Hello,
PLease create a PPT of 5-6 slides as per the given instrcutions below
You are Now the CIO of a Company
(Congratulations)
As the CIO your job is to educate your employees about cybersecurity issues to keep the company information safe and private.
CyberSecurity is a complex field. In your company you will encounter employees who know very little about the field and how to manage their own security.
You know that careless or uninformed staff are the second most likely cause of a serious security breach, second only to malware.
Sometimes personnel may take cybersecurity requirements too lightly, leading to dramatic consequences for the organizations they work for.
Education is Our Best Weapon
Your job is to create a short 3 minute “Welcome” video or narrated presentation that will be shared with all new employees to teach them about the importance of cybersecurity and their responsibility to keep your company CyberSafe.
Please include your references in APA format.
Here are some examples from past classes to inspire your creativity.
(I have altered the presentations to keep personal information private, when requested)
CYBERSECURITY
TRAINING
YOUR NAME HERE
DATE
PASSWORD SECURITY
• Password Reuse
• Maintain different credentials per service. Hackers know it’s hard to keep up with multiple
passwords. If they get one, they will use it against other services hoping to gain additional
access. Never use your company credentials with another service.
• Password Complexity
• Avoid over-simplified or very short passwords.
• Use longer passwords composed of standard words that you can remember or the first letter in a
sentence or phrase. The longer the password, the more difficult to crack.
• We enforce a standard set of complexity requirements to help create strong passwords.
• Password Change Frequency
• Frequency can be as important as complexity. Expired passwords are useless.
EMAIL SECURITY
• Email is one of the most common and most successful attacks on the
internet. Recent statistics cite up to 90% of successful attacks against
businesses begin with a malicious email.
• Emails can contain malicious files like virus and malware, link to malicious
web sites, or try to coerce or convince you to give away personal
information, like your username and password.
• Cybercriminals using email to attack businesses are becoming more and
more effective at evading detection – technology alone is only marginally
effective at blocking these new email threats.
DIFFERENT FORMS OF CYBER THREATS
• Phishing
• Viruses and Malware
• Email Spoofing
• Ransomware
PHISHING
• Phishing is the attempt to obtain sensitive information such as usernames, passwords,
and credit card details (and, indirectly, money), often for malicious reasons, by disguising
as a trustworthy entity in an electronic communication. Common phishing scams attempt
to use coercion or scare tactics to get you to enter your username and password into a
phony web site, such as:
• A “required action” as a part of a system or quota upgrade
• A “required action” to prevent email account closure
• A “trusted” vendor, such as a fake Dropbox or Google alert
• A “legitimate” banking alert
• Once they have your password, attackers can use your account credentials to send more
phishing messages, change financial account information or redirect checks/deposits.
PHISHING EXAMPLES
BEST PRACTICES
• Always verify the sender of a message.
• Always hover over web page links (URLs) in email messages to see where
they link to – beware URL shortening services (like bit.ly) that may obscure
the final web site destination.
• Be skeptical of messages with odd spelling/grammar, improper logos or
that ask you to upgrade or verify your account.
• Report suspicious emails to our IT mailbox
REPORTING AN INCIDENT
• See something say something!
• Phishing / Spam email messages can be reported to our IT mailbox
• Real security incidents, such as compromised credentials, compromised
system or evidence of data exposure/release, can be reported to our
mailbox as well
