TH THE WEAKEST ST LINK IN CY CYBER ER SECU SECURITY TY 1 - - PDF document

th the weakest st link in cy cyber er secu security ty
SMART_READER_LITE
LIVE PREVIEW

TH THE WEAKEST ST LINK IN CY CYBER ER SECU SECURITY TY 1 - - PDF document

Oct 10, 2022 7 likes •67 views

11/4/19 TH THE WEAKEST ST LINK IN CY CYBER ER SECU SECURITY TY 1 Introduction In Ren Sloos - MCT, MCSE, CNE, CSSA Technical Account Manager at Bulletproof IT Managed Service Provider for ~70 organizations Municipalities

slide-1
SLIDE 1

11/4/19 1

TH THE WEAKEST ST LINK IN CY CYBER ER SECU SECURITY TY

1

In Introduction

  • René Sloos - MCT, MCSE, CNE, CSSA
  • Technical Account Manager at Bulletproof IT
  • Managed Service Provider for ~70 organizations
  • Municipalities
  • Oil & Gas
  • Medical
  • Accounting
  • Construction

2

Source: SonicWall 2019 Cyber-Threat-Report mid-year update

3

slide-2
SLIDE 2

11/4/19 2

Ge Georgia hit by Cyber Attack

A huge cyber-attack has knocked out more than 2,000 websites, as well as the national TV station - in the country of Georgia. Source: bbc.com October 28, 2019

4

Ot Other examples

  • Crypto virus wipes server

and USB Backup

  • Email Hijack
  • Clients vendor sent a bill
  • Clients CFO sent malicious

payment instructions

5

Ha Hacked public sites 2018 -2019 2019

Source: Wikipedia – List of Data Breaches

6

slide-3
SLIDE 3

11/4/19 3

Wh What’s the process?

  • Public sites get hacked
  • Account information is collected

and sold on the Dark Web

  • Accounts are researched
  • Company sites
  • Social Media
  • Information is used to hack

accounts using similar passwords

7

Ho How to avoid it?

  • Better password hygiene
  • Use a multi-level protection strategy
  • Have a multi-level backup strategy
  • Train your users

8

Be Better er Pas assword d Hygi giene ene

  • Use unique passwords for every account
  • Use a password manager (i.e. Lastpass)
  • Implement 2-Factor authentication
  • Do not write down passwords on stickies

9

slide-4
SLIDE 4

11/4/19 4

Mu Multi Level Protection Strategy

  • Implement Firewalls with Active

Security subscriptions

  • Implement a Cloud Security

Solution

  • Implement centralized End-Point

AV Solution

  • Monitor the network for signs of

encryption

10

Mu Multi Level Backup Strategy

  • Implement Volume Shadow

Copies on Windows Servers

  • Create a local backup to a NAS

(not USB connected)

  • Cloud backup

11

Tr Train your users

  • Train the “Human Firewall”
  • Monitor training completion
  • Measure progress by testing

your users

12

slide-5
SLIDE 5

11/4/19 5

Tr Train your users

  • Do your users know the difference?
  • Phising
  • Smishing
  • Vishing
  • Implement external message warning

13

Sec Security y Tips

  • Improve the strength of your password
  • Use passphrases
  • Never use personal or obvious information in

your password

  • Never use the same password for multiple

accounts

  • Use a password manager (i.e. Lastpass)
  • Check if your account has been compromised

14

htt https://haveibeenpwned.com/

15

slide-6
SLIDE 6

11/4/19 6

Pr Products we use to keep our cl clients protect cted

16

Wh What is the weakest st link in Cy Cyber ber Sec ecur urity?

Systems Process Users

17

Qu Questions?

SAVING TIME. SAVING MONEY. SAVING YOU.

18