - Week 5 esafetyYear 7 - Week 5 esafety
Year 7 - Week 5 esafety
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account Takeover
 
Common Security Misconception
Common Security MisconceptionCommon Security Misconception
Common Security Misconception
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber World
 

En vedette

Presentation on Cyber Security
Presentation on Cyber SecurityPresentation on Cyber Security
Presentation on Cyber SecurityAnand Kater
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
Cyber Security_Presentation_KTH
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTHAwais Shibli
 
Cyber Security Seminar, MEA 2015, IGN Mantra
Cyber Security Seminar, MEA 2015, IGN MantraCyber Security Seminar, MEA 2015, IGN Mantra
Cyber Security Seminar, MEA 2015, IGN MantraIGN MANTRA
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and securityAlisha Korpal
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics123seminarsonly
 
Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

En vedette (9)

Presentation on Cyber Security
Presentation on Cyber SecurityPresentation on Cyber Security
Presentation on Cyber Security
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security Terms
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 
Cyber Security_Presentation_KTH
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTH
 
Cyber Security Seminar, MEA 2015, IGN Mantra
Cyber Security Seminar, MEA 2015, IGN MantraCyber Security Seminar, MEA 2015, IGN Mantra
Cyber Security Seminar, MEA 2015, IGN Mantra
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and security
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similaire à Cyber Security Seminar

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsgppcpa
 
How to Secure Your iOs Device and Keep Client Data Safe
How to Secure Your iOs Device and Keep Client Data SafeHow to Secure Your iOs Device and Keep Client Data Safe
How to Secure Your iOs Device and Keep Client Data SafeRocket Matter, LLC
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Knowmapletronics
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Keeping your business safe online cosy club
Keeping your business safe online cosy clubKeeping your business safe online cosy club
Keeping your business safe online cosy clubGet up to Speed
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying EyesEllie Sherven
 
Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessGreg Wartes, MCP
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & securityPriyab Satoshi
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 

Similaire à Cyber Security Seminar (20)

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
 
How to Secure Your iOs Device and Keep Client Data Safe
How to Secure Your iOs Device and Keep Client Data SafeHow to Secure Your iOs Device and Keep Client Data Safe
How to Secure Your iOs Device and Keep Client Data Safe
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Network Security - What Every Business Needs to Know
Network Security - What Every Business Needs to KnowNetwork Security - What Every Business Needs to Know
Network Security - What Every Business Needs to Know
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Keeping your business safe online cosy club
Keeping your business safe online cosy clubKeeping your business safe online cosy club
Keeping your business safe online cosy club
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
Secure End User
Secure End UserSecure End User
Secure End User
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying Eyes
 
Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware Awareness
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Outside the Office: Mobile Security
Outside the Office: Mobile SecurityOutside the Office: Mobile Security
Outside the Office: Mobile Security
 

Dernier

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 

Dernier (20)

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 

Cyber Security Seminar

  • 1. Chamber Forum Workshop TITLE: CYBERSECURITY CONFERENCE Chamber Forum Facilitator: Quadri Consulting LTD Jeremy Quadri Date: 10.12.2015
  • 2. ABOUT THE CHAMBER OF COMMERCE • INDEPENDENT AND NOT-FOR-PROFIT ORGANISATION • LINKS TO OVER 5,000 LOCAL BUSINESSES FROM FTSE 100 COMPANIES TO BUSINESS CONSULTANTS. • FACILITATE BROAD RANGE OF MONTHLY EVENTS; E.G. • BUSINESS BREAKFASTS, CONFERENCES, MASTERCLASSES • MEMBERSHIP INCLUDES 12 HOURS FREE ONE-TO-ONE BUSINESS MENTORING • ADVERTISING AND SPONSORSHIP OPPORTUNITIES
  • 3. Jeremy Quadri - Director of Quadri Consulting Ltd - Director of TopDevCentral Ltd - BEng (Hons) Degree - Electrical & Electronics Engineerv1992 - IT Security Professional at Cable&Wireless Since 1998 - CISSP Certified (372063) - Certified Ethical Hacker Certification - Offensive Security Certified Professional certification (OSCP) - CompTIA SY0-301 Security+ - InfoSec Institute Web Application Security Certified - OWASP - Testing Secure Web Applications
  • 4. TopDevCentral Ltd  Custom Software Development  Team augmentation  Data Warehousing/Big Data  BI Development  Project Rescue Quadri Consulting Ltd  Vulnerability Scanning  Penetration Testing  Professional Services  Threat Management  Awareness Training  BI Development Services
  • 5. Why Are We Here?  What is Cybersecurity?  Who’s responsibility is it to keep cyber safe?  The Government or the private sector ?  Why YOU may become the next victim?  Who is doing the attacking?  What do they attack?  Why do they attack?  How to protect yourself, your family, and your business!
  • 6. WHY THIS IS IMPORTANT ~ A LITTLE HISTORY~  90% of large organisation and 74% of small businesses reported some form of data breach  Online attacks have grown by 66% since 2009.  Cyber crime costs the UK economy £27bn a year  158 new malware created EVERY MINUTE : PandaLabs One for each one of us • Facebook Sees 600,000 Compromised Logins Per Day :TechCrunch
  • 8. Hackers Don't Have Rules, Regulations They Don’t Have To Meet Compliance Such as PCI, Data Protection, ISO 27001 Etc...
  • 9. COMMON FALSE RATIONALES? • There’s Nothing A Hacker Would Want On My PC. • I Don’t Store Sensitive Information On My PC. • I Only Use It For Checking E-mails. • My Company Isn’t Big Enough To Worry About Hackers? • Online Stores Will Keep Our Details Safe
  • 10. How Valuable Is A Hacked Workstation
  • 11. Websites & Blogs WordPress is used by 60.9% of all the websites. 1. Use the latest version of core and plugins. 2. Use strong passwords. For more security enable a 2-factor plugin 3. Get DDOS protection?
  • 13. WHATAN ATTACK MIGHT LOOK LIKE
  • 14. Your data has been encrypted by ransomware malware/virus?
  • 15. What is Bitcoin? Bitcoin vs USD chart statistics Your data has been encrypted by ransomware malware/virus?
  • 16. HELPFUL TIP #6: WHAT TO DO IF BREACHED 1. Reboot your computer, choose safe mode. (Can someone tell me how to boot into safe mode — (press & hold the F8 key) 2. Install a Good Anti-virus 3. Run a Scan With Anti-Virus 4. Bios infected seek professional help
  • 17. DARK WEB 1.ORIGINAL UK PASSPORTS : HTTP://VFQND6MIECCQYIIT.ONION/ 2.RENT A HACKER: HTTP://2OGMRLFZDTHNWKEZ.ONION/ 3.ASSASSIN FOR HIRE IN EUROPE: HTTP://YBP4OEZFHK24HXMB.ONION/ 4.EUROPEAN BASED ARMS-DEALER: HTTP://2KKA4F23PCXGQKPV.ONION/ 5.EU DRUG SALE: HTTP://S5Q54HFWW56OV2XC.ONION/ 6.COUNTERFEITS CURRENCY: HTTP://Y3FPIEIEZY2SIN4A.ONION/, HTTP://SLA2TCYPJZ774DNO.ONION/ 7.BUY A PAYPAL ACCOUNT & CLONED CARDS : What sort of things can you find on the deep web
  • 18. HELPFUL TIP #1: BACKUP YOUR DATA 1. Run Daily Backups of Critical Data 2. Automated Offsite BackupsAre Invaluable 3. Check / Test Your Data Backups Monthly (Minimum) 50% of SMB’s Have No Backup & Disaster Recovery Plan Only 28% Have Tested Their Plan
  • 19. HELPFUL TIP #1: BACKUP YOUR DATA
  • 20. Why is Payment card data an attractive target to hackers
  • 21. HELPFUL TIP #2: BANK CARD RULES • LOOKOUT FOR THE HTTPS LOCK ICON • AVOID SHOPPING OVER OPEN WI-FI • SECURE YOUR HOME NETWORK • DISABLE PHONE WI-FI & BLUETOOTH WHEN NOT IN USE • STICK TO REPUTABLE RETAILERS ONLY
  • 22. How They Get Paid
  • 23. REAL VALUE? One prominent credential seller in the underground reported: • iTunes accounts for $8 • Fedex.com, Continental.com and United.com accounts for USD $6 • Groupon.com accounts fetch $5 • $4 buys hacked credentials at registrar and hosting provider Godaddy.com, as well as wireless providers Att.com, Sprint.com, Verizonwireless.com, and Tmobile.com • Active accounts at Facebook and Twitter retail for just $2.50 each 93% of companies that lose their data - file for bankruptcy within 1 year [National Archives]
  • 24.
  • 25. “3D PRINTING AND CREDIT CARD SKIMMERS!”
  • 26. HELPFUL TIP #3: MULTIPLE BANK ACCOUNTS One Account for Payroll and Taxes – NO DEBIT OR CREDIT CARDS ASSOCIATED WITH THIS ACCOUNT 2. 3. 4. Check for padlock when shopping online 5. Place your hand over the keyboard when entering your pin One Account for Operations & Expenses Don't let your card's out of your site when shopping
  • 29. HELPFUL TIP #4: PASSWORD RULES 1. DON’T SHARE PASSWORDS – This includes your “IT Guy” – Type your password for them One Password Per Account 2. 3. No Password POST-IT NOTES! 4. Change Your Password Every 60 Days 5. Use a phrase with numbers and characters: “I Only Have Eyes For You” ”!0hE4uAug” 6. Use a password manager
  • 30. HELPFUL TIP #5: WINDOWS FIREWALL & UAC 1. Re-Enable Windows Firewall 2. Install CurrentAntiVirus Software (and keep it current please) 3. Enable UserAccess Control (UAC) -- We know it is considered obnoxious, but it really does work to help prevent attacks against your workstation >> Control Panel> UserAccounts 4. Seek professional help to secure your business network
  • 31. HELPFUL TIP #7: WORK SMARTER 1. Name 2. Address 3. Phone 4. DOB? 5. Education (College/High School) 6. Mother’s Maiden Name? 7. Mothers fathers name 8. Friends names 9. Children’s names 10. Children's school 11. Children's DOB 12. Pets name 13. Browsing habits (websites, services, hobbies, likes, etc… 14. Don't include passport photograph's on social media
  • 32. SOCIAL MEDIA AND PHISHING 1. Know who is authorized to add content 2. Type of content allowed 3. Who has access 4. Who has login info 5. Which sites are used 6. Employee Termination Policy According to a Microsoft study, phishing via social Networks grew from 8.3% in 2010 to 84.5% in 2011 (increasing steadily since then) Find out what percentage of your employees are Phish- prone™ with our free test https://www.knowbe4.com/phishing-security-test-offer
  • 34. If You Allow Users To Access • Corporate E-mail • Corporate Data • Remote Access To Corp Network Then You MUST have Mobile Device Management and use a policy to ensure You Can Wipe Your Corporate Data If The Device Is Lost Or Stolen.
  • 35. -Install Tracker application on your smartphone, it could help trace your device if stolen -London: Most Of Crimes Reported Are Phone Theft
  • 36. Where Do Employees Leave Your Corporate Data And Email? Put A Lock On Your Phone TODAY!
  • 37. PERKELE: ANDROID MALWARE KIT 1. Can Help Defeat Multi-factor Authentication Used By Many Banks 2. Interacts With A Wide Variety Of Malware Already Resident On A Victim’s PC 3. WhenA Victim Visits His Bank’s Web Site, The Trojan Injects Malicious Code Prompting The User To Enter His Mobile Information, Including Phone Number And OS Type When the bank sends an SMS with a one-time code, Perkele intercepts that code and sends it to the attacker’s control server. Then the malicious script completes an unauthorized transaction.
  • 38. THE MOST SECURE WAY TO COMMUNICATE 1. A LETTER SENT THROUGH SNAIL MAIL. (BY CONVENTIONAL POSTAL DELIVERY SERVICES) 2. OVERNIGHT PACKAGE SUCH AS FEDEX OR UPS. 3. A CALL MADE FROM ONE PREVIOUSLY UNUSED CELL PHONE TO ANOTHER PREVIOUSLY UNUSED CELL PHONE. 1. Tor 2. Red Phone  Free, Worldwide, Encrypted Phone Calls everything is end-to-end encrypted 3. Signal Desktop  [https://whispersystems.org/blog/signal- desktop/] Modern secure privacy tools Traditional
  • 39. TOP 6 BEST ANTIVIRUS FOR ANDROID Anti-theft, lost phone check 1.Avast Mobile Security & Antivirus FREE 2. 360 Security – Antivirus FREE 4. CM Security Antivirus Applock by Cheetah Mobile — FREE 5. AVG Anti-Virus Security – FREE 6. Kaspersky -
  • 40. Train Staff On Social Engineering! Know The Source Limit Telephone Information Sharing Physical Security Wireless “Hot Spots” & Hotel Internet Your Equipment @ Offsite Locations including Starbucks & Conferences Ability To Disable The Device If It’s Lost Or Stolen (LoJack, Encryption, Etc.) HELPFUL TIP #8: COMMON SENSE SECURITY
  • 41. Use Malware protection Encrypt Your Hard Drive Use Email Hygiene Provider / Service Use Server Based Group Policies Use MSP to Manage Company Firewall(s) Establish Company-wide Data Policies HELPFUL TIP #9: ADVANCED SECURITY TIPS
  • 42. All You Needed In The 80’s Tape Backup A Good Mullet An Afro
  • 43. Patch Management Force Password Changes Implement Password Policies SecureALL Mobile Devices Review Workstation Security Review Network Security Enforce Content Filtering HELPFUL TIP #10: PATCHES, UPDATES, & YOUR NETWORK
  • 44. WHAT’S NEXT ON CYBERCRIMINALS AGENDA? 1. WebsiteAccounts: Twitter, Facebook, Pinterest, YOUR WEBSITE 2. Home Automation Systems 3. Video Conferencing Systems 4. Video Surveillance Systems 5. Refrigerator and Other Network Appliances 6. HVAC Systems 7. 8. Automobiles, Phones, & Televisions All IOT ( internet of things ) ** Recent Paid Test Results In Disabled Brakes**
  • 45. What’s Next on YOUR Agenda? Network Security Audit 1. Fill Out The Audit Contact Form 2. Business Development Will Schedule An On-site Pre-Audit Meeting 3. Engineer Will Be Scheduled For On- site Visit 4. Engineer and Business Development Will Discuss The Findings Of The Audit 5. Follow Up Client Meeting To Discuss RecommendationsAnd Findings Of The Audit
  • 46. WHAT HAPPENS NEXT? ONE OF TWO THINGS HAPPENS 1. Do You have a security plan ? Can you implement it in house ? 3. Can you to outsource it ? 2. Analyse Plan Design Implement Operate Optimize
  • 47. Analyse Plan Design Implement Operate Optimize WHAT HAPPENS NEXT? ONE OF TWO THINGS HAPPENS 2. You love the plan and ask us to get you protected ASAP. If that’s the case, we’ll knock it out of the park ... and that’s a promise.
  • 48.
  • 50. Founded 2013 About Quadri Consulting QUADRI CONSULTING LTD 3rd Floor 207 Regent Street London W1B 3HH UK www.quadriconsulting.com Phone+44-0800-044-5840
  • 51. RECAP ON THE QUADRI CONSULTING LTD • NEXT WORKSHOP WILL BE MARCH 2016 ON THE SAME SUBJECT WITH MORE HACKING • BEERS, CONFERENCES, MASTERCLASSES • INCLUDES 1 HOUR FREE HACKING MENTORING • ADVERTISING AND SPONSORSHIP OPPORTUNITIES