Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Robert Zellers/Director of IT Security
IDG/CSO50 ParticipantsSpecial Thank You
For your assistance !!
VisionariesCIO-Roderick Houpe &
DCIO-C. Curtis Timmons
Special Thank You for the guidance in the creation of the Security Department
Department of Information Technology
Security Division Members
Carlos Artagos VI Russell MonkJohn Erne Stacy Clark-Warren
Special Thank you to Micheale Eccleston
Payroll Department & Jerry Krane (Intellinet)
Demographics
• 7500 Employees• 39,000 Students• 104 Buildings• 84.1 Square Miles• $1.5 Billion- Budget 2016-17
Our Story
• December 2016- Launched Online Payroll System• January 2017- Data Breach (74 Employees-$100K)• February 2017- Creation of the Security Division• May 2017- Attended CSO50 Conference
End users are the weakest link.
Over 95% of all security incidents investigated recognized human error as a contributing error.2
Why do we still care about security training?
75%of large organizations and 31% of smaller organizations fell victim to a staff-related
security breach in the last year.1
of organizations’ worst breaches were the result of inadvertent human error.150%
Act
Now
Intruders are becoming more sophisticated and are using highly targeted social engineering attacks that
are difficult to defend against. If you don’t have a current security awareness and training program, it is
time to join the 72% of large organizations and 68% of small organizations that conduct security training
on an ongoing basis.1
Many employees have access to system networks that
in turn can access confidential and sensitive
information. It is important to educate these users on
the best practices needed for them to protect both
themselves and the organization from any potential
threats or attacks.
55% of companies indicated that they believe
privileged users were the biggest internal threat to
corporate data.3
30% of data breaches globally are caused by
negligent end users.4
Sources: 1 – PwC 2015 Information Security Breaches Report, 2 – IBM Security Services 2014 Cyber Security Intelligence Index,
3 – 2015 Vormetric Insider Threat Report, 4 – Ponemon Institute, 2014 Cost of a Data Breach Study
Security Awareness Strategy
• CMSD Security Awareness Website
• Security Awareness Intervention
• Security Awareness Branding
• Security Hotline
• Security Email account
Security Awareness Results
• Reduction of lost funds
• Reduction of Phishing incidents
• Improved Security Awareness knowledge
• Continued training needed