People the last line of defence in cybersecurity? Cristian-Mihai - - PowerPoint PPT Presentation

people the last line of defence in cybersecurity
SMART_READER_LITE
LIVE PREVIEW

People the last line of defence in cybersecurity? Cristian-Mihai - - PowerPoint PPT Presentation

Jan 28, 2023 99 likes •301 views

People the last line of defence in cybersecurity? Cristian-Mihai Amarandei, B.Eng. (Hons), PhD cristian.amarandei@tuiasi.ro People the fjrst line of defence in cybersecurity? Cristian-Mihai Amarandei, B.Eng. (Hons), PhD

slide-1
SLIDE 1

People – the last line of defence in cybersecurity?

Cristian-Mihai Amarandei, B.Eng. (Hons), PhD cristian.amarandei@tuiasi.ro

slide-2
SLIDE 2

People – the fjrst line of defence in cybersecurity?

Cristian-Mihai Amarandei, B.Eng. (Hons), PhD cristian.amarandei@tuiasi.ro

slide-3
SLIDE 3

Motivation to break into systems

  • Industrial espionage
  • Financial gain
  • Revenge ( disgruntled actual/former employees)
  • Status
  • ...
slide-4
SLIDE 4

Threats to Network Security

  • Hackers
  • Disgruntled employees
  • Organizations: suported by some governements

as spying technique, organized crime, terorrists

  • Virues, trojan program, malware ...
  • Social engineering: - the people factor
  • ...
slide-5
SLIDE 5

Verizon 2016 Data Breach Investigations Report

slide-6
SLIDE 6

What can we secure?

  • The network
  • Block potential attackers and known means of

attack

  • secure connectivity with trusted users
  • Activities that require secure connectivity
  • Remote access to the internal network
  • Access to applications and services (e-mail, web …)
slide-7
SLIDE 7

Social Engineering: the people factor

  • Attackers can try to gain access through users
  • Employees can be tricked to provide data access to

resources

  • Protect the end-user
  • Organizations need a security policy and rigorous

training program

slide-8
SLIDE 8

how ?

  • Security Policies / Usage guidelines
  • Purchase of specialized equipment and

software

  • Educate the end-user !!
slide-9
SLIDE 9

Spam detected in e-mails

01/10/17 02/10/17 03/10/17 04/10/17 05/10/17 06/10/17 07/10/17 08/10/17 09/10/17 10/10/17 11/10/17 12/10/17 13/10/17 14/10/17 15/10/17 16/10/17 17/10/17 18/10/17 19/10/17 20/10/17 21/10/17 22/10/17 23/10/17 24/10/17 25/10/17 26/10/17 27/10/17 28/10/17 29/10/17 30/10/17 31/10/17 5000 10000 15000 20000 25000 30000 35000 40000 Mail Virus Spam

slide-10
SLIDE 10

Some more details ….

  • Total number of messages – 624,022
  • Detected spam 452,163 – 72,5%

01/10/17 02/10/17 03/10/17 04/10/17 05/10/17 06/10/17 07/10/17 08/10/17 09/10/17 10/10/17 11/10/17 12/10/17 13/10/17 14/10/17 15/10/17 16/10/17 17/10/17 18/10/17 19/10/17 20/10/17 21/10/17 22/10/17 23/10/17 24/10/17 25/10/17 26/10/17 27/10/17 28/10/17 29/10/17 30/10/17 31/10/17 10 20 30 40 50 60 70 80 90 100 Virus% Spam%

slide-11
SLIDE 11

after spam detection and delivery of messages ..

  • How many of the messages detected as spam

contained possible attack vectors?

  • How many of the messages that passed the

detection system had potential attack vectors?

− Where and from what devices have messages been

read?

− What did the user do?

slide-12
SLIDE 12

Security policy

  • Is necessary if
  • employees work with confjdential

information

  • data loss could result in severe financial loss
  • organization has trade secrets
  • the internet is used daily
  • organization is subject to regulation for

information security and privacy (GDPR !)

slide-13
SLIDE 13

Security Policy

  • Gives users guidelines on how to handle sensitive

information

  • Gives IT stafg instructions on what defensive systems to

confjgure

  • Reduces the risk of legal liability
  • A good security policy is comprehensive and

also fmexible

  • Is a group of documents instead of a single

document

slide-14
SLIDE 14

Security policy

  • too complex – no one will follow
  • fails if afgects productivity
  • should state clearly what can and cannot be done in

the organization network or on equipment and property

  • must include generalized clauses
  • people need to know why the security policy is

importat

  • and specifjc consequences for violating the policy !!
slide-15
SLIDE 15

Security policy

  • must involve representatives of all

departments

  • needs support from the highest level of the

company management

  • employees must sign a document acknowledging

the policy and agreement to abide by it

  • updated with current technologies and consistent

with applicable laws

slide-16
SLIDE 16

How do we know if the policies are well done?

  • International standards and guidelines are

available

  • ISO/IEC 27002:2013
  • Payment Card Industry Data Security Standard (PCI

DSS) - https://www.pcisecuritystandards.org

  • National Institute of Standards and Technology

(NIST) Cybersecurity Framework - https://www.nist.gov/cyberframework

  • IASME - https://www.iasme.co.uk/
slide-17
SLIDE 17

What about the end-user?

  • All employees / users must be educated about

security dangers and security policies

  • rigorous training program !!
  • Employees are most likely to detect security

breaches

  • or then cay cause one ( accidentally !?)
  • they can observe suspicious activities
  • Enforcing the security policy !!
slide-18
SLIDE 18

People – the first or the last line of defence?