* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Cybersecurity - Queen`s Wiki
Survey
Document related concepts
Next-Generation Secure Computing Base wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Wireless security wikipedia , lookup
Airport security wikipedia , lookup
Information security wikipedia , lookup
Cyberwarfare wikipedia , lookup
Operation AntiSec wikipedia , lookup
Cyberattack wikipedia , lookup
Security-focused operating system wikipedia , lookup
International cybercrime wikipedia , lookup
Mobile security wikipedia , lookup
Social engineering (security) wikipedia , lookup
Cybercrime countermeasures wikipedia , lookup
Transcript
That could never happen to me! Think again. • Microsoft reports the ransomware attack rate in Canada is 4x higher than any other country • A recent Anti-Phishing Working Group study states there are more phishing attacks “than at any other time in history” with incidents rising by a massive 250% in 2016. In the media… February 2016 – University of Florida reported that as many as 63,000 records were exposed. March 2016 - Concordia University found hardware devices called keyloggers on some of its workstations. April 2016 - Anonymous attacks Dalhousie University website and others May 2016 – University of Calgary suffers a substantial cybersecurity breach June 2016 –University of Regina attacked September 2016 - Cyberattack cripples Appalaches school board, cancer support group; Data breaches on the scale of Yahoo are the security equivalent of ecological disasters; Four years after a data breach at cloud storage service Dropbox, details of more than 68 million user accounts have reportedly been leaked. Cybersecurity ISAT Student Advisory Committee October 3, 2016 Denise Ernst, ISO Office of the CIO Information Security Officer – Denise Ernst • • • Champion the Information Security Program to reduce risk to Queen’s technology and digital information Promote a security aware culture through awareness campaigns, and community engagement, and process integration. Integrate security throughout Queen’s Events during my first 100 days: BOTS Ransomware Phishing emails Vulnerabilities Network attacks Copyright violations Types of cyberattacks Definition Attack type Malicious software designed to block access to a computer system until a sum of money is paid. A. BOTNET A network of computers commonly used to launch cyber attacks , including denial of service attacks or steal information. Tricking people into giving away account credentials usually through email, phone, or text. B. RANSOMWARE C. PHISHING Be the human shield – report oddities Don’t provide account information online unless absolutely necessary. Don’t click. • ITS will never ask for your NetID password through email or text Use different passwords for each device, website, and application. • Use 2-factor authentication Install reputable security software and apps from reputable sites. Turn on restrictions. Don’t ignore updates. Install them as soon as possible. Turn on features to remotely locate and wipe a mobile device. Encrypt your devices. • ITS offers free encryption service. Never automatically connect to WiFi. Use only trusted, encrypted networks. • If you don’t trust the network use a VPN or trusted hotspot Enhancing cybersecurity @Queen’s Queen’s is making changes to the security of their networks and systems to reduce the risk of a cyberattack. Stage 1 - 2016/2017 Enhance technical capabilities to prevent and detect IT hijack Improve peoples’ ability to protect themselves against security threats Begin to foster a security-aware culture Stage 2 – 2017+ Transition overall cybersecurity practices from REACTIVE to PREVENTATIVE ITS is seeking your support and leadership by example Help champion change • Promote security tips and tricks, events, course material on the ITS website: http://www.queensu.ca/its/security • Follow ITS on Twitter: @ITQueensU • Share and understand the Queen’s security policy and standards: http://queensu.ca/cio/information-security-office • Attend and promote upcoming security information sessions • Reach out, ask questions: http://www.queensu.ca/its/itsc http://queensu.ca/cio/information-security-office • Other ideas??