shira rubinoff
play

SHIRA RUBINOFF PRESIDENT, PRIME TECH PARTNERS @SHIRASTWEET - PowerPoint PPT Presentation

May 01, 2023 •44 likes •224 views

How To Effectively Keep Your Organization Cyber-Secure In An Ever-Changing Digital World SHIRA RUBINOFF PRESIDENT, PRIME TECH PARTNERS @SHIRASTWEET SHIRA@SHIRARUBINOFF.COM We Will Discuss: 1) How an Organization Can Achieve Proper Cyber

  1. How To Effectively Keep Your Organization Cyber-Secure In An Ever-Changing Digital World SHIRA RUBINOFF PRESIDENT, PRIME TECH PARTNERS @SHIRASTWEET SHIRA@SHIRARUBINOFF.COM

  2. We Will Discuss: 1) How an Organization Can Achieve Proper Cyber Hygiene 2) How To Deal With - Insider Threats 4 Types 3) How To Achieve Proper Cyber Hygiene Protocols From Employees

  3. Compliance Culture vs Security Culture Compliance Culture • Policies come from top down • Policies enforced by threats of punishment • Security team attitude defaults to PEBKAC ( problem exists between keyboard and chair ) • Non- security staff sees security as someone else’s problem

  4. Security Culture • Polices are formed with input from ALL stakeholders • Policies enforced consistently & good security behavior rewarded • Security Team studies workflows and brainstorms solutions • Security is everyone’s responsibility

  5. Cyber Hygiene in an Organization Proper CYBER HYGIENE has many elements that need to be addressed including:  1) Continuous Training for ALL employees no matter what level or job they have within the organization.  2) Global awareness throughout the organization.  3) Updated security implemented on a regular basis  4) Implementing a Zero-Trust model

  6. Continuous Training & Awareness for ALL Employees • From Consultant to Intern to CEO • Generational appropriate training – make it meaningful

  7. Training should include… • Stage real-world specific scenarios • Discussions over past problematic instances and how to rectify them going forward • Assurance of management support = TEAM EFFORT • Leave time for dialogue – feedback and Q& A

  8. Remember: New vs Old of Training NEW OLD  frequent  annual  incremental  info dumps  situationally relevant  universally applicable

  9. Updates; Security Implemented on a Regular Basis

  10. Implement A Zero-Trust Model

  11. Building a Culture of Security Keeping Your Security Streamlined Across Your Organization is Critical • Employee freedoms are unrestricted when possible • Security-based restrictions are explained when they occur • Understanding protocol in the organization imperative - and consequences and accolades are consistent • Management values security and its employees

  12. Insider Threats • Insiders are the most studied risk to security in academic literature • Insider threats predate computing • Connectivity and data portability increase risks posed by insiders • Insiders are a component in 50-75% of all data breaches

  13. Four Types of Insider Attacks

  14. Two types of malicious insiders (Shaw 2005) (malicious and professional) Opportunistic Employees Disgruntled Employees • Motivated by greed • More likely to be male • Any gender • Sense of entitlement • Access (physical or digital) • A history of negative social and • Skills (technically proficient) personal behaviors • Moral neutralization • Lack of social skills or strong (ability to rationalize the illicit act) social isolation • Recent (past six months) adverse event at • Recent inciting incident work or in personal life

  15. Combating malicious insiders Combat Disgruntled Combat Opportunistic Employees with… Employees with… • Position rotation and cross- • Access controls training • Clear role boundaries • Mandatory vacation policies • Cross-functional Teams • Regular Audits • Management training to recognize problematic • Visible Monitoring behavioral changes • Transparent and rapid • Robust and automatic post- sanctions termination protocols

  16. Non-malicious Insiders (oblivious and negligent) They don’t mean any harm… Uninformed • Indecisive • Unsuspicious • Unsure of support • This vulnerability • can be minimized with good, ongoing training

  17. To Achieve: The Situationally Which will Result In: Compliant Employee: - Build Trust  Successful in their roles - Support their values  Aware of information - Align security with security policies work, rather than work  Technically competent with security  Sensitive to the security - 360 feedback culture of your - Invest in a security organization culture  Motivated by their own job-related values Thereby Yielding Proper Cyber Hygiene Protocols From Employees

  18. Thank you for listening to my presentation! Please follow me : Twitter: @ShirasTweet LinkedIn: www.linkedin.com/in/shirarubinoff

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prediction-based decisions & fairness: choices, assumptions, and definitions Shira Mitchell,

Prediction-based decisions & fairness: choices, assumptions, and definitions Shira Mitchell,

Prediction-based decisions & fairness: choices, assumptions, and definitions Shira Mitchell, Eric Potash, Solon Barocas, Alexander DAmour, and Kristian Lum November 12, 2019 Shira Mitchell sam942@mail.harvard.edu @shiraamitchell

604 views • 42 slides
Multilevel Models for Estimating the Number of Deaths in Armed Conflict (in Colombia) Shira

Multilevel Models for Estimating the Number of Deaths in Armed Conflict (in Colombia) Shira

Multilevel Models for Estimating the Number of Deaths in Armed Conflict (in Colombia) Shira Mitchell JSM 2014 Collaborators: Brent Coull, Alan Zaslavsky, Al Ozonoff, Kristian Lum, Patrick Ball, Megan Price August 5, 2014 Shira Mitchell

783 views • 46 slides
Holographic Complexity for Systems with Defects Universiteit van Amsterdam Shira Chapman

Holographic Complexity for Systems with Defects Universiteit van Amsterdam Shira Chapman

Holographic Complexity for Systems with Defects Universiteit van Amsterdam Shira Chapman University of Amsterdam It from Qubit School and Workshop YITP, Kyoto 23 June 2019 Dongsheng Ge hep-th/1811.12549 Giuseppe Policastro Quantum

480 views • 15 slides
Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/1/2010

Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/1/2010

New Investment Tool: Foreign Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/1/2010 www.dezshira.com 1 18 year of experience in China Advisory on Law and Tax Unternehmensberatung Tax

288 views • 26 slides
Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/3/2010

Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/3/2010

New Investment Tool: Foreign Invested Partnership Richard Hoffmann, Senior Associate Dezan Shira & Associates 6/3/2010 www.dezshira.com 1 18 year of experience in China Advisory on Law and Tax Unternehmensberatung Tax

551 views • 25 slides
Peter Izsak, Shira Guskin, Moshe Wasserblat Intel AI Lab EMC 2 Workshop @ NeurIPS 2019 Motivation

Peter Izsak, Shira Guskin, Moshe Wasserblat Intel AI Lab EMC 2 Workshop @ NeurIPS 2019 Motivation

Peter Izsak, Shira Guskin, Moshe Wasserblat Intel AI Lab EMC 2 Workshop @ NeurIPS 2019 Motivation Named Entity Recognition (NER) is a widely used Information Extraction task in many industrial applications and use cases Ramping up on

522 views • 6 slides
The Family Medicine Board Exam 2017: What to Expect Shira Shavit, MD Associate Clinical

The Family Medicine Board Exam 2017: What to Expect Shira Shavit, MD Associate Clinical

The Family Medicine Board Exam 2017: What to Expect Shira Shavit, MD Associate Clinical Professor UCSF Dept of Family and Community Medicine American Board of Family Medicine: Primary Certification and Recertification Exams In 2017:

477 views • 28 slides
MSSP PROPOSED RULE: ACOs-PATHWAYS TO SUCCESS September 12, 2018 Presentation Shira Hollander

MSSP PROPOSED RULE: ACOs-PATHWAYS TO SUCCESS September 12, 2018 Presentation Shira Hollander

MSSP PROPOSED RULE: ACOs-PATHWAYS TO SUCCESS September 12, 2018 Presentation Shira Hollander shollander@aha.org Todays presentation will be available at: https://www.aha.org/accountable-care- organizations-acos MSSP ACOs-Pathways to

766 views • 38 slides
Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue,

Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue,

Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue, Dawn Kotowicz, and Pamela Rubinoff CRC 2nd Annual Meeting The University of North Carolina at Chapel Hill Feb. 1-3, 2017 Rationale: Decision

659 views • 36 slides
Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue

Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue

Motivating Actions to Reduce Storm Vulnerability James J Opaluch, Austin Becker, Donald Robadue and Pamela Rubinoff CRC 1 st Annual Mee.ng The University of North Carolina at Chapel Hill March 2-3, 2016 CRC 1 st Annual Mee.ng The University of

201 views • 17 slides
Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Oxford - Theoretical

Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Oxford - Theoretical

Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Oxford - Theoretical Physics Shira Chapman, Carlos Hoyos, Yaron Oz arXiv: 1310.2247, 1402.2981 Tel Aviv University March 04, 2014 Outline Superfluids and

619 views • 30 slides
Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Crete Center for

Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Crete Center for

Superfluid Hydrodynamics, Thermal Partition Function and Lifshitz Scaling Crete Center for Theoretical Physics Shira Chapman, Carlos Hoyos, Yaron Oz arXiv: 1310.2247, 1402.2981 Tel Aviv University February 20, 2014 Outline Superfluids and

347 views • 30 slides
Payroll Processing and HR Administration Payroll and HR Services - 1 Payroll Processing and HR

Payroll Processing and HR Administration Payroll and HR Services - 1 Payroll Processing and HR

Corporate Establishment, Tax, Accounting & Payroll Troughout Asia Payroll Processing and HR Administration Payroll and HR Services - 1 Payroll Processing and HR Administration D ezan Shira & Associates Ltd. proudly provides payroll and

541 views • 11 slides
Communicating Risk k to Motivate Individual Action James O. Prochaska, Ph.D., CPRC, University of

Communicating Risk k to Motivate Individual Action James O. Prochaska, Ph.D., CPRC, University of

Communicating Risk k to Motivate Individual Action James O. Prochaska, Ph.D., CPRC, University of Rhode Island Andrea L. Paiva, Ph.D., CPRC, University of Rhode Island Pam Rubinoff, Coastal Extension Specialist, CRC, University of Rhode Island

296 views • 15 slides
Non-Parametric Signal Detection and RMT Boaz Nadler Department of Computer Science and Applied

Non-Parametric Signal Detection and RMT Boaz Nadler Department of Computer Science and Applied

Introduction Problem Formulation Non-Parametric Signal Detection and RMT Boaz Nadler Department of Computer Science and Applied Mathematics The Weizmann Institute of Science Joint work with Shira Kritchman and with Federico Penna, Roberto

1.26k views • 78 slides
Compassionate Approaches to Crisis Webinar Series Warmlines: Crisis and Supplemental Supports

Compassionate Approaches to Crisis Webinar Series Warmlines: Crisis and Supplemental Supports

Compassionate Approaches to Crisis Webinar Series Warmlines: Crisis and Supplemental Supports Jess Stohlmann-Rainey, Rocky Mountain Crisis Partners Shira Collings, Host, National Empowerment Center 1 Disclaimer This webinar was developed [in

462 views • 18 slides
Welcome & Overview Peter Coates Governance & Business Ethics John Burton

Welcome & Overview Peter Coates Governance & Business Ethics John Burton

Welcome & Overview Peter Coates Governance & Business Ethics John Burton Sustainable Development at Glencore Xstrata Michael Fahrbach Health & Safety Stephen Eichstadt Environment Michael Fahrbach Communities &

493 views • 38 slides
DNB Boligkreditt May 2018 1 The DNB Group DNB ASA DNB Bank ASA DNB Life and Aa2 / A+ Asset

DNB Boligkreditt May 2018 1 The DNB Group DNB ASA DNB Bank ASA DNB Life and Aa2 / A+ Asset

DNB Boligkreditt May 2018 1 The DNB Group DNB ASA DNB Bank ASA DNB Life and Aa2 / A+ Asset Management (Senior/ short term issuance) 100% owned by DNB Bank and DNB functionally an integrated part of the parent Boligkreditt AS

345 views • 23 slides
An Australian gold miner - for global investors Macquarie Australia Conference - May 2019

An Australian gold miner - for global investors Macquarie Australia Conference - May 2019

An Australian gold miner - for global investors Macquarie Australia Conference - May 2019 Resources & Reserves and Forward Looking Statements Mineral Resources and Ore Reserves The Mineral Resources information in this presentation is

341 views • 19 slides
Chesapeake Town Hall Congressman Robert C. Bobby Scott Third District of Virginia Tuesday,

Chesapeake Town Hall Congressman Robert C. Bobby Scott Third District of Virginia Tuesday,

Chesapeake Town Hall Congressman Robert C. Bobby Scott Third District of Virginia Tuesday, August 14, 2018 Affordable Care Act Update 2 Before the Affordable Care Act (ACA) Health care cost increases were out of control. You

648 views • 47 slides
L Project Update New Design Recommendations Overall Project Update January 15, 2019 Project

L Project Update New Design Recommendations Overall Project Update January 15, 2019 Project

L Project Update New Design Recommendations Overall Project Update January 15, 2019 Project Overview Sandy Rehabilitation, Core Capacity Improvement, Additional Projects Brooklyn Union Sq 1 Av Mid River Bedford Av Harrison Pl CBH 62

634 views • 22 slides
DIABLO VS HAVANA HOW OPENSTACK HAS MATURED Joe Gordon ABOUT ME Developer @ Full time upstream

DIABLO VS HAVANA HOW OPENSTACK HAS MATURED Joe Gordon ABOUT ME Developer @ Full time upstream

DIABLO VS HAVANA HOW OPENSTACK HAS MATURED Joe Gordon ABOUT ME Developer @ Full time upstream OpenStack developer nova-core ATC since Essex Interested in making OpenStack scale and work contact information jog0 on freenode github.com/jogo

407 views • 39 slides
Who will win this game? by Isabela Ledo Presentation Content . Introduction to the theme: Pros

Who will win this game? by Isabela Ledo Presentation Content . Introduction to the theme: Pros

Image by Laboratrio de Cartografi as Insurgentes Rio de Janeiro 2016 Olympics exploring tensions between global and local demands or Who will win this game? by Isabela Ledo Presentation Content . Introduction to the theme: Pros & Cons

552 views • 44 slides
Towards a High Quality Path- oriented Network Measurement and Storage System David Johnson ,

Towards a High Quality Path- oriented Network Measurement and Storage System David Johnson ,

Towards a High Quality Path- oriented Network Measurement and Storage System David Johnson , Daniel Gebhardt, Jay Lepreau School of Computing, University of Utah www.emulab.net Different Goals for our NMS Many uses for Internet-scale path

358 views • 24 slides

More recommend