e safe ncaa email il security
play

E-Safe NCAA Email il Security Scott Berding Trivia The email - PowerPoint PPT Presentation

Nov 05, 2023 •48 likes •518 views

E-Safe NCAA Email il Security Scott Berding Trivia The email security market is a mature market with single digit growth? False Its an $18B market growing at 22% Trivia #1 reason for non-adoption of Office 365 is security concerns?

  1. E-Safe NCAA – Email il Security Scott Berding

  2. Trivia The email security market is a mature market with single digit growth?

  4. False It’s an $18B market growing at 22%

  5. Trivia #1 reason for non-adoption of Office 365 is security concerns?

  7. True Per Gartner, 37% of businesses say security is biggest blocker for O365 migration

  8. Trivia A majority of Office 365 users rank email as the number one capability their organization is currently using?

  10. True Per Gartner, 51% of businesses say email is the number one capability they are using

  11. The trend to Office 365 continues…

  12. Office 365 adoption is gaining ground Adoption of Office 365 is growing at 55% YoY 56 % Organizations are evaluating their email security needs with migration of businesses Microsoft native security not are on O365 enough

  13. Email is thriving. So are advanced threats. 74% _______________of ALL ATTACKS start with EMAIL

  14. We live in interesting times Spear Phishing 1 in 10 attacks Business Email $12B impact Compromise 126% increase Account T akeover 74% of attacks Blackmail

  15. Let’s recap Email security is still a big concern Microsoft betting future on Office 365 Email remains #1 (application, and threat vector) Customers feel the pain of advanced threats So what does this all mean?

  16. It’s time to go “Beyond the Gateway”

  17. Traditional security losing its relevance Reputation Filter | Content Filter | Advanced Threat Protection Corporate   Email  High Reputation Sender Zero-Day Links No malicious Payload Inbox ?? ?? Social Engineering

  18. POC: Mimecast vs. Barracuda Sentinel Results Barracuda Sentinel found 2,391 attacks not detected • by Mimecast over the past year Industry: Real Estate Mimecast didn’t detect 388 Dropbox attacks in 1 day • Employees: Mimecast was unable to stop targeted socially • 2,500 engineered attacks Region: United States Current Solution: Example Mimecast Background: Ran Email Threat Scanner on last year’s email

  19. POC: Microsoft ATP vs. Barracuda Sentinel Results Fortune 500 Company Barracuda Sentinel found 621 attacks that were not • detected by Microsoft ATP Industry: Manufacturing 366 Microsoft impersonations missed by Microsoft • Employees: ATP in one month 13,000 Region: United States Example Current Solution: Microsoft ATP Background: Ran Sentinel for one month side by side

  20. Silver bullet Barracuda Email Threat Scanner (ETS) https://scan.barracudanetworks.com/signup

  21. Are you leveraging the Power of ETS? Scans Office 365 to identify threats already in users inboxes Provides detailed report of all threats discovered Shows prospects beyond a doubt how gateway security solutions fail to protect Highlights clear need for ‘beyond the gateway’ security Proves Barracuda Sentinel provides best protection against advanced threats

  22. Barracuda Complements Microsoft (EOP) Security Phishing Simulat ation ion and Traini ning ng Awareness AI for r Socia ial l Accou count t T akeov over r Brand nd Prote otecti ction on Inbox Defense Engine neering ing Defense nse DMARC C Reportin ting Forensics Resiliency Cloud Backup Email il Continuity ity and Incident Inboun und/Out Outboun und Response Encr cryp yptio tion and DLP Archiving chiving for Gateway Defense for Secur ure Messag saging ing Complia liance nce Secur urity ity O365 | G Suite | Exchan hange

  23. Barracuda Complements Microsoft (ATP) Security Phishing Simulat ation ion and Traini ning ng Awareness AI for r Socia ial l Accou count t T akeov over r Brand nd Prote otecti ction on Inbox Defense Engine neering ing Defense nse DMARC C Reportin ting Forensics Resiliency Cloud Backup Email il Continuity ity and Incident Inboun und/Out Outboun und Response Encr cryp yptio tion and DLP Archiving chiving for Gateway Defense for Secur ure Messag saging ing Complia liance nce Secur urity ity O365 | G Suite | Exchan hange

  24. Discovering customer pain points Secure inbound/ What are you using for email gateway? outbound mail Prevent phishing and Do you get spear phishing emails? account takeover Have you heard on DMARC? Do you have it implemented? Stop domain spoofing How long does it take you to respond to phishing attacks? Respond to phishing attacks

  25. Discovering customer pain points Secure inbound/ Treat Intelligence outbound mail Prevent phishing and API | Artificial Intelligence | Account takeover protection account takeover DMARC Reporting Stop domain spoofing Forensics and Incident Response Respond to phishing attacks

  26. What is Sender Authentication? Sender Authentication is a way for mail gateways to determine authenticity of an incoming email. It uses a collection of techniques (SPF, DKIM, DMARC) to provide verifiable information about the origin of the email, as well as validating that the content of an email hasn’t been modified in transit.

  27. Operational Issues w/ SPF and DKIM Difficult to ensure that every message can be authenticated • using SPF or DKIM Recipients have difficulty discerning between legitimate and • fraudulent emails that don’t authenticate Senders have hard time validating their email authentication • deployments Even when SPF and DKIM are configured properly, email • receivers are reluctant to reject unauthenticated messages.

  28. Sender Policy Framework SPF or Sender Policy Framework is used to determine whether or not an email originated from a mail server that the domain owner has authorized, whether it’s their own mail server or a 3 rd party hosted solution SPF consists of a TXT record in DNS called a “SPF Record” A SPF record is made up of three parts: The version of SPF • The mechanism(s) permitted to send messages for the given domain • The qualifier at the end of the SPF record •

  29. SPF: Lets Break it Down Version sion – There is only one version of SPF in use today (v=spf1) Mechanism echanism – There are eight different mechanisms defined in RFC. You will typically only see/use four (4) of them. Qualifier alifier – Each mechanism can be combined with a qualifier. There are four (4) qualifiers, but only two are commonly used

  30. SPF: Lets Break It Down + for a PASS result ? for a NEUTRAL result (No Policy) ~ for SOFTFAIL - for FAIL v=spf1 ip4:16 162. 2.19 196. 6.17.21 7.218/32 8/32 include: ude:spf spf.o .outl utlook.com ok.com -all The qualifier comes These are the last and indicates This is the version of mechanisms which what you want done SPF to use. It must specify where an with an email that come at the start of email is authorized to doesn’t match any the SPF record originate from. mechanism(s) A If the domain name has an address record (A or AAAA) that can be resolved to the sender's address, it will match. IP4 If the sender is in a given IPv4 address range, match. IP6 If the sender is in a given IPv6 address range, match. MX If the domain name has an MX record resolving to the sender's address, it will match PTR Deprecated – Do Not Use EXISTS Do Not Use INCLUDE References the policy of another domain.

  31. SPF: Tips and Tricks SPF checks are performed against the ENVEL ELOP OPE E FROM M • domain. SPF does not t survive vive mail-forwards • You can only have one SPF record in DNS • You can link multiple SPF records together with INCL CLUD UDE • statements There is a limit it of 10 DNS queries • SPF is outlined in RFC 7208 - https://tools.ietf.org/html/rfc7208 •

  32. SPF: T ools With an IP and email address, you can test to see what the results of a SPF check would be https://vamsoft.com/support/tools/spf-policy-tester The test will go through and break down the SPF record line by line as it tests each mechanism. Try it out! Put in your Barracuda email and an IP and see what happens. If you want it to pass, use 64.235.1 .235.144.25 4.25

  33. DomainKeys Identified Mail DomainKeys Identified Mail or DKIM is a way for senders to digitally “sign” their emails. It uses public key cryptography to ensure that emails sent over the Internet are not altered in transit. The presence of a valid DKIM signature also provides a certain level of trust to the email.

  34. DKIM: Lets Break it Down When an email is sent to a recipient, the email software generates a signature based on the content of the message and the sender's private key. The signature is added to the email header and the message is sent to the recipient. An example signature is shown below: DKIM-Signature: v=1; a=rsa-sha256; d=example.net; s=default; c=relaxed/simple; q=dns/txt; l=1234; t=1117574938; x=1118006938; h=from:to:subject:date:keywords:keywords; bh=MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=; b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZVoG4ZHRNiYzR

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 NCAA Rule Book Larger - More Sections Rules in FR Section Case Plays in FI Section Rules

1 NCAA Rule Book Larger - More Sections Rules in FR Section Case Plays in FI Section Rules

NCAA vs Federation Rules In General NCAA Rule Book The Field Officials and Signals Timing and Overtime Player Equipment and Clothing Major Rule Differences Running, Passing, Kicking Games Penalty Enforcements NCAA vs Federation Rules WHAT

405 views • 11 slides
NCAA and College Athletics Matt Stevens Counselor Timberline High School General Overview

NCAA and College Athletics Matt Stevens Counselor Timberline High School General Overview

NCAA and College Athletics Matt Stevens Counselor Timberline High School General Overview NCAA Divisions I, II, III Recruiting Process NCAA Eligibility Center Formerly the NCAA Clearinghouse NCAA Divisions Division I Division II

646 views • 29 slides
Security by Any Other Name: On the Effectiveness of Provider Based Email Security Ian Foster,

Security by Any Other Name: On the Effectiveness of Provider Based Email Security Ian Foster,

Security by Any Other Name: On the Effectiveness of Provider Based Email Security Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko University of California, San Diego Recent Email Communications

449 views • 28 slides
Three Steps 1. Apply through the NCAA Eligibility Center 2. Request and send your Transcripts

Three Steps 1. Apply through the NCAA Eligibility Center 2. Request and send your Transcripts

Student/Athletes NCAA Eligibility Select links above for information Official SAT/ACT scores and transcript required (transcripts for NCAA must be requested in Naviance under the Transcript link) Students contact counselor if further

847 views • 29 slides
COLLEGE SPORTS? NCAA Eligibility Center Guide 2017-2018 AGENDA What is the NCAA? What is the

COLLEGE SPORTS? NCAA Eligibility Center Guide 2017-2018 AGENDA What is the NCAA? What is the

WANT TO PLAY COLLEGE SPORTS? NCAA Eligibility Center Guide 2017-2018 AGENDA What is the NCAA? What is the NCAA Eligibility Center? High school timeline Registration Initial-eligibility requirements DI DII Sports Participation

1.05k views • 38 slides
NCAA Initial Eligibility Burlington Central High School September 20, 2017 Overview NCAA

NCAA Initial Eligibility Burlington Central High School September 20, 2017 Overview NCAA

NCAA Initial Eligibility Burlington Central High School September 20, 2017 Overview NCAA Divisions, NAIA, and NJCAA Steps to Achieving Eligibility NCAA Eligibility Center Academics Initial Eligibility Core Courses

899 views • 34 slides
NCAA Initial Eligibility Burlington Central High School December 5, 2018 Overview NCAA

NCAA Initial Eligibility Burlington Central High School December 5, 2018 Overview NCAA

NCAA Initial Eligibility Burlington Central High School December 5, 2018 Overview NCAA Divisions, NAIA, and NJCAA Steps to Achieving Eligibility NCAA Eligibility Center Academics Initial Eligibility Core Courses

592 views • 34 slides
NCAA Initial Eligibility Burlington Central High School March 1, 2017 Overview NCAA

NCAA Initial Eligibility Burlington Central High School March 1, 2017 Overview NCAA

NCAA Initial Eligibility Burlington Central High School March 1, 2017 Overview NCAA Divisions, NAIA, and NJCAA Steps to Achieving Eligibility NCAA Eligibility Center Academics Initial Eligibility Core Courses GPA

766 views • 34 slides
Athlete Protections The NCAA has declined oversight protecting college athletes The NCAA has

Athlete Protections The NCAA has declined oversight protecting college athletes The NCAA has

College Athlete Protections The NCAA has declined oversight protecting college athletes The NCAA has declined to enforce rules to ensure athletes are actually getting an education. UNC Aug. 2017 The NCAA determined no rules violation

106 views • 9 slides
NCAA National Collegiate Scouting Association NAIA NJCAA Previous Experience Why Are We Here?

NCAA National Collegiate Scouting Association NAIA NJCAA Previous Experience Why Are We Here?

The information from this presentation was obtained from the following sources: NCAA National Collegiate Scouting Association NAIA NJCAA Previous Experience Why Are We Here? Different NCAA Divisions Additional Athletic Organizations NCAA

1.68k views • 48 slides
NCAA v. NFHS SIGNIFICANT DIFFERENCES (2012) SCCFOA Boot Camp II July 14,2012 NCAA v. NFHS

NCAA v. NFHS SIGNIFICANT DIFFERENCES (2012) SCCFOA Boot Camp II July 14,2012 NCAA v. NFHS

7/6/2012 NCAA v. NFHS SIGNIFICANT DIFFERENCES (2012) SCCFOA Boot Camp II July 14,2012 NCAA v. NFHS SIGNIFICANT DIFFERENCES (2012) Rule 1: NCAA: no shoes required; NFHS: yes. NCAA: no kicking tee on field goals or tries; NFHS: yes.

216 views • 10 slides
WANT TO PLAY COLLEGE SPORTS? NCAA Eligibility Center Guide 2018-2019 AGENDA What is the NCAA?

WANT TO PLAY COLLEGE SPORTS? NCAA Eligibility Center Guide 2018-2019 AGENDA What is the NCAA?

WANT TO PLAY COLLEGE SPORTS? NCAA Eligibility Center Guide 2018-2019 AGENDA What is the NCAA? What is the NCAA Eligibility Center? High school timeline Registration Initial-eligibility requirements DI DII Sports Participation

711 views • 29 slides
AGENDA NCAA fast facts? What is the NCAA Eligibility Center? High school timeline.

AGENDA NCAA fast facts? What is the NCAA Eligibility Center? High school timeline.

AGENDA NCAA fast facts? What is the NCAA Eligibility Center? High school timeline. Registration. Initial-eligibility requirements. Division I. Division II. Sports participation. How can you help? Resources. NCAA FAST FACTS

848 views • 49 slides
How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address that tries to disguise itself as legitimate A generic greeting An email that demands immediate action CWU warning message indicates the email

268 views • 8 slides
Email Security Guevara Noubir Network Security Northeastern

Email Security Guevara Noubir Network Security Northeastern

Email Security Guevara Noubir Network Security Northeastern University Email Security 1 Email One of the most widely used applica>ons of the

360 views • 14 slides
NCAA ELI GI BI LI TY & SCHOLARSHI PS NCAA (National Collegiate Athletic Association)

NCAA ELI GI BI LI TY & SCHOLARSHI PS NCAA (National Collegiate Athletic Association)

10/23/2013 NCAA ELI GI BI LI TY & SCHOLARSHI PS NCAA (National Collegiate Athletic Association) Three Divisions Division I Largest, most competitive, most athletic scholarships available Division I I Some athletic

258 views • 14 slides
Q4 Earnings Presentation February 2020 2 General: This presentation and comments associated with

Q4 Earnings Presentation February 2020 2 General: This presentation and comments associated with

Q4 Earnings Presentation February 2020 2 General: This presentation and comments associated with it contains Accordingly, readers should exercise caution in relying upon forward- historical information, descriptions of current

156 views • 14 slides
Innovation Plan Update Presented By: Dr. DJ Loerzel, Director of Accountability and Research

Innovation Plan Update Presented By: Dr. DJ Loerzel, Director of Accountability and Research

Aurora Central High School Innovation Plan Update Presented By: Dr. DJ Loerzel, Director of Accountability and Research September 3, 2019 Every Student Shapes a Successful Future Aurora Central High School Why is this topic on the board

477 views • 33 slides
USING SPF Presenter Jennifer Dorsett, CDP, CPP OR Kristi Sharpe, CPP WHOS WHO? In

USING SPF Presenter Jennifer Dorsett, CDP, CPP OR Kristi Sharpe, CPP WHOS WHO? In

MAKE AN IMPACT USING SPF Presenter Jennifer Dorsett, CDP, CPP OR Kristi Sharpe, CPP WHOS WHO? In Prevention Beginners? Moderate? Advanced? Been to CADCA? Been to Summit in the Past? Been to Youth Forum? Youth Forum

273 views • 25 slides
Kentucky-Specific SPF Spreadsheets Purpose Allow for easy application of the Kentucky-

Kentucky-Specific SPF Spreadsheets Purpose Allow for easy application of the Kentucky-

Kentucky-Specific SPF Spreadsheets Purpose Allow for easy application of the Kentucky- specific SPFs Ensures uniform use of the SPFs across the state Assists in safety analysis and identifying high crash segments *Spreadsheets

380 views • 10 slides
Local Government Pension Scheme Breaches Training What is a breach? an act of breaking or

Local Government Pension Scheme Breaches Training What is a breach? an act of breaking or

Local Government Pension Scheme Breaches Training What is a breach? an act of breaking or failing to observe a law, agreement or code of conduct Responsible for reporting a breach: Pension / Committee / Board Scheme Manager

359 views • 17 slides
Introducing the new NHS workplace learning campaign... Background Last year the Social

Introducing the new NHS workplace learning campaign... Background Last year the Social

Introducing the new NHS workplace learning campaign... Background Last year the Social Partnership Forum (SPF) tasked NHS Employers with delivery of a workplace learning campaign. At the end of July 2013 NHS Employers, in partnership with NHS

213 views • 10 slides
RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin

RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin

RP2: Automated end-to-end email component testing MSc. Security & Network Engineering Kevin Csuka, Isaac Klop October 16, 2018 University of Amsterdam Supervisor: Michiel Leenaars, NLnet Intro 1 Intro E-mail software is complex

951 views • 27 slides
Prepared by V. Schmitt, Social Security Specialist, ILO DWT Bangkok and Presented by Kwanpadh

Prepared by V. Schmitt, Social Security Specialist, ILO DWT Bangkok and Presented by Kwanpadh

Prepared by V. Schmitt, Social Security Specialist, ILO DWT Bangkok and Presented by Kwanpadh Suddhi Dhamakit, UNDP Bangkok, Seoul, 1&2 November 2012 Structure of the presentation Social protection floor: concept, initiative and

751 views • 40 slides

More recommend