Is Your Small Business Online Smart? Jonathan Rajewski, MS, CCE, - - PowerPoint PPT Presentation
Is Your Small Business Online Smart? Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE Director - Senator Leahy Center for Digital Investigation Associate Professor - Digital Forensics | Cyber Security Digital Forensic Examiner - Vermont Internet
Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE
Director - Senator Leahy Center for Digital Investigation Associate Professor - Digital Forensics | Cyber Security Digital Forensic Examiner - Vermont Internet Crimes Against Children Task Force
@jtrajewski rajewski@champlain.edu | 802-318-4804
Director - Senator Leahy Center for Digital Investigation Associate Professor - Digital Forensics | Cyber Security Digital Forensic Examiner - Vermont Internet Crimes Against Children Task Force
@jtrajewski rajewski@champlain.edu
Professional Certifications
EnCe, CCE, CISSP , CFE
Professional Associations
Board Member - BTV Ignite, DFCB – Digital Forensic Certified Practitioner “Founder”, CDFS - Consortium of Digital Forensic Specialists, ISFCE – International Society of Forensic Computer Examiners, ACFE – Association of Certified Fraud Examiners, HTCC – High Tech Crime Consortium
Recent Awards/Recognition
2014 US Ignite Application Summit Best Public Safety Application 2014 Honored by FBI director James B. Comey 2013 4 under 40 - Hilbert College 2013 C. Bader Brouilette Alumni Leadership Award - Champlain College 2012 Top Digital Forensic Professor – Digital Forensics - Princeton Review 2012 Best 300 Professors in the United States - Princeton Review 2011 Digital Forensic Examiner of the Year - Forensic 4cast Awards
s
"Behind this glass is incredible talent and this country in general and the FBI in particular needs those folks,"
Personal Identifiable Information
Protected Health Information Private / Sensitive Information
Security
11
Full album & lyrics: http://goo.gl/S6rxCv Music by Renald Francoeur, Drawing by Craighton Berman, Video by Don Markus, Video Editor Brad Taylor.
The trigger for notification Who to notify Timing of notification Contents of notice Methods for providing notice Impacted) individuals) Government) Authori5es) Credit) repor5ng) agencies) Contractual) Partners) Press)
Adopted from Sheryl Falk sfalk@winston.com
Describe(incident( Categories(of(informa2on(involved( Consequences(of(breach/nature(of(risk( Protec2on(measures(put(in(place( Advice(about(how(to(protect(self(
Adopted from Sheryl Falk sfalk@winston.com
What happened? When did it happen? What information was compromised? Was my information compromised? How many people’s information was impacted? Was the information encrypted? Was my social security number compromised? Did anyone misuse this information? What should I do? What are you doing to protect me? Will this happen again? Who should I contact if I have more questions?
Have a Breach Communications Plan Communicate breach facts accurately and quickly Understand and follow breach notification timetables Stay focused and concise Be prepared to update with new information What you might offer: Information about security freezes and credit monitoring Contact information for credit reporting agencies, FTC or state authorities Central “ombudsman” for all questions Credit monitoring or identity restoration services Coupons or gift certificates
Adopted from Sheryl Falk sfalk@winston.com
Understand your Data Evaluate your Data Security Fully Plan your Data Incident Response Identify your Data Security Response Team Identify your Response Partners Check for Cyberliability Insurance coverage Assess your Information Security Representations
Adopted from Sheryl Falk sfalk@winston.com