In-house vs Outsourced help H2H Compliment your existing team? Cost - - - PowerPoint PPT Presentation

In-house vs Outsourced help

H2H Compliment your existing team? Cost - Insurance? Proactive / Reactive…

It’s not if you’re going to have a cyber related event, it’s when

ARGH!

Have a plan ready for compromised accounts Don’t panic - You’re prepared! Have access reset links readily available Twitter - https://support.twitter.com/forms/signin Facebook - https://www.facebook.com/hacked Google - https://accounts.google.com/signin/ recovery

Reporting guidelines…

http://legislature.vermont.gov/statutes/section/09/062/02435

We can do better… Practical Takeaways

CAN-SPAM ACT

https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business

How to deal with ransomeware

• Don’t click or open attachments/links that look

suspicious

• Be careful on social media - videos are not really

videos etc…

• Backup your files! (cloud?)
• Call for help!

How many of you use an android or apple device?

Use a good passphrase | pin

http://danielamitay.com/blog/2011/6/13/most-common-iphone-passcodes

Use a good passphrase | pin

whyisitcoldinvermont? p@ssw0rd qwerty12345!

http://danielamitay.com/blog/2011/6/13/most-common-iphone-passcodes

But I have an Apple iPhone/

• iPad. I’m safe :)

Attempts a password every 6 seconds Automated 100% success rate

Password Mangers

https://www.wired.com/2016/01/you-need-a-password-manager/

https://www.amazon.com/Amazon-Echo-Bluetooth-Speaker-with-WiFi-Alexa

The Internet of Things

Security and Encryption

Mobile devices have direct access to sensitive systems - how are you protecting them?

http://arstechnica.com/gadgets/2015/08/phone-and-laptop-encryption-guide-protect-your-stuff-and-yourself/

How many people use multi- factor authentication?

Do you…

Store, transmit or process credit card data? What is the deal with the chip?

https://www.mastercard.com/ca/merchant/en/Why_is_PCI_Important.pdf https://www.pcisecuritystandards.org/

How many of you have ever connected to…

http://thefederalistpapers.integratedmarket.netdna-cdn.com/wp-content/uploads/2016/08/clinton-server-montage.jpeg

So what can you do?

• Use your phone as a wifi

hotspot

• Ensure you trust which

wifi you are connecting to

• Use a Virtual Private

Network

Antivirus

• It can be compared to the flu shot…

In closing

Use good cyber hygiene Find a confidant Consider a Security Operations Center to remote monitor your systems/networks

Jonathan Rajewski, MS, CCE, CFE, CISSP, ENCE

Director - Senator Leahy Center for Digital Investigation Assistant Professor - Digital Forensics | Cyber Security Digital Forensic Examiner - Vermont Internet Crimes Against Children Task Force

@jtrajewski rajewski@champlain.edu

Thank you! Questions?

Is Your Small Business Online Smart?

2016-2017 Roundtable Series

Main Presenter

Jonathan Rajewski​ | ​Champlain College Jonathan T. Rajewski is a Computer & Digital Forensics instructor and a Computer Forensic Examiner with the Vermont Internet Crimes Task Force in Burlington, Vermont. He has experience with both civil and criminal digital forensic investigations and in providing expert written and oral digital forensic testimony. He has served many high profile confidential clients and has worked alongside international and local, state/federal governmental entities. rajewski@champlain.edu http://www.champlain.edu https://www.linkedin.com/in/jrajewski

CONNECTWITH US ON SOCIAL MEDIA

https://champlainvalley.score.org https://www.facebook.com/VermontScore https://twitter.com/vt_score https://www.linkedin.com/company/champlainvalleyscore https://www.instagram.com/vtscore