Embed Size (px)
Citation preview
Importance of Security Awareness
1.Safe guarding confidential Information: In an information-sharing environment, awareness of information security is paramount. Not all information is public. Some information, particularly information that is confidential in nature, must be kept private. 2.Protect sensitive information: Businesses will hold sensitive information on their customers, employees, salary information, financial results, and business strategic plans. 3.If your employee do not know how to maintain confidentiality of information, or how to secure it appropriately, you risk having one of your most valuable business assets –information… •Mishandled •Inappropriately used or •Obtained by unauthorized persons.
Why train employees in IT Security?
1. Attackers look to exploit any weakness they can identify:
Your network and sensitive data are secure only if your employees have good knowledge about IT Security.. Simply addressing the security of your organization's hardware and software is not enough.
2. A Phone call asking for Password: All of your hard work implementing technology to keep out attackers can be thwarted in minutes with a simple phone call to your receptionist impersonating your IT department and asking for credentials to troubleshoot a mysterious "printer issue.“
IT Security is the Key to Your Organization
Why train employees in IT Security?
3. Sensitive Data: It's important to undergo security awareness training to protect against common pitfalls attackers exploit to access sensitive data . 4.Corporate reputation: You also at risk damaging another valuable asset “corporate reputation” if IT security training is not provided to employees.
Regulatory Requirements Compliance
•Organizations face complex requirements to comply with security and privacy standards and regulations around the world.
•For an Financial Organization, its also important to evaluate if their Employees both direct and contracted personals have undergone IT Security training.
Data Controllers are monitored but not the intermediaries:
“People being monitored by regulators under data security laws did not always
count as the “full picture” of those involved. Often people look at the data
controller, but what about all the intermediaries handling and processing data in
any organization? “
- Stephen Deadman, legal head at Vodafone
Regulatory Requirements Compliance
1. Employees must be made aware of laws that are developed, interpreted, and enforced
2. Understand what laws and courts govern particular situations
3. Characterize what duties individuals and entities have to avoid leakage of official data.
4. Review what the dangers are from hacking and identity theft
5. Learn how to protect intellectual property
Benefits of IT Security Awareness
1.Provide better protection for assets by Helping employees recognize and respond appropriately to real and potential security concerns. 2.Improve morale by Providing information that is personally useful to your staff, such as how to avoid scams, fraud, phishing, and ID theft. Information on how to protect home PCs and how to use e-mail and the Internet safely lets employees know that your organization cares about them.
Benefits of IT Security Awareness
3.Save money by Reducing the number and extent of information security breaches. The sooner a breach is identified, the lower the cost of addressing it will be. 4.Reduce the potential for fines and mandatory audits by Improving overall compliance with your organization's information security policies, procedures, standards, and checklists.
We need security awareness
to comply with Laws and
Regulations
We need security awareness
to reduce unpredictable
costs
Security awareness gives us
a competitive advantage
Key Points – Importance of IT Security Awareness
IT security: Stay calm - be resilient http://www.youtube.com/watch?v=XCDRXBbRcdQ FT's Hugo Greenhalgh looks into the nature of IT security. What are the risks? what forms does cybertheft take? William Beer, a director in PwC's information and cyber security practice. Ray Stanton, vice-president of professional services at BT Global Services and Bryan Glick, editor-in-chief of Computer Weekly.
1. President Barak Obama on Cyber threat issues http://www.youtube.com/watch?v=UIIY9AQSqbY
President Obama explains how the growth of digital networks has increased the need to invest in online security, as well as steps individuals can take to protect themselves from online threats.
2. Online Banking, Is It Secure? Identity Theft
There are security flaws with many online banking websites. Learn what holes there may be in your banks security plan http://www.youtube.com/watch?v=idZFgvMRN78
3. Credit card giants hit by breach http://www.youtube.com/watch?v=Le4yq1Bgs3c
Key Facts every employee should know about IT security
Even the best firewall, intrusion prevention system and encryption technology is no match for an employee who has full access privileges. Unless that employee follows your company’s data security policy, he is likely to do something dangerous. So it’s important for every employee to have a good understanding of how important is IT Security.
Nothing stops an Employee who has full access privileges accept your Companies IT Security Policy
Key Facts every employee should know about IT security
1. Cyber crime is big business
Cyber crime is estimated to have a global price tag of $388 billion. $114 billion in actual financial losses $274 billion in lost time, - survey of nearly 20,000 people by Symantec’s Norton unit. Every second, 14 adults fall victim to some form of cyber crime, adding up to over a million victims every day, the survey showed. This is powerful stuff that illustrates the real damage cyber criminals can do
Key Facts every employee should know about IT security
2. IT security is about keeping the business safe IT security is about safeguarding your business and your customers. It has a negative affect on 1. Company growth and 2. Employee salaries The point: All employees have skin in the security game
When data is stolen, or machines are compromised, it can have a large financial impact on the business.
Key Facts every employee should know about IT security
3. Security is about people, process and technology Your employer relies on people, processes, and technology to combat IT Security breaches. Learn what’s being Protected: Technology is there merely to help employees. If employees are unsure about what is being protected, or how, or what the proper processes are, make sure they know to get in touch with IT and request some training. Similarly, if they know about a risk to the business that’s not adequately covered by processes and technology, they should feel free to express it.
Key Facts every employee should know about IT security
4. Passwords are the keys to the kingdom Password reuse and weak passwords are one of the leading cause of “deeper and wider” break-ins – where one compromised system leads to the compromise of others. Changing Passwords often doesn’t help: Changing passwords every month actually doesn’t help that much; it just makes it harder for employees to remember their passwords. A good idea is to use separate passwords for separate systems. Digits and special characters make passwords hard to remember – and yet, something like “s79He9” is a actually fairly easy to break. However, “horse99 was found! today” is very hard to break, and very easy to remember.
Risks involved in storing official documents on cloud
Dropbox case study helps us understand how even companies which caters niche market and gained millions of paying customers are at risk of being hacked and loosing their customer information. Its also a Good example of learning how risky is it to use cloud storage and sharing websites to keep Official documents.
Dropbox.com
Dropbox Success Story
Dropbox was founded in 2007 by Drew Houston and Arash Ferdowsi. Frustrated by working from multiple computers, Drew was inspired to create a service that would let people bring all their files anywhere, with no need to email around attachments. Today, more than 100 million people across every continent use Dropbox to always have their stuff at hand, share with family and friends, and work on team projects.
Dropbox Growth
What Dropbox does?
Dropbox is a file hosting service that offers cloud storage, file synchronization, and client software. Dropbox allows users to create a special folder on each of their computers, which Dropbox then synchronizes so that it appears to be the same folder (with the same contents) regardless of the computer it is viewed on. Files placed in this folder are also accessible through a website and mobile phone applications. Global growth
1. Dropbox has more than 100,000,000 users. ( 100 Million)
2. People save one billion files to Dropbox every 24 hours.
3. Dropbox is offered in eight languages: English, Spanish, Castilian Spanish, French, German, Japanese, Korean, Italian.
4. Dropbox has paying customers in over 200 countries.
•In July 2012 Dropbox
was hacked leading to
thousands of login
names and passwords
being stolen.
•The hackers also sent
many spam mails to
Dropbox customers.
•Dropbox decided to
improve their security
features by offering two
factor authentication.
Dropbox had three security breach in 2 years. Dropbox has become a problem child among chief information officers. Already, at CloudBeat 2011, Dropbox’s big security snafu in June of that year was one of the most oft-cited examples of the security risks in moving to the cloud. These CIOs are busy scrutinizing cloud services to make sure they are safe for adoption. CIOs are giving the green light to applications that are served online, especially if they play safely, and behind the firewall
Security Risks in moving to cloud
One in five employees use Dropbox for work documents: report
According to enterprise storage firm Nasuni (Gigaom) one out of five of 1,300 surveyed business users say they use the consumer cloud-storage and synchronization service to share work documents, even though businesses and corporations disallow such a practice through their company's own IT policies.
http://www.dallasnews.com/business/headlines/20100201-PlainsCapital-suing-customer-Hillary-Machinery-over-5406.ece
The suit, however, has one gaping flaw that perhaps PlainsCapitals lawyers have missed: If their security procedures had been adequate, nobody could have stolen Hillary’s money in the first place.
This Case Study shows why companies in BFSI Sector has •Does employee background screening •Strict IT Security policies •Constantly monitors them while on Job.
GWA – Software worth $10 Million stolen by Contract Employee
A computer programmer who worked for the Federal Reserve Bank of New York was sentenced to six months of home confinement after he admitted in May to stealing proprietary computer software from the bank..
Federal Reserve Bank of New York
The computer software is used principally to help track the U.S. government’s finances and is owned by the U.S. Department of Treasury. It cost about $9.5 million to develop.
GWA – Software worth $10 Million stolen by Contract Employee
Federal prosecutors alleged that Bo Zhang, 33 years old, illegally copied code for a software system known as the Government-wide Accounting and Reporting Program He was working as a contract employee for the Fed in summer 2011 and transferred it to his home computer, a personal laptop and his private office computer.
•Shell is the world’s third-largest oil company and fourth largest corporation by revenue.
• It launched plans to outsource nearly IT 3,200 jobs as part of a corporate-wide cost-cutting program.
•The company expects to save nearly $500 million a year through these organization changes. - Baseline Mag
Security Problems with outsourcing
Shell was using a third party agency to conduct a data indexing project for the company, when one of the employees of the contracted agency, swiped the information of several current and former Shell employees.
The third party employee used the social security numbers of four Shell employees to file for unemployment benefits. Once Shell discovered the misuse of employee information, the company investigated the source of the unemployment filings.
Security Problems with outsourcing
•After tracing the source of the applications to the third party vendor, the vendor fired the employee and Shell fired the vendor.
•Like most companies that outsource work, Shell requires all contract employers and outside vendors to sign confidentiality agreements before allowing them to start work.
•Shell also runs background checks on all contract workers.
•Even with all of the security checks and confidentiality agreements, Shell’s security was breached.
Shell Headquarters, London
Why Monitor Employees?
Top 5 Reasons that Companies Monitor
Employees Activities
• Legal Compliance
• Legal Liability
• Performance Review
• Productivity Measures
• Security Concerns
Employer Policy & Procedures for Personal Cell Phone Use
Limits on Personal Cell Phone usage:
1. Since Mobile phone usage is unavoidable, many companies place limits on personal cell phone use to calls they consider important and be ethical, asking them to limit calls to real emergencies.
2. Companies also institute rules regarding respect for others and talk with out disturbing others.
3. Employees are not allowed to take pictures from their mobile phones due to privacy issues. ( unless permitted)
4. Since there are possibilities that Employees could take Photos of confidential documents, some companies ban employees with such camera phones.
IBM has banned the use of Apple’s Siri virtual assistant
Apple’s Siri is a security risk for anyone dealing with confidential information since the voice commands are sent to Apple for translation into text, making it possible to intercept those commands.
If privacy and security rank high on your list of priorities, you may want to avoid requesting help from Apple’s Siri voice-controlled virtual assistant. -IBM Chief Technology Officer Jeanette Horan having banned the use of Siri and a number of other commercial products (like Dropbox) by IBM employees.
Stolen Laptop Affects 30,000 Patients
The University of Texas MD Anderson Cancer Center is notifying 30,000 patients of a data breach after an unencrypted laptop was stolen from a faculty member's home.
According to an M.D. Anderson release, data on the computer included: • Medical record numbers • Patient names • Social Security numbers and • Treatment and research information
NASA IT Security
The NASA IT Security (ITS) Division within the Office of the Chief Information Officer strategically manages Agency-wide security projects 1. To correct known vulnerabilities 2. Reduce barriers to cross-Center
collaboration, and 3. Provide cost-effective IT security
services The ITS Division ensures that information technology security across NASA meets •Confidentiality •Integrity and •Availability objectives for data and information to include disaster recovery and continuity of operations for systems.
The NASA IT Management Board meeting at Headquarters in Washington. All the Center CIOs and Deputies are discussing issues related to I3P, Strategic Plans, Governance, Nebula, collaboration, and NASA Open Gov.
Stolen NASA Laptop Puts ‘Large Number’ of Employees at Risk
1. A Laptop was stolen from an employee’s locked vehicle, exposing records of personal information on a “large number” of NASA employees. 2.The laptop was not protected by whole disk encryption, putting an undisclosed number of employees at risk for identity theft and other abuses of personal data. 3.NASA has enacted new policies to protect employee and other sensitive information. 4. Time taken to Notify the victims: NASA has hired a service provider to handle disclosure and provide identity monitoring and recovery services to affected employees. NASA said it could take up to 60 days for all individuals involved to be notified.
What is Social Engineering?
Social engineering, in the context of security, is the art of manipulating people into performing actions by making them give out confidential information. While it is similar to a confidence trick or simple fraud, it is typically trickery or deception for 1. The purpose of information gathering
2. Computer system access
3. In most cases the attacker never comes
face-to-face with the victims.
What is Social Engineering?
•Social engineering is the art of getting people to tell you stuff that they usually wouldn’t disclose, through the use of words and your appearance.
•A good Social engineer, can make people believe nearly anything. They can play around with works and make up reveal all your Secrets.
Examples of social engineering exploits:
•Identifying themselves as executives, will telephone a new system administrator and demand access to their account IMMEDIATELY!
•An attacker will sift through your paper trash (also known as “dumpster diving”), looking for clues to unlock your IT treasures or financial life.
A Great Password
Whether it's a few PCs/Laptops or hundreds on your network, There's one thing that can separate your system from being compromised: A great password.
Make sure you don’t use the password which is everyone uses
Make sure you're not using one of these passwords An analysis of hacked Yahoo accounts reveals some interesting trends in commonly-chosen passwords. "123456" is at the top of the list, followed by "qwerty," "welcome," "ninja," and abc123." If these sound like passwords of yours, it's time to make a change.
Courtesy – Business Insider
Make them long
Courtesy – Business Insider
Longer passwords are obviously harder to crack. Make sure you're consistently exceeding the minimum length requirement on passwords that you pick. Good suggestion would be 11 to 16 Alpha Numeric Password
Here's an easy way to remember a complicated password
Courtesy – Business Insider
Make sure you're using a relatively complex password while having no problem remembering it. I always tell people to use a sentence. I drive a 1978 Volkswagen! = IDA78VW! Or Living At Home Since 1972 = L@HS72"
Don't use the same password for everything
Courtesy – Business Insider
If someone successfully cracks one password, it'll be the first password he guesses for your next web service. Make sure you're using several different passwords to prevent this from happening.
Decide what information you want private
The first step in managing your data privacy is determining which information you want to keep private. You’ve heard lots of privacy recommendations 1. Don’t share your passwords
2. Don’t put embarrassing information or
photos online
3. Don’t reveal companies financial data to other departments
But only you can decide what pieces of information you actually care about keeping private.
Next step is taking action to protect that information
Once you’ve decided what information you want kept private, the next step is taking action to protect that information. This means 1. Securing your devices so they don’t get
Malware /Virus etc
2. Personalizing the privacy settings on your accounts
3. Using strong passwords, and
4. Making sure your flash drives other devices you store information are safe with you or authorized staff.
70 per cent of security breaches using Pen Drives: Indian Army/IAF
Pen drives are responsible for over 70 per cent of security breaches and are a major threat in defense forces, the Army officials said. "These pen drives, which are mostly manufactured in China, have emerged as a big threat to our cyber security systems," they said.
70 per cent of security breaches using Pen Drives: Indian Army/IAF
New cyber security guidelines in Indian Army 1. Army headquarters are tightening their cyber
security to protect themselves from such breaches and hacker attacks
2. IAF has instructed officials to not have any official data on their personal computers and pen drives.
3. Officials use pen drive to store official data for use at their personal computers but from there, it is transmitted from their IP addresses to hackers from the 'malware' present in the pen drives.
4. About a couple of years ago, system of a Major posted in Andaman and Nicobar Islands was hacked and spying viruses transferred the information to other computers
Restricting the use of pen drives and PowerPoint presentations is the key to preventing the cyber invasion against India according to Chief of Army Staff General Bikram Singh.
The envelope contained an encrypted flash drive with 1. Employee personal
identity and 401K data and
2. A sheet of paper containing the decryption key.
Chances of Malware in Flash drive causes risk of data getting transferred to hackers
An employee email policy can help protect your business
1.Personal use of the email system: Explain whether employees can use email for personal messages. If you place any restrictions on personal messages (for example, that employees can send them only during non work hours, must exercise discretion as to the type of messages sent, or may not send personal messages with large attachments), describe those rules. 2.Monitoring: Reserve your right to monitor employee email messages at any time. Explain that any messages employees send using company equipment are not private, even if the employee considers them to be personal. 3.Rules: Make clear that all of your workplace policies and rules -- such as rules against harassment, discrimination, violence, solicitation, and theft of trade secrets -- apply to employee use of the email system. Remind employees that all email messages sent on company equipment should be professional and appropriate.
No Corporate Email Services are 100 % secured
Epsilon security breach exposes thousands of email addresses Epsilon provides email services for Best Buy, Capital One, RitzCarlton rewards, JP Morgan Chase, Capital one and Citi. 1. Epsilon has confirmed the unauthorized entry into an email system on March 31,2011
resulted in the loss of email addresses and customer names only.
2. There was no loss of personally identifiable information, such as social security numbers, credit card details or customer account information.
3. Epsilon said the incident affected around 2 per cent of its client base.
4. The company claims to be the world's largest permission-based email marketing provider, sending over 40 billion emails annually on behalf of more than 2500 clients.
No Corporate Email Services are 100 % secured
Sony PlayStation Network security breach exposes millions of accounts
Hackers stole personal data, including credit card numbers, belonging to over 77million customers of Sony's PlayStation Network and Qriocity music service According to a company spokesman, "Between April 18 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into network. Account information stolen includes 1. Name, 2. Address (city, state, zip), 3. Country, email address, 4. Birthdate, 5. PlayStation Network/Qriocity password and login, and 6. Handle/PSN online ID.
Sony PlayStation Network security breach exposes millions of accounts
In a statement, Nick Caplin, Sony Europe’s head of communications added: ‘While there is no evidence credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data, to be on the safe side we are advising you your credit card number – excluding security code – and expiration date may also have been obtained.’ ‘We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.’ Sony is urging users to be ‘especially aware’ of email, phone and postal scams requesting personal information.
VeriSign Network security breach
The fact that these organizations are breached despite taking extraordinary measures to protect themselves means
that businesses should recognize that these kinds of breaches will continue.
Always report about security breaches to management
Is your password for Facebook, Twitter, VPN, Email, Bank, Amazon = PwnM3? http://www.youtube.com/watch?v=vVzMtqwyJ5w
2. Sony Playstation Network Hacked ! - Sky News Report - PS3 70 Million Hack By Anonymous http://www.youtube.com/watch?v=t1M5OXEFvVs
3. Social Engineering In Action 2 http://www.youtube.com/watch?v=-kW1DPPp1VQ
4. Epsilon Breach Could Lead to Spear Phishing. Robert Siciliano for @McAfee https://www.youtube.com/watch?v=RC9FEbWlZ2g
Social networking fuels concerns over data loss, security breach
• Data loss: A new study by an email security firm found
many companies are experiencing data loss and security breaches because of employees' social networking use.
• Confidential information leaks: 20 % of respondents said they investigated
the release of confidential information through a post on a social networking site.
• Social Networking policy violation: The survey found 7 % of respondents had
terminated an employee for violating social networking policies and 20 percent had at least disciplined an employee.
• Sites that most concerned the companies were Facebook and LinkedIn, which were cited by 53 percent of respondents.
Facebook has addressed a security concern enabling anybody to access accounts.
“A friend forward an email from a FB group notification. Something like: http://www.facebook.com/n/?groups%[id here]%2Fpermalink%[id here]%2F&mid=[id here]&bcode=[id here]-mjoi&n_m=[email adress here
"When I clicked the url I got automatically logged into my friend's account. So is definitely a Facebook security issue. Then I tried some searches to see if I could find some urls containing the parameters: bcode= &email= n_m= mid=.“ Various ids out of 1.3 million listed were able to Login.
Facebook has secured the breached accounts and temporarily disabled the feature at fault, at least until users' safety can be ensured.
Facebook’s phenomenal rise: In nine years.
Twitter Security Breach
We’re committed to keeping Twitter a safe and open community. In instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users. - Twitter
Linkedin Security Breach
Massive data breach exposes 6.5 million LinkedIn passwords
Ning Security Breach
1. Social networking company Ning is reportedly suffering from security problem that could affect 100 million users.
2. Three students from the junior college Media College Amsterdam (MA) together discovered five security holes in Ning.
3. The platform which has over 90,000 networks going and over 100 million accounts suffered a major security breach by cookie-injection that left 100 million users accounts exposed.
Section 66A of the IT Act is a relevant section which penalizes ‘sending false and offensive messages through communication services’.
Cyber Law in India - Section 66A of the IT Act
Any person who sends, by means of a computer resource or a communication device,— a)Any information that is grossly offensive or has menacing character or b)Any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device. c)Any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages. Punishment - Imprisonment for a term which may extend to three years and with fine.
New Changes: Applying section 66A of IT Act to require top cops' approval
1. Experts feel section 66A is worded such that its interpretation borders on the vague, leaving the law open to misuse.
2. It has been decided that the telecommunications department will issue guidelines to all states that any case under Section 66A can be filed only after a senior police officer's approval.
3. The step was welcomed by information technology activists attending the Cyber Regulation Advisory Committee meeting.
Indian Facebook users arrested, Questions about India’s cyberlaws
Security Skills Shortage Places IT at Risk
•IT security practitioners consider that the shortage of qualified information security personnel places many organizations at greater risk.
•This leads to attack and exposure to other vulnerabilities that threaten the security of IT systems and data. "I've had one period of time where my program was severely impacted for close to a year due to the inability to find quality candidates to fill information security positions,“ - Marc Noble, vice chairman of the Cybersecurity Certification Collaborative and former chief information security officer at the Federal Communications Commission.
Security Skills Shortage Places IT at Risk
Shortage means organizations are hiring people who don't have the right cybersecurity skills. "We are seeing lots of people proclaim they are security professionals, but do not have the skills, education or experience ...”
"The lack of security professionals means that there is a greater risk of breaches of information for organizations without security professionals there to ensure that external and internal infrastructure is secure and that information in general is well protected." - Daniel Miller, national practice leader in Grant Thornton's cybersecurity and privacy business advisory service.
Security Skills Shortage Places IT at Risk
Percent of respondents that say IT Security skills shortages inside their organizations negatively affects their ability to defend against cyber threats: Large companies : 32 percent Midsize companies : 39 percent Small companies : 29 percent
5 Most In-Demand Security Skills
"Every year the number of threats and the sophistication of those threats escalate," says Alice Hill, managing director at Dice.com. "It's a battle that will only continue to increase, making cybersecurity positions a priority within organizations."
5 Most In-Demand Security Skills
1. Cybersecurity: Plagued by cyber criminals and attackers, organizations seek experts who can operate and collect meaningful cybersecurity information that could be used to develop intelligence to protect and defend systems. These experts are in high demand because they specialize in Cyber operations, which include 1. Identifying 2. Analyzing and 3. Mitigating threats.
5 Most In-Demand Security Skills
2.Data Security: Technological advancements in •Smart phones, •Mobile apps and •Transition to cloud environments push the demand for practitioners who can effectively secure data and storage capabilities for organizations. Organizations continue to push data closer to the user, who wants easy access to data. "But it's hard to have data be both easy and secure.“ Professionals need to possess knowledge of privacy and data protection policies globally.
5 Most In-Demand Security Skills
3.Application Security: The main reason driving demand for Application Security is the 1. Complexity of applications
2. Explosive growth in the mobile
device market.
3. Applications today tend to be larger in size and organizations expect more from them in terms of
• Accessing data • Processing transactions • Storing credit information and • other sensitive data.
5 Most In-Demand Security Skills
4. Security Analyst : With the proliferation of networks and more skilled hackers, security problems have intensified. As a security analyst, you need to have an up-to-date understanding of the security measures at all stages of the informatics systems life cycle, and a thorough understanding of: 1. IT business management 2. Quality management and 3. Risk management.
5 Most In-Demand Security Skills
5. Network Security: 1.Gain a comprehensive understanding of networking protocols and security concepts 2.Develop key skills in areas as service setup and maintenance, workstations, hardware, and ethics 3.Pick up skills that today's employer is looking for: 1. Good communication skills 2. Dependability and 3. Ability to work as part of a team
Thank You
Session 4 videos
1.Dos and Don'ts when using social networks http://www.youtube.com/watch?v=hqezbib5qpQ 2. 12 tips to keep your Facebook account safe and changes in Cyber law – section 66 A http://www.youtube.com/watch?v=zTr8fCEEqus 3. Social Media Policy A short video for staff of the Department of Justice (Victoria, Australia) explaining the key elements of their social media policy. http://www.youtube.com/watch?v=8iQLkt5CG8I
