Cybersecurity Threat Overview Briefing for NBTS
CarverDPaceJr
7 views
22 slides
Oct 11, 2024
Slide 1 of 22
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
About This Presentation
Overview of cyber threats
Slide Content
WHY WE NEED CYBERSECURITY
AGENDA
•What are the Cyber Threats?
•Cybercrime and cybercrime forecast
•Cost of data breaches
•Internet of Things (IoT)
•Phishing
•Personal cyber protection
•Prohibited network actions
•Tips to stay safe –working remotely
•What are the Cyber Threats?
•Cybercrime and cybercrime forecast
•Cost of data breaches
•Internet of Things (IoT)
•Phishing
•Personal cyber protection
•Prohibited network actions
•Tips to stay safe –working remotely
WHAT ARE THE CYBER THREATS
•Advance Persistent Threats (APT)Top Threat Actors are
China, RussiaNorth Korea, and Iran
•Cyber Espionage (China and Russia)
•Theft of intellectual property (IP) to gain a
competitive advantage
•To gain political advantage
•Suppression of population for stability
•Cyber Crime
(Russia and North Korea)
•
Lower risk and higher reward
•More profitable than the illegal drug trade
•Cyber warfare
(Almost all industrialized countries)
•
Identifying weaknesses that allow inferior military forces to defeat superior military forces
•Advance Persistent Threats (APT)Top Threat Actors are
China, RussiaNorth Korea, and Iran
•Cyber Espionage (China and Russia)
•Theft of intellectual property (IP) to gain a
competitive advantage
•To gain political advantage
•Suppression of population for stability
•Cyber Crime
(Russia and North Korea)
•
Lower risk and higher reward
•More profitable than the illegal drug trade
•Cyber warfare
(Almost all industrialized countries)
•
Identifying weaknesses that allow inferior military forces to defeat superior military forces
WHO ARE THE CYBER THREATS
•Cyber-Terrorist( Iran, North Korea, China, and Russia)
•Motivated by politics or religion
•Fear, terror, and bodily harm
•Hacktivists(Geopolitical Groups)
•
Motivated by politics or religion, to expose
wrongdoing, or exact revenge for a cause
•Insider Threat
•Disgruntled employees
•Fired or employees leaving to go work for a competitor
•Cyber-Terrorist( Iran, North Korea, China, and Russia)
•Motivated by politics or religion
•Fear, terror, and bodily harm
•Hacktivists(Geopolitical Groups)
•
Motivated by politics or religion, to expose
wrongdoing, or exact revenge for a cause
•Insider Threat
•Disgruntled employees
•Fired or employees leaving to go work for a competitor
MOST COMMON CYBER
ATTACK VECTORS
•Email or social media phishing to
compromise credentials or deliver malware
•Cloud or network misconfiguration
•Exploiting Unpatched or Vulnerabilities in
third-party software
•Social Engineering
•Ransomware
Note: The mean or average time to identify and
contain a breach was 277 days in 2022.
ATTACK VECTORS
•Email or social media phishing to
compromise credentials or deliver malware
•Cloud or network misconfiguration
•Exploiting Unpatched or Vulnerabilities in
third-party software
•Social Engineering
•Ransomware
Note: The mean or average time to identify and
contain a breach was 277 days in 2022.
WHAT'S AT RISK
•Employee’s and Customer’s Data and or Credit
Card information
•Lost revenue from work stoppage or slow-down
•Safety –The Ministry depends on institutions like
NBTS to keep the human resource pipeline flowing.
•High remediation and repair cost
•Brand Name Damage (Reputation)
•Lawsuits, compliance penalties, and or fines
•Employee’s and Customer’s Data and or Credit
Card information
•Lost revenue from work stoppage or slow-down
•Safety –The Ministry depends on institutions like
NBTS to keep the human resource pipeline flowing.
•High remediation and repair cost
•Brand Name Damage (Reputation)
•Lawsuits, compliance penalties, and or fines
DATA BREACH AVERAGE COST
CYBER CRIME - ATTACKS
CYBER CRIME - ATTACKS
•Smart cars, grids, medical devices, manufacturing, homes,
buildings, smart everything!
•Our lives depend on these systems
•Cybersecurity = physical safety!
•Vehicle-to-everything (V2X) Technologies, such as 5G
•Integration of Information Technology (IT) and Operation
Technology (OT or IoT)
•Cloud Computing and Cloud Networking
•Work From Home (WFH)
•Autonomous vehicle (AV) technology
OUR BUILDINGSOUR TRANSPORT
OUR HEALTH
OUR PRODUCTION
Anything connected to the internet can be hacked and or turned into a weapon
WE LIVE IN A CONNECTED WORLD
buildings, smart everything!
•Our lives depend on these systems
•Cybersecurity = physical safety!
•Vehicle-to-everything (V2X) Technologies, such as 5G
•Integration of Information Technology (IT) and Operation
Technology (OT or IoT)
•Cloud Computing and Cloud Networking
•Work From Home (WFH)
•Autonomous vehicle (AV) technology
OUR BUILDINGSOUR TRANSPORT
OUR HEALTH
OUR PRODUCTION
Anything connected to the internet can be hacked and or turned into a weapon
WE LIVE IN A CONNECTED WORLD
INTERNET
OF THINGS
11
OF THINGS
11
Targets large
groups
Targets specific
groups or
individuals
Targets through
text messages
Phishing Spear Phishing SMishing
Telephone
equivalent of
phishing
Vishing
12
groups
Targets specific
groups or
individuals
Targets through
text messages
Phishing Spear Phishing SMishing
Telephone
equivalent of
phishing
Vishing
12
•Request for username and password
•NBTS will NEVER ask for your password by email or phone
•Threat that you’ll lose something
•Makes the situation seem dire so you feel obligated to provide personal
information
•Notification that computer/devise is infected and/or broken
•Non-solicited information about the stability of your computer should NOT be
trusted
Phishing email attempts
13
•NBTS will NEVER ask for your password by email or phone
•Threat that you’ll lose something
•Makes the situation seem dire so you feel obligated to provide personal
information
•Notification that computer/devise is infected and/or broken
•Non-solicited information about the stability of your computer should NOT be
trusted
Phishing email attempts
13
“Typosquatting” or look- alike
domains
•Organizational Domains e.g. .edu, .com, .org, .net.
•Country Domains [.RU=Russia, .CN=China, .DE= Germany,
and IR=Iran
What to look for
http://www.its-NBTS.com or http://www.lts-NBTS.com
http://wwwapple.com or https://www.apple.com.
https://www.faecbook.com or https://www.facebook.com
http://www.twiitter.com or https://twitter.com
http://www.google.com or http://www.goo|e.com
https://ltsNBTS.com or https://itsNBTS.edu
14
https://NBTS.edu or https://NBTS.seminary.edu
domains
•Organizational Domains e.g. .edu, .com, .org, .net.
•Country Domains [.RU=Russia, .CN=China, .DE= Germany,
and IR=Iran
What to look for
http://www.its-NBTS.com or http://www.lts-NBTS.com
http://wwwapple.com or https://www.apple.com.
https://www.faecbook.com or https://www.facebook.com
http://www.twiitter.com or https://twitter.com
http://www.google.com or http://www.goo|e.com
https://ltsNBTS.com or https://itsNBTS.edu
14
https://NBTS.edu or https://NBTS.seminary.edu
Phishing Email Example
15
15
•Updates
•Install all software updates as
offered “auto updates”
•Operating system, web browser
and third-party plug-ins
•Browser checking tools
•Configure
•Computer, smartphones and tablets
•Privacy settings in social media, mobile apps, emails and web browsers
•Enable two-factor authentication
or biometrics
Personal cyber protection tips
Passwords
•Never use simple or easy
passwords (12345, p@ssword)
•Cybercriminals use automated programs
that can guess these in minutes!
•Paraphrase or at least 10-
characters
•Upper and lower case, numbers
and symbols
(!L0ve@tlan&ta2022)
16
•Install all software updates as
offered “auto updates”
•Operating system, web browser
and third-party plug-ins
•Browser checking tools
•Configure
•Computer, smartphones and tablets
•Privacy settings in social media, mobile apps, emails and web browsers
•Enable two-factor authentication
or biometrics
Personal cyber protection tips
Passwords
•Never use simple or easy
passwords (12345, p@ssword)
•Cybercriminals use automated programs
that can guess these in minutes!
•Paraphrase or at least 10-
characters
•Upper and lower case, numbers
and symbols
(!L0ve@tlan&ta2022)
16
•When emailing, don’t:
•Forward bulk, chain or inappropriate (sex, hate or threatening in nature) emails.
•Click on links in emails from unknown parties.
•Auto forward email to external email accounts.
•Transmit sensitive data over the internet without using VPN or encrypting
your emails.
•Don’t conduct malicious activities such as scanning, monitoring network,
intercepting data, revealing information about NBTS.
Network don’ts
17
•Forward bulk, chain or inappropriate (sex, hate or threatening in nature) emails.
•Click on links in emails from unknown parties.
•Auto forward email to external email accounts.
•Transmit sensitive data over the internet without using VPN or encrypting
your emails.
•Don’t conduct malicious activities such as scanning, monitoring network,
intercepting data, revealing information about NBTS.
Network don’ts
17
•Passwords
•Don’t use the same password at home and at work
•Don’t share your, or any NBTS, username and password with someone else
•Connections
•Don’t connect any unauthorized device to NBTS’s network
•Don’t install any unauthorized software, export information, take or “borrow” copywritten
materials
•Don’t use Peer-to-Peer networking applications,
•Don’t plug unauthorized media/thumb drives into your computer
Review NBTS Acceptable Use Policy for more details
Network don’ts
18
•Don’t use the same password at home and at work
•Don’t share your, or any NBTS, username and password with someone else
•Connections
•Don’t connect any unauthorized device to NBTS’s network
•Don’t install any unauthorized software, export information, take or “borrow” copywritten
materials
•Don’t use Peer-to-Peer networking applications,
•Don’t plug unauthorized media/thumb drives into your computer
Review NBTS Acceptable Use Policy for more details
Network don’ts
18
9 tips to stay safe while working remotely
Lock down your home
network
CREATE a complex
router (Wi-Fi)
password and limit
access.
DO NOT log in to
public Wi-Fi
Secure your work
devices
USE strong passwords
or passcodes and lock
your laptop screen or
put to sleep when not
in use.
Control use of
removable media
DO NOT allow family
members or guests to
plug in personal
devices or accessories
to your work device.
19
Lock down your home
network
CREATE a complex
router (Wi-Fi)
password and limit
access.
DO NOT log in to
public Wi-Fi
Secure your work
devices
USE strong passwords
or passcodes and lock
your laptop screen or
put to sleep when not
in use.
Control use of
removable media
DO NOT allow family
members or guests to
plug in personal
devices or accessories
to your work device.
19
9 tips to stay safe while working remotely
Protect institutional
data
KEEP institutional data
exclusively on your
work device. Avoid
transferring work-
related files to
personal devices.
Beware of Phishing
attempts
DO NOT click links or
attachments from
unknown senders and
be cautious about
what you download.
Separate the personal
and professional
DO NOT use personal
computers or devices
to conduct institutional
work and vice versa.
20
Protect institutional
data
KEEP institutional data
exclusively on your
work device. Avoid
transferring work-
related files to
personal devices.
Beware of Phishing
attempts
DO NOT click links or
attachments from
unknown senders and
be cautious about
what you download.
Separate the personal
and professional
DO NOT use personal
computers or devices
to conduct institutional
work and vice versa.
20
9 tips to stay safe while working remotely
Only use authorized
software
NEVER download
unauthorized software
on your work device
and don’t tamper with
or disable authorized
software &
applications.
Share files securely
ALWAYS use NBTS
email encryption on
sensitive/secure data.
Report security
concerns ASAP
If you see anything
suspicious, contact
NBTSs Cyber Security
team immediately.
21
Only use authorized
software
NEVER download
unauthorized software
on your work device
and don’t tamper with
or disable authorized
software &
applications.
Share files securely
ALWAYS use NBTS
email encryption on
sensitive/secure data.
Report security
concerns ASAP
If you see anything
suspicious, contact
NBTSs Cyber Security
team immediately.
21
QUESTIONS?
Q
A
22
Q
A
22
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 7
- Slides 22
- Age 425 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
62 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
58 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
45 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
45 views
21
Know for Certain
DaveSinNM
28 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
31 views