2011 Cyber Security & Social Technology презентация

Содержание

Donald E. Hester CISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+, CTT+ Director, Maze & Associates University of San Francisco / San Diego City College www.LearnSecurity.org | www.linkedin.com/in/donaldehester

Слайд 12011
Cyber Security &
Social Technology

Слайд 2Donald E. Hester
CISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+,

CTT+
Director, Maze & Associates
University of San Francisco / San Diego City College
www.LearnSecurity.org | www.linkedin.com/in/donaldehester | www.facebook.com/LearnSec | www.twitter.com/sobca
DonaldH@MazeAssociates.com

Слайд 3Rev2/28/2011
© 2011 Maze & Associates

Слайд 4Pervasive By Nature
Rev2/28/2011
© 2011 Maze & Associates

Слайд 5Social Tech Issues
Rev2/28/2011
© 2011 Maze & Associates

Слайд 6MARKETING & BRANDING USES

Rev2/28/2011
© 2011 Maze & Associates

Слайд 7Brand Protection - Concerns
Fear of losing control
Fear of losing customers
Fear of

losing money
Fear of customers speaking up
Avoiding social media
Fear of the unknown
Thinking it is a fade
Not understanding social media
How will you measure impact


Rev2/28/2011

© 2011 Maze & Associates

Слайд 8Brand Issues
Rev2/28/2011
© 2011 Maze & Associates

Слайд 9Monitor Social Media for your Brand
Rev2/28/2011
© 2011 Maze & Associates

Слайд 10Social Shopping
Rev2/28/2011
© 2011 Maze & Associates

Слайд 11How to get started
Social Technology
The train has left the building, are

you on it?
Get informed
Get help (technical and soft skills)
Develop a social media marketing strategic plan
Create short term goals
Execute and Adapt

Rev2/28/2011

© 2011 Maze & Associates

Слайд 12Marketing
Manger's Guide to Social Media
by Scott Klososky
The FaceBook Era
by

Clara Shih
Facebook Marketing: An Hour a Day
by Chris Treadaway and Mari Smith
New Rules of Marketing and PR
by David Meerman Scott
The Zen of Social Media Marketing: An Easier Way to Build Credibility, Generate Buzz, and Increase Revenue
by Shama Kabani and Chris Brogan

Rev2/28/2011

© 2011 Maze & Associates

Слайд 13Establish Brand in Social Media
Rev2/28/2011
© 2011 Maze & Associates

Слайд 14Market Saturation
Rev2/28/2011
© 2011 Maze & Associates

Слайд 15Integration
Rev2/28/2011
© 2011 Maze & Associates

Слайд 16Deceptive Marketing
Rev2/28/2011
© 2011 Maze & Associates

Слайд 17Endorsements
If you are being paid to endorse a product, you must

make that clear to consumers.


Rev2/28/2011

© 2011 Maze & Associates

http://www.ftc.gov/opa/2009/10/endortest.shtm

Слайд 18HUMAN RESOURCES USES

Rev2/28/2011
© 2011 Maze & Associates

Слайд 19Social Media Uses in HR
The use of social media outside of

personal lives has increased and continues to increase
Concern that potential employers will misconstrue what is seen
Used for monitoring current employees
Used for screening job applicants
Employees see it as a good way to “get to know” the applicant

Rev2/28/2011

© 2011 Maze & Associates

Слайд 20
http://www.ajc.com/news/barrow-teacher-fired-over-733625.html
Rev2/28/2011
© 2011 Maze & Associates

Слайд 21
http://www.dailyfinance.com/story/media/facebook-spying-costs-canadian-woman-her-health-benefits/19250917/
Rev2/28/2011
© 2011 Maze & Associates

Слайд 22
Rev2/28/2011
© 2011 Maze & Associates
http://smallbiztrends.com/2009/09/social-media-background-checks.html

Слайд 23Horns of a dilemma
If employers use social media to do background

checks on employees
The company is open to discrimination charges
The candidates is vulnerable to discrimination

Rev2/28/2011

© 2011 Maze & Associates

Слайд 24Horns of a dilemma
If employers don’t use social media to do

background checks on employees
The company is open to negligent hires
Good candidates are missed
Bad candidates are hired

Rev2/28/2011

© 2011 Maze & Associates

Слайд 25Use of Social Media at Work
Does your company have a social

media policy?
How much time do employees use social media?
Does it effect employee productivity?
How much cross over between work / home life?

Rev2/28/2011

© 2011 Maze & Associates

Слайд 26PERSONAL USES

Rev2/28/2011
© 2011 Maze & Associates

Слайд 27Computer Security: Malware
Rev2/28/2011
© 2011 Maze & Associates

Слайд 28Online Privacy
Do you have control of what is posted?
Not all fame

is good!
People use anonymity to post stuff about others!
Embarrassing, loss of credibility

Rev2/28/2011

© 2011 Maze & Associates

Слайд 29Information about you online
Do I have control of what is posted

about me?
Look yourself up!
All but one of these is about me.
One of these I was completely unaware of.
Even if you are not on the web, you may be on the web!
Do what you can to control what is out there.
What is you social relevancy (Reputation)?

Rev2/28/2011

© 2011 Maze & Associates

Слайд 30Sony Play Station Network Breach
Rev2/28/2011
© 2011 Maze & Associates

Слайд 31SOCIAL MEDIA & POLITICS

Rev2/28/2011
© 2011 Maze & Associates

Слайд 32Elections
Rev2/28/2011
© 2011 Maze & Associates

Слайд 33Social Media and Politics
Rev2/28/2011
© 2011 Maze & Associates

Слайд 34IDENTITY THEFT

Rev2/28/2011
© 2011 Maze & Associates

Слайд 35Social Media (Web 2.0)
Services are extremely popular and useful
Almost a must

today, (if you are not in, you are out)
People post too much information about themselves or their kids
Be aware of your aggregate information
The key is to be aware of what you are sharing

Rev2/28/2011

© 2011 Maze & Associates

Слайд 36Online Privacy
Would you invite a stranger into your house to look

at your children's photo album?
Public v. Private
Aggregate information sources could give someone more information than intended.

Rev2/28/2011

© 2011 Maze & Associates

Слайд 37Situation
Why does someone want your personal information?
In an information age information

becomes a commodity
Information has a value
Some information has a greater value
Your personal information is potentially worth more than you think

Rev2/28/2011

© 2011 Maze & Associates

Слайд 38What is PII
Personally Identifiable Information
Name and account number
Name and social security

number
Name and address
Credit Card Number
Where you might find it
Tax files
Account Statements
Records (Medical, Public and other)
Businesses you do business with

Rev2/28/2011

© 2011 Maze & Associates

Слайд 39ID Theft vs. ID Fraud
“Identity fraud," consists mainly of someone making

unauthorized charges to your credit card.
“Identity theft,” is when someone gathers your personal information and assumes your identity as their own.

"Identify theft is one of the fastest growing crimes in the US."
John Ashcroft
79th US Attorney General

Rev2/28/2011

© 2011 Maze & Associates

Слайд 40March 20th 2001, MSNBC reported the first identity theft case to

gain widespread public attention
Thief assumed the identities of Oprah Winfrey and Martha Stewart, took out new credit cards in their names, and accessed their bank accounts
Stole more than $7 million from 200 of the world’s super rich - Warren Buffet and George Soros, tech tycoons Paul Allen and Larry Ellison
Used a library computer, public records, a cell phone, a fax machine, a PO Box, and a copy of Forbes Richest People
32-year-old Abraham Abdallah was described as “a high school dropout, a New York City busboy, a pudgy, disheveled, career petty criminal.”

The Busboy That Started It All

Rev2/28/2011

© 2011 Maze & Associates

Слайд 41ID Theft & Fraud
PII exposed by others (Data Breaches)
PII exposed by

ourselves (online & others)
Malware (Spyware, Viruses, etc…)
Social Engineering
Phone
Internet (Phishing, social websites etc…)
In Person (at your door, in a restaurant etc…)
Physical theft
Mail box
Trash (Dumpster diving)
ATMs (skimming)
Home break-ins

Rev2/28/2011

© 2011 Maze & Associates

Слайд 42What do they do with stolen IDs?
Rev2/28/2011
© 2011 Maze & Associates

Слайд 43Drug Trafficking and ID Theft
Meth users see mail theft and check

washing as a low risk way to pay for their habit.
The same chemicals used in Meth production are used in check washing.
Meth users, dealers and fraudsters are partners in crime.

Rev2/28/2011

© 2011 Maze & Associates

Слайд 44FTC 2009 Stats
Top counties with ID theft
Solano County 18 out of

375
Average per victim loss
$10,000
Total complaints filed in 2009
1.3 Million

Rev2/28/2011

© 2011 Maze & Associates

FTC http://www.ftc.gov/opa/2010/02/2009fraud.shtm

Слайд 45HOW MIGHT YOU EXPOSE YOUR PII
Rev2/28/2011
© 2011 Maze & Associates

Слайд 46Watch what you put online
Rev2/28/2011
© 2011 Maze & Associates
http://www.youtube.com/watch?v=Soq3jzttwiA

Слайд 47Can someone use what you post against you?
Rev2/28/2011
© 2011 Maze &

Associates

Слайд 48P2P (Peer to Peer file sharing)
Napster used to fit in this

category
Used to ‘share’ computer files
Legal issues with copyright
Malware issues, often the P2P software will install adware or tracking software.
Privacy issues, do you know what you are sharing?

Rev2/28/2011

© 2011 Maze & Associates

Слайд 49HOW BAD GUYS MIGHT GET YOUR PII

Rev2/28/2011
© 2011 Maze & Associates

Слайд 50Malware
Malware (Viruses, Worms, Spyware, etc…)
1999 Melissa, Kevin Mitnick,
2000 Mafiaboy, DoS

Assault,
2001 Code Red, Nimda,
2002 Root Rot, Slapper,
2003 SQL Slammer,
2004 MyDoom, BerBew,
2005 Samy (MySpace),
2007 Storm Worm, Botnets, etc..

Malware has cost trillions of dollars in the last decade

Rev2/28/2011

© 2011 Maze & Associates

Слайд 51Viruses
In the past they were primarily destructive
Today they focus on stealing

information
Using your computer as a Bot (Zombie) to send out SPAM

Rev2/28/2011

© 2011 Maze & Associates

Слайд 52Phishing: Internet Fraud
Oldest trick in the book, there are examples in

the 1500s
One particular fraud is called the “Nigerian 419” scam or “Advanced Fee Fraud”
Started as a letter, then it showed up in faxes and now it is sent by email.
Many variations on the story the message contains

http://www.secretservice.gov/fraud_email_advisory.shtml

Rev2/28/2011

© 2011 Maze & Associates

Слайд 53

Rev2/28/2011
© 2011 Maze & Associates

Слайд 54Phishing Example
Rev2/28/2011
© 2011 Maze & Associates

Слайд 55Spyware
Rev2/28/2011
© 2011 Maze & Associates

Слайд 56Cell Phone Spyware
Rev2/28/2011
© 2011 Maze & Associates
http://www.youtube.com/watch?v=uCyKcoDaofg
http://news.rutgers.edu/medrel/news-releases/2010/02/rutgers-researchers-20100222
http://www.youtube.com/watch?v=UZgf32wVTd4

Слайд 57Physical theft
Dumpster diving
ATM – Credit Card skimming
Mailbox
Home Break-in

Rev2/28/2011
© 2011 Maze &

Associates

Слайд 58Close to Home
Rev2/28/2011
© 2011 Maze & Associates

Слайд 59“Lock Bumping”
http://cbs11tv.com/seenon/Bump.Key.Safety.2.499252.html
Rev2/28/2011
© 2011 Maze & Associates

Слайд 60ATM Skimming
Rev2/28/2011
© 2011 Maze & Associates
http://www.youtube.com/watch?v=m3qK46L2b_c

Слайд 61Credit Card Skimming
Rev2/28/2011
© 2011 Maze & Associates

Слайд 62Credit Card Skimming Stats
SOURCE: CALIFORNIA RESTAURANT ASSOCIATION, VISA USA, UNITED STATES

SECRET SERVICE

Rev2/28/2011

© 2011 Maze & Associates

Слайд 63Credit Card Skimming Stats
SOURCE: CALIFORNIA RESTAURANT ASSOCIATION, VISA USA, UNITED STATES

SECRET SERVICE

Rev2/28/2011

© 2011 Maze & Associates

Слайд 64HOW OTHERS MIGHT EXPOSE YOUR PII
Rev2/28/2011
© 2011 Maze & Associates

Слайд 65How others might expose your PII
Data Breach
Lack of security on the

part of businesses
Organization may post information online
Loss of a laptop, hard drive or paper work
Data loss by a third party
Hacker (Organized Crime & Nation State)
Organizations may break into your computer

Rev2/28/2011

© 2011 Maze & Associates

Слайд 66Sony PlayStaion Network Breach
Rev2/28/2011
© 2011 Maze & Associates

Слайд 67Public Records
Rev2/28/2011
© 2011 Maze & Associates
“The federal government is the biggest

offender.”
Paul Stephens
Privacy Rights Clearinghouse

Слайд 68Others losing your ID
4.2 million customer card transactions were compromised by

hackers

Rev2/28/2011

© 2011 Maze & Associates

Слайд 69Unknown Exposure
Rev2/28/2011
© 2011 Maze & Associates

Слайд 70Top 10 Largest Breaches*
Rev2/28/2011
© 2011 Maze & Associates
*Top ten data breaches

as of 22 Feb 2010. Data provided by DataLoss db.
725,797,885 breached records out of 2466 reported incidents.

Слайд 71Repeat Offenders*
Rev2/28/2011
© 2011 Maze & Associates
*As of 22 Feb 2010. Data

provided by DataLoss db.
725,797,885 breached records out of 2466 reported incidents.

Слайд 72Sony Root kit
Sony, in its efforts to preserve control over its

product, installed root kits on consumers computers
Consumers were not aware it was installed (on copy-protected CDs)
Gave Sony and potentially hackers the ability to remotely control your computer
Removal of software disabled CD drives on consumers computers

http://www.cnet.com/4520-6033_1-6376177-1.html?tag=nl.e501

Rev2/28/2011

© 2011 Maze & Associates

Похожие презентации

Эконом-упаковка капсул "Добранич" 197
Разработка и технологии производства рекламного продукта. Особенности, теория и практика 286
Бренд Levi Strauss 685
Инструкция по работе с google analytics 307
Project: Global Social Media Plan // April Topic: Easter Rabbit Format: image Date: 16 April 178
Фильм Остров проклятых 679

Обратная связь

Если не удалось найти и скачать презентацию, Вы можете заказать его на нашем сайте. Мы постараемся найти нужный Вам материал и отправим по электронной почте. Не стесняйтесь обращаться к нам, если у вас возникли вопросы или пожелания:

Email: Нажмите что бы посмотреть 

Что такое ThePresentation.ru?

Это сайт презентаций, докладов, проектов, шаблонов в формате PowerPoint. Мы помогаем школьникам, студентам, учителям, преподавателям хранить и обмениваться учебными материалами с другими пользователями.

Для правообладателей

Яндекс.Метрика