INFORMATION

SECURITY TRAINING
AWARENESS
DECK
AGENDA
• WHAT IS INFORMATION SECURITY • SAFE PRACTICES

• PILLARS OF INFOSEC • ENCRYPTION

• STATISTICS • CLASSIFICATION OF DATA

• COMMON MALWARES • INCIDENT REPONSE

• PHISHING ATTACKS • COMPLIANCE POLICIES

• PASSWORD ATTACKS • EMPLOYEE BEST PRACTICES

• MULTIFACTOR AUTHENTICATION
WHY INFORMATION SECURITY
With this digital integration comes a heightened
risk of cyber threats.
Cybersecurity is no longer just an IT issue; it's a
personal concern.

From identity theft to financial fraud, the

repercussions of a security breach can be far-
reaching and devastating.
 • It protects sensitive data.
• Maintains business continuity.
• Enables legal and regulatory compliance.
WHY • Safeguards intellectual property.
• Builds customer and stakeholder trust.
INFORMATION • Prevents identity theft and fraudulent use of stolen data.
• Minimizes potential revenue loss and liability costs.
SECURITY • Secures availability and integrity of critical systems.

IMPORTANT?
WHAT IS INFORMATION SECURITY?
Information Security, often referred to as
InfoSec, is the practice of protecting information
by mitigating information risks.

It's about safeguarding data from unauthorized

access, use, disclosure, disruption, modification,
or destruction.
 PILLARS OF INFOSEC
CONFIDENTIALITY
Ensuring that information is only accessible to authorized people
and preventing unauthorized disclosure of information.

INTEGRITY
Safeguarding the accuracy and trustworthiness of data by
preventing unauthorized and improper modification.

AVALAIBILITY AVALAIBILITY
Making sure that authorized users have timely and reliable
access to information and systems when needed.
STATISTICS SAY..
The average data breach costs in
2022 is $4.45 million, a 2.2% rise from
2022 amount of $4.35 million.

SOURCE: UPGRAD
 SOURCE: UPGRAD

Data breaches in the United States are more expensive than

other countries, with an average total of US$ 9.44 million (more
than double the global average).
 COMMON MALWARES
RANSOMWARE TROJANS
Ransomware is a type of Trojans are malicious
malware that encrypts programs that are disguised
files or systems until a as legitimate software to
ransom is paid to decrypt trick users into installing
them and restore access. and executing an attack
payload on their systems.
VIRUS ADWARE
Viruses are malicious code Adware is software that
that spread by copying automatically displays or
themselves to infect files, downloads advertising
programs or boot sectors material such as banners
to alter system function. or pop-ups when a user is
online.

SPYWARE
Spyware is malicious
software that secretly
monitors and collects data
on a user's online activities,
data and communications
without consent.
COMMON MALWARES
WORM BOTS ROOTKITS
A computer worm
Bots are automated Rootkits stealthily gain
maliciously self-replicates
programs scripted to system access by hiding
across networks by
perform online tasks like malicious components
exploiting vulnerabilities.
crawling content, querying from detection.
data, or interacting with
users.
 PHISHING ATTACKS
SPEAR PHISHING WHALING VISHING SMISHING

Targeted email scam Spear phishing directed Phishing attempt carried Phishing through text
towards specific individuals specifically at senior out using voice calls, often messages attempting to
containing malicious links or executives to access spoofing legitimate steal passwords or
attachments. sensitive data. entities. personal information.
 PHISHING ATTACKS
ANGLER PHISHING PHARMING FILTER EVASION CLONE PHISHING

Creating fake social media Misdirecting users to fake Carefully crafted emails Spoofing communication
profiles to build connections fraudulent websites by with malicious content from a legitimate contact to
and trick targets into modifying infrastructure like designed to bypass email request sensitive data by
sharing sensitive data. DNS records. security filters. impersonating senders.
 PASSWORD ATTACKS
BRUTE FORCE DICTIONARY RAINBOW TABLE HYBRID

Trying every possible Trying commonly used Using precomputed hash Combining brute force and
password combination passwords and words from tables of encrypted dictionary attacks by
possible until the correct a precompiled dictionary file passwords for quickly attempting dictionary
password is discovered. as guesses. matching hash digests to words with special
plaintext passwords characters or numbers
added.
WHAT YOU
NEED TO DO
 STRONG PASSWORD GUIDELINES

Length - Use at least 12 Complexity - Include Obscurity - Avoid common Randomness - Generate or
characters or longer upper and lower case words, names or dates use passwords that are
letters, numbers and fully random
symbols

Storage - Use a password Sharing - Never share

Originality - Do not copy Frequency - Avoid reusing
manager and avoid saving passwords openly with
someone else's password or refreshing the same
openly anyone for any reason
passwords
 MULTI FACTOR AUTHENTICATION
Multifactor authentication
(MFA) is a security process
that requires two or more
validation methods to
verify a user's claimed
identity before granting
access to an online
account or resource.
 KEY COMPONENTS OF
MULTIFACTOR AUTHENTICATION
KNOWLEDGE TIME POSSESSION
(Something you know) (When you are) (Something you have)

Password/ PIN/ Time of user’s

OTP/ SMS/
Recovery access request
Push notifications
questions

LOCATION INHERENCE
(Somewhere you
(Something you are)
are)

Location of
users’s Fingerprints,/ Retina scan/
access request Facial recognition
 SAFE WEB USAGE PRACTICES
Log out completely after Avoid using public
Verify web URLs and
finishing sessions to computers or WiFi
digital certificates to
prevent access from networks for accessing
avoid spoofed websites
same browser sensitive accounts

Use a VPN and encrypted Keep all operating Be cautious of HTTP links
connections for better systems, browsers and and only download from
data security plugins updated regularly trusted sources

Use anti-phishing
Don't stay permanently Clear browsing history,
browser extensions to
signed into accounts on caches, cookies regularly
detect fraudulent
browsers
websites
 SAFE EMAIL USAGE PRACTICES
Beware of
Never open links Look out for red compelling
or attachments flag phrases, bad content like
from unknown or grammar, offers that seem
suspicious spelling errors too good to be
sources true

Check email Do not reply or

addresses of engage with
senders for suspicious
authenticity emails directly

Ensure security Set up automatic

Report phishing
measures like scanning and
emails to help
DMARC, SPF and filtering of
improve filters
DKIM exist for emails for
your domain threats
 CLASSIFICATION OF DATA
LEVELS

PUBLIC
It is the process of

categorizing data assets

INTERNAL
based on their
SENSITIVE
information sensitivity. DATA CONFIDENTIAL

RESTRICTED
 PUBLIC INTERNAL

Data that may be freely disclosed Internal data that is not meant for
to the public public disclosure

• Marketing material • Battlecards

• Contact information • Sales playbooks
• Price lists • Organisational charts
 CONFIDENTIAL RESTRICTED
Sensitive data that if compromised Highly sensitive data that if
compromised could negatively could
could negatively impact operations
put the organisation at financial or
legal risk.

• Contracts with vendors • Credit card information

• Employee reviews • Social security numbers
• PHI
 DATA CLASSIFICATION, STORAGE AND
SHARING GUIDELINES
Classify data based on
Label data appropriately
sensitivity

Store as per classification Validate sharing need

Limit access and retention Transmit securely

Destroy securely when

Maintain oversight
obsolete
 INCIDENT RESPONSE

INCIDENT MEANING

Refers to an adverse security event

that harms or threatens to harm the
confidentiality, integrity, or availability
of information systems or the
information they store, process, or
transmit.
INDICATORS OF SECURITY INCIDENTS
New unauthorized Signs of malware infections like
administrator accounts unexpected pop-ups, slower
or privilege escalations system performance, or unusual
outbound network activity

Loss events like missing Suspicious emails with

laptops/devices or mismatched sender name and
inability to account for addresses or containing links
records to bad domains

Alerts from security tools like Multiple failed login attempts

anti-virus, IDS/IPS, firewalls or large number of locked out
denoting suspicious traffic or user accounts
detections

Unexplained alterations, Unavailability of systems,

deletions, or access of servers, or networks denying
sensitive files or databases user or customer access
 INCIDENT RESPONSE PROCESS
Monitor for and detect
potential security incidents
through tools, user reports, DETECTION
&
etc. Analyze suspected events
ANALYSIS
to confirm malicious or
unauthorized activity.
Restore regular operations in
a safe manner by reconnecting RECOVERY
validated systems/users as &
needed. Monitor for potential RECONNECT
complications or follow-on
incidents.
Isolate and stabilize the incident to
limit its impact by disconnecting
CONTAINMENT
affected systems/users. Remove
&
components or factors allowing
ERADICATION
the incident to occur including
cleaning up infections.
Document lessons learned
POST
from the incident through a
INCIDENT
blameless assessment and
REVIEW
adjust policies including new
safeguards against similar
incidents recurring.
 IMPLEMENTATION OF POLICIES
Controlled tests such as being
Periodic verification of user
data spillage to evaluate data
accounts and privilege levels to
loss prevention controls
ensure only authorized access
exists based on job roles
Validation of security
configurations like encryption,
backups, logging against
policies
Regular proactive scans to
identify security gaps needing
policy/control updates
Tracking of changes to critical
system files or databases for Inspect patterns and
anomalies protocols to detect non-
compliant use of resources

Surveys, phishing simulations

Response capability Evidence gathering, external
to validate employee
assessment via monitored red attestations to align with legal
comprehension of
team attacks obligations
responsibilities
 KEY POINTS TO ENSURE COMPLIANCE

Leaders must visibly Conduct training on Align policies to Well defined, easy to
support and abide by security policies and identified threats, implement policies
security policies to set acceptable usage regulatory climate and have higher adoption
the tone for the guidelines for all users business objectives. across workforce.
organization. to comprehend
responsibilities.

Require employees to Tools to monitor Mechanisms for Enforce sanctions

read and acknowledge access patterns, user anonymous reporting where applicable to
understanding of behavior flags, of non-compliance. discourage willful
security configuration audits negligence through
responsibilities. validate compliance. procedures.
 Use strong unique passwords Identify and report phishing
and enable multi-factor attempts, suspicious links or
authentication attachments

Refrain from accessing Ensure endpoints have up-to-

sensitive data or systems date anti-virus and regularly
without authorization install security patches

EMPLOYEE
BEST
PRACTICES
Lock workstations when Attend all required security
leaving desks to prevent awareness education and
unauthorized access policy acknowledgement

Use encryption and secure Choose secure settings on all

methods for transmitting corporate devices and
sensitive data digitally databases accessed
 FOLLOW US FOR MORE FREE
CHECKLISTS | PLAYBOOKS
TEMPLATES | VIDEOS

PRESENTATION MADE WITH

SECURITY & PRIVACY

MADE EASY