SlideShare a Scribd company logo

CyberSecurity - Computers In Libraries 2024

Download as PPTX, PDF
Brian Pichman, profile picture
Brian Pichman

The document discusses various methods and tools for maintaining online anonymity and protecting personal data in the context of cybersecurity. It highlights the use of technologies like Tor and VPNs to hide IP addresses, outlines best practices for online privacy, and emphasizes the importance of organizational policies to manage data security. Additionally, it underscores the obligations of organizations to protect sensitive information and effectively communicate during data breach incidents.

Technology
1 of 153
Downloaded 26 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
Cybersecurity Brian Pichman Evolve Project
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
Cloak of Invisibility Anonymous Browsing
Cloak of Invisibility Top reasons why people want to hide their IP address: 1. Hide their geographical location 2. Prevent Web tracking 3. Avoid leaving a digital footprint 4. Bypass any bans or blacklisting of their IP address 5. Perform illegal acts without being detected
Onion Routing, Tor Browsing • Technique for anonymous communication to take place over a network. The encryption takes place at three different times: • Entry Node • Relay Node • Exit Node • Tor is made up of volunteers running relay servers. No single router knows the entire network (only its to and from). • Tor can bypass internet content filtering, restricted government networks (like China) or allow people to be anonymous whistle blowers. • Tor allows you to gain access to “.onion” websites that are not accessible via a normal web browser. • Communication on the Dark Web happens, via Web, Telnet, IRC, and other means of communication being developed daily.
Cloak of Invisibility • How to hide yourself? • Private VPN • You want a TOTALLY anonymous service. • Look for one that keeps no log history (Verify via reviews) • Look at Bandwidth & Available Servers • Recommendations: • Private Internet Access (PIA) • TorGuard VPN • Pure VPN • Opera Web Browser • Avast AntiVirus (SecureLine) • Worst Case: Free WIFI
Cloak of Invisibility • How Tor anonymizes – “You”. • How VPN keeps ”You” protected.
Free WiFi • Sometimes a good alternative if you need to do something anonymously • Nothing is ever 100% anonymous • Some public wifi does track websites you access, what you do, etc. • Make sure your computer name you are using doesn’t include your actual name
Best Tips and Practices for being Anonymized Do • Use a device that you’ve never signed into anything ”personal on”. • Pro Tip: buy a computer from a Pawn Shop or Garage Sale Don’t • While on a VPN or any other anonymous tool; don’t sign into personal accounts (banks, social media, etc). • If posting, don’t use anything that could be associated to you
Easy Wins for Privacy • 10 Minute Email • https://10minutemail.com/ • Temporarily get an email box that’s anonymous and disappears after 10 minutes • Dr Cleaner (Mac) or Eraser (Win) can overwrite files on your computer with “blank” data to make file recovery near impossible. • Tools like Recuva is free softwares to allow you to restore deleted files.
What People Pay For Your Data • https://www.fortinet.com/blog/industry-trends/the-true-value-of- data.html • Credit Card Numbers: 50 cents to 2.50 per card. • Bank Account Information (logins/information): $1.00 to $70 • Medical Records: $10-$20
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
https://www.experian.com/blogs/ask-experian/heres-how- much-your-personal-information-is-selling-for-on-the-dark- web/
Protecting Yourself
Google Isn’t Always Your Friend
Tools For Use • Sites to protect yourself all the time (not free) • IdentityGuard.com • LifeLock.com • Sites to monitor when breached data gets related (this is free) • Haveibeenpwned.com • Password Management Sites (like lastpass.com) • Don’t have the same password for all your sites. • Don’t write your passwords down on a post-it-note and leave it at your desk
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
Dual Factor Authentication • After logging in; verify login via Email, SMS, or an app with a code.
Credit Card Tools for Online Shopping • Check out Privacy.Com • https://privacy.com/join/473XB
Basic Tips • Accept only people you know to personal and professional accounts • Never click on links from people you don’t know. • Especially if they are using a url shortner: bit.ly, tinyurl.com, etc • https://www.urlvoid.com/ - test the website to see if its safe • https://www.site-shot.com/ get a screenshot of what will load on site • If there are people claiming to be you on social media, it’s best to get your account “verified” on those social media platforms • This lets users distinguish that you’re the actual official account • Dual factor authenticate all of your social media logins
Checking Your Accounts / Name Online • Use this site to check your usernames: https://namechk.com/ • The next is a tool searches through your email with things you may have signed up for (I've paid for their premium service as well, not really worth it, the free does just fine) https://brandyourself.com/privacy-overview. • This tool: https://email-lookup.online/index.php searches public searches to see what links. Its similar to https://www.spokeo.com/email-search.
CyberSecurity - Computers In Libraries 2024
Myths • I’m/my university not worth being attacked. • Hackers won’t guess my password. • I/we have anti-virus software. • I’ll/we know if I/we been compromised.
Understanding Breaches and Hacks • A hack involves a person or group to gain authorized access to a protected computer or network • A breach typically indicates a release of confidential data (including those done by accident) • Both of these require different responses if breaches/hacks occur.
The Costs Of Breaches • This year’s study found the average consolidated total cost of a data breach is 4.45 Million – Ones that use AI save 1.76 Million https://www.ibm.com/reports/data-breach • Data Breached Companies Experience… • People loose faith in your brand • Loss in patrons • Financial Costs • Government Requirements, Penalties, Fees, etc. • Sending of Notifications • Payment of Identity Protection or repercussions. https://betanews.com/2016/02/10/the-economic-cost-of-being-hacked/
CyberSecurity - Computers In Libraries 2024
You as a Organization - Obligations • You are obligated to protect the data and privacy of: • Employees • Customers • Business Partners/Vendors/Etc. • Sometimes, we forget we house a lot of personal and identifying information about our employees and customers. • Employees Social/Payroll/HR • Customer Records/Accounts/History • What employees/customers are accessing on the web • A sniffing tool, key logger, or fake DNS redirects can monitor not only the sites people are accessing but what they use for their username / password
Steps – Communication and Speed! • Communicate • People will ask “How long did you know XYZ happened” - know this information before communicating to them an attack occurred. • If you discover a breach, hack, or any other compromise that may have the impact of data being stolen or viewed, you MUST communicate quickly and effectively. • While every scenario is different and has different factors – groups that move faster with the information they know (as soon as they know it) they are generally better off long term (ie don’t’ wait months as you “investigate” the issue. Give people time to protect themselves) • Don’t over communicate and have one spokesperson • Be clear and concise. Too many details can be harmful.
Other Points on Communication • Once you know a breach has occurred, by law you are required to inform customers if their data has been compromised. • Some states have deadlines of when the announcement has to be made • Every impacted person must be told that a data breach has occurred, when it occurred, and what kind of information was compromised. • Answer: what are you doing to provide a remedy and should they do • (next slide)
what are you doing to provide a remedy and should they do You as the Organization • Build a website with information about the breach • Offer a Toll Free number people to call in for questions • If the possibility of social information provide contact information for Equifax, Experian and Transunion, and the quick links for fraud protection. Them as Impacted Parties • Fraud Protection (if necessary) • Request them to change their passwords if their password was compromised • Highlight if they use this password on OTHER sites to change those passwords too
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
Step 2 - Investigate • You will most likely need to hire an outside cyber security firm – they have the tools and resources to track what might have been stolen and who stole it. • Solve which computers and accounts were compromised, which data was accessed (viewed) or stolen (copied) and whether any other parties – such as clients, customers, business partners, users, employees. Was the stolen data encrypted or unencrypted? • Also involve folks from the people you pay for services (depending on where the breach occurred) such as ISPs, Web Hosting Providers, Security Software, Firewall Vendors, etc. • Contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance
Step 3 – More Communication and Follow Up • If you notify more than 500 impacted people from a breach, many states will also require you to file a notice with your state attorney general’s office. • HIPPA, FERPA, CIPA, and all those other scary acronyms have requirements and regulations – make sure none of those rules are violated.
Legal Stuff • There are a lot of laws that help a certain level of security standards. The landscape of these laws is evolving as the level of threats increase. • There is compliance standards that organizations should reach for security as well – as a precaution and preventive measure to mitigate risk. • The ISO/IEC 27000 family of standards helps organizations keep information assets secure. • https://www.iso.org/isoiec-27001- information-security.html
Don’t Let This Happen:
https://myaccount.google.com/device-activity
https://account.microsoft.com/devices
What Are Tools Death Eaters use?
Spells: • Man in the Middle • Sitting between a conversation and either listening or altering the data as its sent across. • DNS Spoofing (https://null-byte.wonderhowto.com/how-to/hack-like-pro-spoof-dns- lan-redirect-traffic-your-fake-website-0151620/) set up a fake website and let people login to it. • D/DoS Attack (Distributed/Denial of Service Attack) • Directing a large amount of traffic to disrupt service to a particular box or an entire network. • Could be done via sending bad traffic or data • That device can be brought down to an unrecoverable state to disrupt business operations. • Sniffing Attacks • Monitoring of data and traffic to determine what people are doing.
CyberSecurity - Computers In Libraries 2024
BackTrack can get you ALOT • BackTrack was a Linux distribution that focused on security based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribution and released it under the name Kali Linux. https://en.wikipedia.org/wiki/BackTrack
CyberSecurity - Computers In Libraries 2024
“Cool” Hardware https://krebsonsecurity.com/2016/08/road-warriors-beware-of-video-jacking/ Be careful when plugging your device in o public USB Outlet… Either read the data on your device OR Record your screen ->
Credit Card Skimmers
CyberSecurity - Computers In Libraries 2024
Implementing SafeLinks
Hacked WiFi – Cain and Abel
CyberSecurity - Computers In Libraries 2024
Why have a policy? Staring Will Ferrell ….
Increases Efficiency • Having a security policy allows you to be consistent in your approach to issues and how processes should work. • It should outline how and what to do, and repeatable across your organization. • Everyone is doing XYZ the same way and on the same page.
Accountability, Discipline, and Penalties • Think of it as a contract – for legal purposes – that you have taken the steps needed to secure your organization.
Education For Employees • By reading these policies (and signing them), it helps educate employees (and users) the sense of ownership for assets and data. • Everything from advice on choosing the proper passwords, to providing guidelines for file transfers and data storage, internet access and rules, will help to increase employees’ overall awareness of security and how it can be strengthened
Addresses Threats and Risks • A good policy should address all threats, strategies to decrease the vulnerabilities of those threats, and how to recover if those threats became actionable. • This makes the “what do we do if someone hacks our network” a defined process already and who to call and what to do to mitigate further damage.
Access Definitions and Permissions • A good policy would outline who accesses what and why. This makes reporting a security violation easier and streamlined. • Policies are like bouncers at a night club • It states who has access to the VIP section of the club, why, and any reasons to allow entry. • Without these rules, VIP wouldn’t be really VIP.
Types of Policies
Types of Policies • Organizational (or Master) Policy • Serves as the foundation or blueprint for the whole organization’s security policy. It is a strategic plan for how to implement and maintain security throughout the organization. • Think of it as a high-level document that includes the vision, objectives, scope, and expendabilities. • System-specific Policy • Is usually concerned with a specific system (such as an ILS) or computer system. It is meant to outline the approved software, hardware, and methods to secure that system. • Issue-specific Policy. • These are more detailed and focused on a functional aspect of a role, process, or procedure. This helps detail the required levels of security as well as instructions for staff (and patrons) to abide by to achieve this level.
To Include • Security Standards • Outline the rules, instructions, and actions required to meat the goals and objectives. • These can be tied to laws or regulations • Baselines • Identify the minimum level of security required – and everything must comply to that minimum. Exceptions should be minimal if nonexistent. Evaluations or audits must be routinely done – ideally by a third party consultant or a security team. • Guidelines • Practical instructions and recommendations to meet the standards and baselines. Usually written as operational guides. • Procedures • Usually documented in an appendix. A security policy at a high level contains general directives, the procedure is very detailed and illustrates step-by-step of how to do specific tasks.
Putting It Together • Your security policy can include “maintain a malware-free computer system”. • The standard would be: all computers must have antivirus installed and updated. • The baseline states that the computer must be at minimum fully patched, antivirus installed, updated within the last 7 days. • Guidelines could be: • Don’t open untrusted emails and attachments • Don’t disable or hinder antivirus protection • Procedure would document how to install the antivirus, how to maintain updates, etc.
Types of Issue Specific Policies • Change Management Policy • What happens when a system is upgraded. • Physical Security Policy • Can you take company owned assets off network? • Can your kids use the equipment? • Email Policy • What can be sent out? What can be downloaded? • Internet Policy • What can you access and why? What happens if something is blocked? • Facebook – Allowed for Work? *Facebook can contain malicious links*
Must Have Policies: • Media Disposal Policy / Data Retention Policy • What do you do with old computer assets? • How long do you back-up and retain “old” files • Acceptable Use Policy (very common) • The ”Do’s and Don’ts” of equipment/internet/etc. • Access Control Policy (often part of new hire/term processes) • Who has access to what, how is access controlled, how is access terminated / created. • Disaster and Recovery / Incident Response Plans
Policies on Websites • Terms and Conditions • What will be done with accounts, data, access information • Privacy Policies and Cookies • If you use Google Analytics you might want to call attention to it. • IP Address logging? • Links to third party websites – who is responsible?
Other Policies • Training Process • How do you do training on security, how frequently, what scores should there be? • Information • How should information be protected and monitored? • Vendors • What kind of access is given to vendors. What is the “approval” process
Patrons! • It’s important to put a policy in place and best practice for patrons – to help limit liability on the library. • At the end of the day, access to the internet and computer systems is a privilege and not a right. • Asset Usage and Internet Usage: • Do’s and Don’ts – They have to agree and violations are met with restriction of usage or removal of access. • What happens if they use it for “illegal” purposes?
Policies Help Protect Important Data (or a book of monsters)
Protecting The Environment you threats Delicious Data
Why do People Attack? • Financial Gain • Stocks • Getting Paid • Selling of information • Data Theft • For a single person • For a bundle of people • Just Because • Malicious
How to navigate and prevent wrong turns • Who are the people we’re trying to avoid? Hacker Groups • Lizard Squad. ... • Anonymous. ... • LulzSec. ... • Syrian Electronic Army. ... • Chaos Computer Club (CCC) ... • Iran's Tarh Andishan. ... • The Level Seven Crew. ... • globalHell.
So what Do You Need to Protect? • Website(s) • All Stored PII Data • Employee Computers • And what they do on them • User Computers • And what they do on them • Network • And what people do on them • Stored Data, Files, etc. • Business Assets • Personal Assets • ….anything and everything that is plugged in…
Outside • Modem Router Firewall Switches • Servers End User • Phones • Computers • Laptops
Outer Defenses (Routers/Firewalls) • Site to Site Protection (Router to Router or Firewall to Firewall) • Encrypted over a VPN Connection • Protection With: • IDS • IPS • Web filtering • Antivirus at Web Level • Protecting INBOUND and OUTBOUND
Unified Threat Management • Single Device Security • All traffic is routed through a unified threat management device.
Areas of Attack On Outer Defense External Facing Applications • Anything with an “External IP” • NAT, ONE to ONE, etc. • Website • Custom Built Web Applications or Services Internal Applications • File Shares • Active Directory (usernames / passwords) • User Records • DNS Routing • Outbound Network Traffic • Who is going where
Inner Defenses (Switches/Server Configs) • Protecting Internal Traffic, Outbound Traffic, and Inbound Traffic • Internal Traffic = device to device • Servers • Printers • Computers • Protected By: • Software Configurations • Group Policy • Password Policy • Hardware Configurations • Routing Rules
CyberSecurity - Computers In Libraries 2024
IT Admin Tricks for Security • Administrative Accounts are easy to figure out if they are something like “administrator” ”root” or “power users”. At the same time, no employee should have their account as a full admin. • Instead, give them their own username for admin access (like brian.admin) • Change the default “login” pages for sites to something that’s not www.mysitename.com/login. Bots look for this and attack. • My Drupal Site login page is www.evolveproject.org/catpower • User Awareness is key to any secure organization. Teach users how to identify potential threats and how to respond quickly. • Avoid shared accounts. One account should only be used by one person.
CyberSecurity - Computers In Libraries 2024
Updates, Patches, Firmware • Keeping your system updated is important. • Being on the latest and greatest [software/update/firmware] isn’t always good. • Need to test and vet all updates before implementation • If you can – build a dev environment to test and validate.
Casper Suite / JAMF - https://www.jamf.com/products/jamf-pro/
SCCM tools
CyberSecurity - Computers In Libraries 2024
Protecting End Devices • Protecting Assets • Business Assets • Thefts • Hacking • Personal Devices • Security Risk • Usually pose an INBOUND threat to your network
CyberSecurity - Computers In Libraries 2024
Dual Factor is the Patronus of Spells It helps guard your account with one extra layer of protection against the strongest of dark forces
Passwords • Let’s talk about Passwords • Length of Password • Complexity of password requirements • DO NOT USE POST IT NOTES
Advance Cyber Protection Tools • MDR / NDR Solutions (Managed Detection Response / Network Detection Response) • Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. • Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
Your Security is as Strong As the Weakest Link
Tools To Train • Knowbe4
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
Identifying Threats • “Act of God” • Tornado, Flood, Fire • ”Act of Evil” • Break-ins, Hacking, Physical Damage, Viruses • “Act of Error” • Accidental Deletions, Hardware Failure, Software Glitches • Loss of Services (could be caused by above) • Internet, Power, Heating/Cooling, Phone, Building Issues
Recoverable Risks • Risks with Provided Services: • Internet • Phone • Power • Risks with Created Data • Corruption • Loss • Risk with Owned Systems • Errors or Corruption • Failure or Loss
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
CyberSecurity - Computers In Libraries 2024
A Good recovery plan includes • Monitoring • Systems need to be actively monitored • Recoverable Backups and Systems • Systems need to have data backed up • Redundancy • Systems need to be redundant to mitigate risk of device or service failure, having failover devices and services is important to ensure uptime. • TESTING • I’m going to say this a few times.
A Disaster Plan Is About • Ensuring Redundancy and Recovery • Planning and Preparation: • Risk Management • Risk Assessment • Risk Mitigation • Business Continuity • If a Disaster Occurs: • Response • Relief • Recovery • Restoration
ISPs Modem Firewall Switches Servers Computers Modem Most latest gen firewalls are able to handle two internet connections and “round-robin” and do “failover” Usually pick two different mediums: Cable Telephone Satellite … Having two different internet connections across two different modems will help mitigate risk of a Service Provider Failure Other considerations include hardware failure and redundancy. Having a spare firewall (or using two firewalls to load balance) can help mitigate risk.
Data Is Expensive • Financial Records for 7 years • SOX ( Sarbanes–Oxley Act of 2002 ) • Cost of a “data record” • On average, the cost of such a record containing healthcare information is $363 (and also employee records are known to be this much if including social information • At the end of May 2015, the Ponemon Institute released its annual “Cost of Data Breach Study.” Researchers estimated that the average cost of each lost or stolen record containing sensitive and confidential information was $154. • Verizon has the concept from a per-record perspective, claiming an average cost of just 58 cents for each lost or stolen file.
CyberSecurity - Computers In Libraries 2024
What can Happen to My Data? • It can be corrupted! • Someone makes changes to a file. Accidental deletion, purposeful manipulation, script goes rouge. • Can impact system performance • It can be lost! • Server goes down, disappears, etc. • Spreadsheets, employee files, payroll, flyers, data about events • Website Data, Catalog Data, Hosted Applications…gone! • Email! • Hardware failure
Ways to Back Up
Monitoring Is Important • Monitor your servers to prevent issues before they happen. Things to monitor for: • Network Drops (means it can be device failure or network issue) • Temperature of Devices (prevent overheating) • Server Processes (if a server is running to high for too long something could be wrong) • Storage Space (running out of space can corrupt an entire system) • Memory Usage • Database Errors
CyberSecurity - Computers In Libraries 2024
NIAGOS
PINGDOM
Test Your Plan • Test Your Back Ups • Do a recovery on a different server to ensure accuracy and time how long it takes to recover • Test Your Redundancy • Remove a network, server, and determine if fail over occurs. • Time these! • Test Test Test.
Layout of a “Disaster Plan”
CISA • https://www.cisa.gov/topics/cyber-threats-and-advisories/cyber- hygiene-services
AI and Cyber Security • AI is making Phishing Attacks harder to spot -> since AI can clean up grammar errors, make better call to actions, etc • How will the use of Chat GPT, etc. impact Cybersecurity? • How will AI affect libraries and their resources?
CyberSecurity - Computers In Libraries 2024
Attacks we commonly see through e-mail
Impersonation Some people will create emails of VIPs to trick you into getting a message to them
Spoofing Is when someone masks themselves as another user or domain Sometimes they create a new domain with slight spelling: example g00gle.com
Pulling Everything Together • Tools • Training • Policies • Practice
Other Things To Consider • Lots of laws govern data and privacy of data. Make sure your policies
Secure Email and File Sharing • When sending data via email, its best to encrypt it. • Never send PII data via email
Free Resources - Tenable • https://www.tenable.com/products/nessus/nessus- essentials?action=register
Some Recommended Security Tools
ESET Products https://www.eset.com/us/home-store/
Sophos Home https://home.sophos.com/en-us/free-anti-virus-windows.aspx
Proactive Scanning • Malwarebytes (Free): https://www.malwarebytes.com/
Proactive Cleaning • CCleaner (https://www.ccleaner.com/ ) • CleanMyMac (https://macpaw.com/cleanmymac )
Backups (Personal or Work) • Acronis True Image https://www.acronis.com/en-us/products/true-image/
How About Your Network?
Web Security – No Installs Needed https://www.opendns.com/
Open DNS • https://www.opendns.com/home-internet-security/
Setting It Up • It’s simple, you will just want to update your router’s DNS entry (or if you wanted, you can do this directly on the device you wish to protect) • 208.67.222.123 • 208.67.220.123
Your Wireless Router • Have your wireless connection protected by a password to join • Have your wireless password interface ALSO protect with a password (that isn’t the default password either)
Parental Controls
Email for Kids • There are service providers that can help manage kid’s emails and help protect them. • Google has an option where you can manage a Google Account for your child: https://support.google.com/families/answer/7103338?hl=en
Apple iOS Parental Controls • https://support.apple.com/en-us/HT201304 • https://www.apple.com/families/
Microsoft Families • https://account.microsoft.com/family/about
Google Families • https://support.google.com/families#topic=7327495 • https://families.google.com/familylink/
App Based Monitoring
AI Time
CyberSecurity - Computers In Libraries 2024
Small Library Wins • How can a small library take a successful cyber security approach • Use free open-source tools (OpenDNS for example) • Free Trainings • Ensuring things stay updated
Evolve Project | Brian Pichman 150 Some Thoughts IT Security Enhance IT Security and Administration • Eliminate repetitive tasks • Analyze Data to predict and prevent potential issues. • Enhance Security performing millions of analysis cycles to review network activity in real-time. • Automatically detect and prevent security threats. • Leverage Ai tools to better enhance your application develop to get in front of potential future security threats. • Monitor server and system logs in real-time and have Ai provide actionable data to correct identified issues. Leveraging the Power of AI
Evolve Project | Brian Pichman 151 Operational AI AI in use of Security
Evolve Project | Brian Pichman 152 Some Thoughts Dark Side of AI In Security • Can use tools like ChatGPT or similar to look at weak code and ask how to fix it … in hopes of tricking the AI to provide entry points • Remember how easy it was to see a malicious email because of grammar or spelling errors? AI fixes that (even tools like Grammarly have been helping) • Ai digests a vast amount of information and can write official looking emails posing as a leader of the college. • It also can provide harder to find details of staff that may be informative enough to answer security questions, etc. What Do Malicious Actors Do?
• Evolve Project • https://www.linkedin.com/in/bpichman • Twitter: @bpichman • Email: bpichman@evolveproject.org Brian Pichman Questions?

More Related Content

PPTX
AI Workshops at Computers In Libraries 2024
Brian Pichman
 
PDF
Osint
Kamal Rathaur
 
PDF
NcN2015. Técnicas OSINT para investigadores de seguridad.
Internet Security Auditors
 
PDF
Generative AI Models & Their Applications
SN
 
PPTX
ChatGPT.pptx
SomnathSinghari1
 
PDF
OSINT- Leveraging data into intelligence
Deep Shankar Yadav
 
PPTX
ChatGPT General Meeting
GDSC UofT Mississauga
 
PDF
Gpt models
Danbi Cho
 
AI Workshops at Computers In Libraries 2024
Brian Pichman
 
Osint
Kamal Rathaur
 
NcN2015. Técnicas OSINT para investigadores de seguridad.
Internet Security Auditors
 
Generative AI Models & Their Applications
SN
 
ChatGPT.pptx
SomnathSinghari1
 
OSINT- Leveraging data into intelligence
Deep Shankar Yadav
 
ChatGPT General Meeting
GDSC UofT Mississauga
 
Gpt models
Danbi Cho
 

What's hot (20)

PPTX
AI(artificial intelligence)
jithinsajan1
 
PPTX
Chatgpt ppt
BhaveshPatil649419
 
PPTX
OSINT: Open Source Intelligence gathering
Jeremiah Tillman
 
PPTX
Generative AI and law.pptx
Chris Marsden
 
PDF
Implications of GPT-3
Raven Jiang
 
PDF
Raspberry Pi IoT Projects
Rachardy Andriyanto
 
PDF
Generative AI For Everyone on AWS.pdf
Manjunatha Sai
 
PPTX
ChatGPT: The Hype vs Reality
Kristine Schachinger SEO and Online Marketing
 
PPTX
Malware classification using Machine Learning
Japneet Singh
 
PDF
AI in security
Subrat Panda, PhD
 
PPTX
OpenAI-Copilot-ChatGPT.pptx
Udaiappa Ramachandran
 
PDF
Chatbots 101
Venu Vasudevan
 
PDF
Kai Wang - AI for Innovation1.1r.pdf
SOLTUIONSpeople, THINKubators, THINKathons
 
PDF
Open Source Intelligence (OSINT)
festival ICT 2016
 
PPTX
Artificial Intelligence (AI) in National Security.pptx
Dr.A.Prabaharan Professor & Research Director, Public Action
 
PPTX
Introduction to ai (artificial intelligence)
gomzigautham
 
PDF
George Boretos & FutureUP-AI the big picture.pdf
SOLTUIONSpeople, THINKubators, THINKathons
 
PDF
Responsible AI
Neo4j
 
ODP
Malware Dectection Using Machine learning
Shubham Dubey
 
PDF
🤖 Understanding 4 Waves of AI
Abhinav Gupta
 
AI(artificial intelligence)
jithinsajan1
 
Chatgpt ppt
BhaveshPatil649419
 
OSINT: Open Source Intelligence gathering
Jeremiah Tillman
 
Generative AI and law.pptx
Chris Marsden
 
Implications of GPT-3
Raven Jiang
 
Raspberry Pi IoT Projects
Rachardy Andriyanto
 
Generative AI For Everyone on AWS.pdf
Manjunatha Sai
 
ChatGPT: The Hype vs Reality
Kristine Schachinger SEO and Online Marketing
 
Malware classification using Machine Learning
Japneet Singh
 
AI in security
Subrat Panda, PhD
 
OpenAI-Copilot-ChatGPT.pptx
Udaiappa Ramachandran
 
Chatbots 101
Venu Vasudevan
 
Kai Wang - AI for Innovation1.1r.pdf
SOLTUIONSpeople, THINKubators, THINKathons
 
Open Source Intelligence (OSINT)
festival ICT 2016
 
Artificial Intelligence (AI) in National Security.pptx
Dr.A.Prabaharan Professor & Research Director, Public Action
 
Introduction to ai (artificial intelligence)
gomzigautham
 
George Boretos & FutureUP-AI the big picture.pdf
SOLTUIONSpeople, THINKubators, THINKathons
 
Responsible AI
Neo4j
 
Malware Dectection Using Machine learning
Shubham Dubey
 
🤖 Understanding 4 Waves of AI
Abhinav Gupta
 
Ad

Similar to CyberSecurity - Computers In Libraries 2024 (20)

PPTX
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Brian Pichman
 
PDF
Securing and Safeguarding Your Library Setup
Brian Pichman
 
PPTX
Securing & Safeguarding Your Library Setup.pptx
Brian Pichman
 
PPTX
I’ve Been Hacked  The Essential Steps to Take Next
Brian Pichman
 
PPTX
Personal Internet Security Practice
Brian Pichman
 
PPTX
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
DOCX
Tarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur
 
PPTX
I’ve been hacked  the essential steps to take next
Brian Pichman
 
PPTX
It security the condensed version
Brian Pichman
 
PPTX
SAFETY, SECURITY AND ETHICS.ppttttttxxxx
anovalexter
 
PPTX
NumaanHuq_Hackfest2015
Numaan Huq
 
PPTX
Pichman privacy, the dark web, & hacker devices i school (1)
Stephen Abram
 
PPTX
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
PPTX
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
PDF
A Guide to Internet Security For Businesses- Business.com
Business.com
 
PPSX
November 2017: Part 6
seadeloitte
 
PDF
Data Breach Response: A Guide for Business
- Mark - Fullbright
 
PDF
Introduction to information security
Harish Jangid
 
PDF
Steps and Tips to Protect Yourself and your Private Information while Online....
Abzetdin Adamov
 
PPTX
Online privacy & security
Priyab Satoshi
 
Cybersecurity - Defense Against The Dark Arts Harry Potter Style
Brian Pichman
 
Securing and Safeguarding Your Library Setup
Brian Pichman
 
Securing & Safeguarding Your Library Setup.pptx
Brian Pichman
 
I’ve Been Hacked  The Essential Steps to Take Next
Brian Pichman
 
Personal Internet Security Practice
Brian Pichman
 
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
Tarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur
 
I’ve been hacked  the essential steps to take next
Brian Pichman
 
It security the condensed version
Brian Pichman
 
SAFETY, SECURITY AND ETHICS.ppttttttxxxx
anovalexter
 
NumaanHuq_Hackfest2015
Numaan Huq
 
Pichman privacy, the dark web, & hacker devices i school (1)
Stephen Abram
 
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
A Guide to Internet Security For Businesses- Business.com
Business.com
 
November 2017: Part 6
seadeloitte
 
Data Breach Response: A Guide for Business
- Mark - Fullbright
 
Introduction to information security
Harish Jangid
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Abzetdin Adamov
 
Online privacy & security
Priyab Satoshi
 
Ad

More from Brian Pichman (20)

PDF
Consumer Electronics Show – Innovating the Future: Transformative Technologie...
Brian Pichman
 
PDF
Charting Our Course- Information Professionals as AI Navigators
Brian Pichman
 
PDF
Uncharted Together- Navigating AI's New Frontiers in Libraries
Brian Pichman
 
PPTX
AI Coding, Tools for Building AI (TBLC AI Conference)
Brian Pichman
 
PPTX
Building Your Own AI Instance (TBLC AI )
Brian Pichman
 
PPTX
Community Health & Welfare: Seniors & Memory Care
Brian Pichman
 
PPTX
Robotics in Libraries - Education and Automation
Brian Pichman
 
PPTX
NCompass Live - Pretty Sweet Tech - Evolve Project
Brian Pichman
 
PPTX
AI tools in Scholarly Research and Publishing
Brian Pichman
 
PPTX
Tech Trends 2024 and Beyond - AI and VR and MOre
Brian Pichman
 
PDF
Content Creation and Social Media Tools for Libraries
Brian Pichman
 
PPTX
Artificial Intelligence (AI) – Powering Data and Conversations.pptx
Brian Pichman
 
PPTX
40 Day Challenge
Brian Pichman
 
PDF
NCompass Live: AI: The Modern Day Pandora's Box
Brian Pichman
 
PDF
Lets Chat AI - and Not Just ChatGPT
Brian Pichman
 
PDF
CES 2023
Brian Pichman
 
PDF
Lets Chat AI – And Not Just ChatGPT
Brian Pichman
 
PDF
STEM Programming Ideas at the Library.pdf
Brian Pichman
 
PDF
Getting Started With Using AI In Libraries (PLAN)
Brian Pichman
 
PPTX
Coding with Maker Tech
Brian Pichman
 
Consumer Electronics Show – Innovating the Future: Transformative Technologie...
Brian Pichman
 
Charting Our Course- Information Professionals as AI Navigators
Brian Pichman
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Brian Pichman
 
AI Coding, Tools for Building AI (TBLC AI Conference)
Brian Pichman
 
Building Your Own AI Instance (TBLC AI )
Brian Pichman
 
Community Health & Welfare: Seniors & Memory Care
Brian Pichman
 
Robotics in Libraries - Education and Automation
Brian Pichman
 
NCompass Live - Pretty Sweet Tech - Evolve Project
Brian Pichman
 
AI tools in Scholarly Research and Publishing
Brian Pichman
 
Tech Trends 2024 and Beyond - AI and VR and MOre
Brian Pichman
 
Content Creation and Social Media Tools for Libraries
Brian Pichman
 
Artificial Intelligence (AI) – Powering Data and Conversations.pptx
Brian Pichman
 
40 Day Challenge
Brian Pichman
 
NCompass Live: AI: The Modern Day Pandora's Box
Brian Pichman
 
Lets Chat AI - and Not Just ChatGPT
Brian Pichman
 
CES 2023
Brian Pichman
 
Lets Chat AI – And Not Just ChatGPT
Brian Pichman
 
STEM Programming Ideas at the Library.pdf
Brian Pichman
 
Getting Started With Using AI In Libraries (PLAN)
Brian Pichman
 
Coding with Maker Tech
Brian Pichman
 

Recently uploaded (20)

PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
Modernising the Digital Integration Hub
Daniel Toomey
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 

CyberSecurity - Computers In Libraries 2024

  • 7. Cloak of Invisibility Top reasons why people want to hide their IP address: 1. Hide their geographical location 2. Prevent Web tracking 3. Avoid leaving a digital footprint 4. Bypass any bans or blacklisting of their IP address 5. Perform illegal acts without being detected
  • 8. Onion Routing, Tor Browsing • Technique for anonymous communication to take place over a network. The encryption takes place at three different times: • Entry Node • Relay Node • Exit Node • Tor is made up of volunteers running relay servers. No single router knows the entire network (only its to and from). • Tor can bypass internet content filtering, restricted government networks (like China) or allow people to be anonymous whistle blowers. • Tor allows you to gain access to “.onion” websites that are not accessible via a normal web browser. • Communication on the Dark Web happens, via Web, Telnet, IRC, and other means of communication being developed daily.
  • 9. Cloak of Invisibility • How to hide yourself? • Private VPN • You want a TOTALLY anonymous service. • Look for one that keeps no log history (Verify via reviews) • Look at Bandwidth & Available Servers • Recommendations: • Private Internet Access (PIA) • TorGuard VPN • Pure VPN • Opera Web Browser • Avast AntiVirus (SecureLine) • Worst Case: Free WIFI
  • 10. Cloak of Invisibility • How Tor anonymizes – “You”. • How VPN keeps ”You” protected.
  • 11. Free WiFi • Sometimes a good alternative if you need to do something anonymously • Nothing is ever 100% anonymous • Some public wifi does track websites you access, what you do, etc. • Make sure your computer name you are using doesn’t include your actual name
  • 12. Best Tips and Practices for being Anonymized Do • Use a device that you’ve never signed into anything ”personal on”. • Pro Tip: buy a computer from a Pawn Shop or Garage Sale Don’t • While on a VPN or any other anonymous tool; don’t sign into personal accounts (banks, social media, etc). • If posting, don’t use anything that could be associated to you
  • 13. Easy Wins for Privacy • 10 Minute Email • https://10minutemail.com/ • Temporarily get an email box that’s anonymous and disappears after 10 minutes • Dr Cleaner (Mac) or Eraser (Win) can overwrite files on your computer with “blank” data to make file recovery near impossible. • Tools like Recuva is free softwares to allow you to restore deleted files.
  • 14. What People Pay For Your Data • https://www.fortinet.com/blog/industry-trends/the-true-value-of- data.html • Credit Card Numbers: 50 cents to 2.50 per card. • Bank Account Information (logins/information): $1.00 to $70 • Medical Records: $10-$20
  • 20. Google Isn’t Always Your Friend
  • 21. Tools For Use • Sites to protect yourself all the time (not free) • IdentityGuard.com • LifeLock.com • Sites to monitor when breached data gets related (this is free) • Haveibeenpwned.com • Password Management Sites (like lastpass.com) • Don’t have the same password for all your sites. • Don’t write your passwords down on a post-it-note and leave it at your desk
  • 24. Dual Factor Authentication • After logging in; verify login via Email, SMS, or an app with a code.
  • 25. Credit Card Tools for Online Shopping • Check out Privacy.Com • https://privacy.com/join/473XB
  • 26. Basic Tips • Accept only people you know to personal and professional accounts • Never click on links from people you don’t know. • Especially if they are using a url shortner: bit.ly, tinyurl.com, etc • https://www.urlvoid.com/ - test the website to see if its safe • https://www.site-shot.com/ get a screenshot of what will load on site • If there are people claiming to be you on social media, it’s best to get your account “verified” on those social media platforms • This lets users distinguish that you’re the actual official account • Dual factor authenticate all of your social media logins
  • 27. Checking Your Accounts / Name Online • Use this site to check your usernames: https://namechk.com/ • The next is a tool searches through your email with things you may have signed up for (I've paid for their premium service as well, not really worth it, the free does just fine) https://brandyourself.com/privacy-overview. • This tool: https://email-lookup.online/index.php searches public searches to see what links. Its similar to https://www.spokeo.com/email-search.
  • 29. Myths • I’m/my university not worth being attacked. • Hackers won’t guess my password. • I/we have anti-virus software. • I’ll/we know if I/we been compromised.
  • 30. Understanding Breaches and Hacks • A hack involves a person or group to gain authorized access to a protected computer or network • A breach typically indicates a release of confidential data (including those done by accident) • Both of these require different responses if breaches/hacks occur.
  • 31. The Costs Of Breaches • This year’s study found the average consolidated total cost of a data breach is 4.45 Million – Ones that use AI save 1.76 Million https://www.ibm.com/reports/data-breach • Data Breached Companies Experience… • People loose faith in your brand • Loss in patrons • Financial Costs • Government Requirements, Penalties, Fees, etc. • Sending of Notifications • Payment of Identity Protection or repercussions. https://betanews.com/2016/02/10/the-economic-cost-of-being-hacked/
  • 33. You as a Organization - Obligations • You are obligated to protect the data and privacy of: • Employees • Customers • Business Partners/Vendors/Etc. • Sometimes, we forget we house a lot of personal and identifying information about our employees and customers. • Employees Social/Payroll/HR • Customer Records/Accounts/History • What employees/customers are accessing on the web • A sniffing tool, key logger, or fake DNS redirects can monitor not only the sites people are accessing but what they use for their username / password
  • 34. Steps – Communication and Speed! • Communicate • People will ask “How long did you know XYZ happened” - know this information before communicating to them an attack occurred. • If you discover a breach, hack, or any other compromise that may have the impact of data being stolen or viewed, you MUST communicate quickly and effectively. • While every scenario is different and has different factors – groups that move faster with the information they know (as soon as they know it) they are generally better off long term (ie don’t’ wait months as you “investigate” the issue. Give people time to protect themselves) • Don’t over communicate and have one spokesperson • Be clear and concise. Too many details can be harmful.
  • 35. Other Points on Communication • Once you know a breach has occurred, by law you are required to inform customers if their data has been compromised. • Some states have deadlines of when the announcement has to be made • Every impacted person must be told that a data breach has occurred, when it occurred, and what kind of information was compromised. • Answer: what are you doing to provide a remedy and should they do • (next slide)
  • 36. what are you doing to provide a remedy and should they do You as the Organization • Build a website with information about the breach • Offer a Toll Free number people to call in for questions • If the possibility of social information provide contact information for Equifax, Experian and Transunion, and the quick links for fraud protection. Them as Impacted Parties • Fraud Protection (if necessary) • Request them to change their passwords if their password was compromised • Highlight if they use this password on OTHER sites to change those passwords too
  • 39. Step 2 - Investigate • You will most likely need to hire an outside cyber security firm – they have the tools and resources to track what might have been stolen and who stole it. • Solve which computers and accounts were compromised, which data was accessed (viewed) or stolen (copied) and whether any other parties – such as clients, customers, business partners, users, employees. Was the stolen data encrypted or unencrypted? • Also involve folks from the people you pay for services (depending on where the breach occurred) such as ISPs, Web Hosting Providers, Security Software, Firewall Vendors, etc. • Contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance
  • 40. Step 3 – More Communication and Follow Up • If you notify more than 500 impacted people from a breach, many states will also require you to file a notice with your state attorney general’s office. • HIPPA, FERPA, CIPA, and all those other scary acronyms have requirements and regulations – make sure none of those rules are violated.
  • 41. Legal Stuff • There are a lot of laws that help a certain level of security standards. The landscape of these laws is evolving as the level of threats increase. • There is compliance standards that organizations should reach for security as well – as a precaution and preventive measure to mitigate risk. • The ISO/IEC 27000 family of standards helps organizations keep information assets secure. • https://www.iso.org/isoiec-27001- information-security.html
  • 42. Don’t Let This Happen:
  • 45. What Are Tools Death Eaters use?
  • 46. Spells: • Man in the Middle • Sitting between a conversation and either listening or altering the data as its sent across. • DNS Spoofing (https://null-byte.wonderhowto.com/how-to/hack-like-pro-spoof-dns- lan-redirect-traffic-your-fake-website-0151620/) set up a fake website and let people login to it. • D/DoS Attack (Distributed/Denial of Service Attack) • Directing a large amount of traffic to disrupt service to a particular box or an entire network. • Could be done via sending bad traffic or data • That device can be brought down to an unrecoverable state to disrupt business operations. • Sniffing Attacks • Monitoring of data and traffic to determine what people are doing.
  • 48. BackTrack can get you ALOT • BackTrack was a Linux distribution that focused on security based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribution and released it under the name Kali Linux. https://en.wikipedia.org/wiki/BackTrack
  • 50. “Cool” Hardware https://krebsonsecurity.com/2016/08/road-warriors-beware-of-video-jacking/ Be careful when plugging your device in o public USB Outlet… Either read the data on your device OR Record your screen ->
  • 54. Hacked WiFi – Cain and Abel
  • 56. Why have a policy? Staring Will Ferrell ….
  • 57. Increases Efficiency • Having a security policy allows you to be consistent in your approach to issues and how processes should work. • It should outline how and what to do, and repeatable across your organization. • Everyone is doing XYZ the same way and on the same page.
  • 58. Accountability, Discipline, and Penalties • Think of it as a contract – for legal purposes – that you have taken the steps needed to secure your organization.
  • 59. Education For Employees • By reading these policies (and signing them), it helps educate employees (and users) the sense of ownership for assets and data. • Everything from advice on choosing the proper passwords, to providing guidelines for file transfers and data storage, internet access and rules, will help to increase employees’ overall awareness of security and how it can be strengthened
  • 60. Addresses Threats and Risks • A good policy should address all threats, strategies to decrease the vulnerabilities of those threats, and how to recover if those threats became actionable. • This makes the “what do we do if someone hacks our network” a defined process already and who to call and what to do to mitigate further damage.
  • 61. Access Definitions and Permissions • A good policy would outline who accesses what and why. This makes reporting a security violation easier and streamlined. • Policies are like bouncers at a night club • It states who has access to the VIP section of the club, why, and any reasons to allow entry. • Without these rules, VIP wouldn’t be really VIP.
  • 63. Types of Policies • Organizational (or Master) Policy • Serves as the foundation or blueprint for the whole organization’s security policy. It is a strategic plan for how to implement and maintain security throughout the organization. • Think of it as a high-level document that includes the vision, objectives, scope, and expendabilities. • System-specific Policy • Is usually concerned with a specific system (such as an ILS) or computer system. It is meant to outline the approved software, hardware, and methods to secure that system. • Issue-specific Policy. • These are more detailed and focused on a functional aspect of a role, process, or procedure. This helps detail the required levels of security as well as instructions for staff (and patrons) to abide by to achieve this level.
  • 64. To Include • Security Standards • Outline the rules, instructions, and actions required to meat the goals and objectives. • These can be tied to laws or regulations • Baselines • Identify the minimum level of security required – and everything must comply to that minimum. Exceptions should be minimal if nonexistent. Evaluations or audits must be routinely done – ideally by a third party consultant or a security team. • Guidelines • Practical instructions and recommendations to meet the standards and baselines. Usually written as operational guides. • Procedures • Usually documented in an appendix. A security policy at a high level contains general directives, the procedure is very detailed and illustrates step-by-step of how to do specific tasks.
  • 65. Putting It Together • Your security policy can include “maintain a malware-free computer system”. • The standard would be: all computers must have antivirus installed and updated. • The baseline states that the computer must be at minimum fully patched, antivirus installed, updated within the last 7 days. • Guidelines could be: • Don’t open untrusted emails and attachments • Don’t disable or hinder antivirus protection • Procedure would document how to install the antivirus, how to maintain updates, etc.
  • 66. Types of Issue Specific Policies • Change Management Policy • What happens when a system is upgraded. • Physical Security Policy • Can you take company owned assets off network? • Can your kids use the equipment? • Email Policy • What can be sent out? What can be downloaded? • Internet Policy • What can you access and why? What happens if something is blocked? • Facebook – Allowed for Work? *Facebook can contain malicious links*
  • 67. Must Have Policies: • Media Disposal Policy / Data Retention Policy • What do you do with old computer assets? • How long do you back-up and retain “old” files • Acceptable Use Policy (very common) • The ”Do’s and Don’ts” of equipment/internet/etc. • Access Control Policy (often part of new hire/term processes) • Who has access to what, how is access controlled, how is access terminated / created. • Disaster and Recovery / Incident Response Plans
  • 68. Policies on Websites • Terms and Conditions • What will be done with accounts, data, access information • Privacy Policies and Cookies • If you use Google Analytics you might want to call attention to it. • IP Address logging? • Links to third party websites – who is responsible?
  • 69. Other Policies • Training Process • How do you do training on security, how frequently, what scores should there be? • Information • How should information be protected and monitored? • Vendors • What kind of access is given to vendors. What is the “approval” process
  • 70. Patrons! • It’s important to put a policy in place and best practice for patrons – to help limit liability on the library. • At the end of the day, access to the internet and computer systems is a privilege and not a right. • Asset Usage and Internet Usage: • Do’s and Don’ts – They have to agree and violations are met with restriction of usage or removal of access. • What happens if they use it for “illegal” purposes?
  • 71. Policies Help Protect Important Data (or a book of monsters)
  • 73. Why do People Attack? • Financial Gain • Stocks • Getting Paid • Selling of information • Data Theft • For a single person • For a bundle of people • Just Because • Malicious
  • 74. How to navigate and prevent wrong turns • Who are the people we’re trying to avoid? Hacker Groups • Lizard Squad. ... • Anonymous. ... • LulzSec. ... • Syrian Electronic Army. ... • Chaos Computer Club (CCC) ... • Iran's Tarh Andishan. ... • The Level Seven Crew. ... • globalHell.
  • 75. So what Do You Need to Protect? • Website(s) • All Stored PII Data • Employee Computers • And what they do on them • User Computers • And what they do on them • Network • And what people do on them • Stored Data, Files, etc. • Business Assets • Personal Assets • ….anything and everything that is plugged in…
  • 76. Outside • Modem Router Firewall Switches • Servers End User • Phones • Computers • Laptops
  • 77. Outer Defenses (Routers/Firewalls) • Site to Site Protection (Router to Router or Firewall to Firewall) • Encrypted over a VPN Connection • Protection With: • IDS • IPS • Web filtering • Antivirus at Web Level • Protecting INBOUND and OUTBOUND
  • 78. Unified Threat Management • Single Device Security • All traffic is routed through a unified threat management device.
  • 79. Areas of Attack On Outer Defense External Facing Applications • Anything with an “External IP” • NAT, ONE to ONE, etc. • Website • Custom Built Web Applications or Services Internal Applications • File Shares • Active Directory (usernames / passwords) • User Records • DNS Routing • Outbound Network Traffic • Who is going where
  • 80. Inner Defenses (Switches/Server Configs) • Protecting Internal Traffic, Outbound Traffic, and Inbound Traffic • Internal Traffic = device to device • Servers • Printers • Computers • Protected By: • Software Configurations • Group Policy • Password Policy • Hardware Configurations • Routing Rules
  • 82. IT Admin Tricks for Security • Administrative Accounts are easy to figure out if they are something like “administrator” ”root” or “power users”. At the same time, no employee should have their account as a full admin. • Instead, give them their own username for admin access (like brian.admin) • Change the default “login” pages for sites to something that’s not www.mysitename.com/login. Bots look for this and attack. • My Drupal Site login page is www.evolveproject.org/catpower • User Awareness is key to any secure organization. Teach users how to identify potential threats and how to respond quickly. • Avoid shared accounts. One account should only be used by one person.
  • 84. Updates, Patches, Firmware • Keeping your system updated is important. • Being on the latest and greatest [software/update/firmware] isn’t always good. • Need to test and vet all updates before implementation • If you can – build a dev environment to test and validate.
  • 85. Casper Suite / JAMF - https://www.jamf.com/products/jamf-pro/
  • 88. Protecting End Devices • Protecting Assets • Business Assets • Thefts • Hacking • Personal Devices • Security Risk • Usually pose an INBOUND threat to your network
  • 90. Dual Factor is the Patronus of Spells It helps guard your account with one extra layer of protection against the strongest of dark forces
  • 91. Passwords • Let’s talk about Passwords • Length of Password • Complexity of password requirements • DO NOT USE POST IT NOTES
  • 92. Advance Cyber Protection Tools • MDR / NDR Solutions (Managed Detection Response / Network Detection Response) • Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. • Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.
  • 95. Your Security is as Strong As the Weakest Link
  • 101. Identifying Threats • “Act of God” • Tornado, Flood, Fire • ”Act of Evil” • Break-ins, Hacking, Physical Damage, Viruses • “Act of Error” • Accidental Deletions, Hardware Failure, Software Glitches • Loss of Services (could be caused by above) • Internet, Power, Heating/Cooling, Phone, Building Issues
  • 102. Recoverable Risks • Risks with Provided Services: • Internet • Phone • Power • Risks with Created Data • Corruption • Loss • Risk with Owned Systems • Errors or Corruption • Failure or Loss
  • 107. A Good recovery plan includes • Monitoring • Systems need to be actively monitored • Recoverable Backups and Systems • Systems need to have data backed up • Redundancy • Systems need to be redundant to mitigate risk of device or service failure, having failover devices and services is important to ensure uptime. • TESTING • I’m going to say this a few times.
  • 108. A Disaster Plan Is About • Ensuring Redundancy and Recovery • Planning and Preparation: • Risk Management • Risk Assessment • Risk Mitigation • Business Continuity • If a Disaster Occurs: • Response • Relief • Recovery • Restoration
  • 109. ISPs Modem Firewall Switches Servers Computers Modem Most latest gen firewalls are able to handle two internet connections and “round-robin” and do “failover” Usually pick two different mediums: Cable Telephone Satellite … Having two different internet connections across two different modems will help mitigate risk of a Service Provider Failure Other considerations include hardware failure and redundancy. Having a spare firewall (or using two firewalls to load balance) can help mitigate risk.
  • 110. Data Is Expensive • Financial Records for 7 years • SOX ( Sarbanes–Oxley Act of 2002 ) • Cost of a “data record” • On average, the cost of such a record containing healthcare information is $363 (and also employee records are known to be this much if including social information • At the end of May 2015, the Ponemon Institute released its annual “Cost of Data Breach Study.” Researchers estimated that the average cost of each lost or stolen record containing sensitive and confidential information was $154. • Verizon has the concept from a per-record perspective, claiming an average cost of just 58 cents for each lost or stolen file.
  • 112. What can Happen to My Data? • It can be corrupted! • Someone makes changes to a file. Accidental deletion, purposeful manipulation, script goes rouge. • Can impact system performance • It can be lost! • Server goes down, disappears, etc. • Spreadsheets, employee files, payroll, flyers, data about events • Website Data, Catalog Data, Hosted Applications…gone! • Email! • Hardware failure
  • 114. Monitoring Is Important • Monitor your servers to prevent issues before they happen. Things to monitor for: • Network Drops (means it can be device failure or network issue) • Temperature of Devices (prevent overheating) • Server Processes (if a server is running to high for too long something could be wrong) • Storage Space (running out of space can corrupt an entire system) • Memory Usage • Database Errors
  • 116. NIAGOS
  • 118. Test Your Plan • Test Your Back Ups • Do a recovery on a different server to ensure accuracy and time how long it takes to recover • Test Your Redundancy • Remove a network, server, and determine if fail over occurs. • Time these! • Test Test Test.
  • 119. Layout of a “Disaster Plan”
  • 121. AI and Cyber Security • AI is making Phishing Attacks harder to spot -> since AI can clean up grammar errors, make better call to actions, etc • How will the use of Chat GPT, etc. impact Cybersecurity? • How will AI affect libraries and their resources?
  • 123. Attacks we commonly see through e-mail
  • 124. Impersonation Some people will create emails of VIPs to trick you into getting a message to them
  • 125. Spoofing Is when someone masks themselves as another user or domain Sometimes they create a new domain with slight spelling: example g00gle.com
  • 126. Pulling Everything Together • Tools • Training • Policies • Practice
  • 127. Other Things To Consider • Lots of laws govern data and privacy of data. Make sure your policies
  • 128. Secure Email and File Sharing • When sending data via email, its best to encrypt it. • Never send PII data via email
  • 129. Free Resources - Tenable • https://www.tenable.com/products/nessus/nessus- essentials?action=register
  • 133. Proactive Scanning • Malwarebytes (Free): https://www.malwarebytes.com/
  • 134. Proactive Cleaning • CCleaner (https://www.ccleaner.com/ ) • CleanMyMac (https://macpaw.com/cleanmymac )
  • 135. Backups (Personal or Work) • Acronis True Image https://www.acronis.com/en-us/products/true-image/
  • 136. How About Your Network?
  • 137. Web Security – No Installs Needed https://www.opendns.com/
  • 139. Setting It Up • It’s simple, you will just want to update your router’s DNS entry (or if you wanted, you can do this directly on the device you wish to protect) • 208.67.222.123 • 208.67.220.123
  • 140. Your Wireless Router • Have your wireless connection protected by a password to join • Have your wireless password interface ALSO protect with a password (that isn’t the default password either)
  • 142. Email for Kids • There are service providers that can help manage kid’s emails and help protect them. • Google has an option where you can manage a Google Account for your child: https://support.google.com/families/answer/7103338?hl=en
  • 143. Apple iOS Parental Controls • https://support.apple.com/en-us/HT201304 • https://www.apple.com/families/
  • 145. Google Families • https://support.google.com/families#topic=7327495 • https://families.google.com/familylink/
  • 149. Small Library Wins • How can a small library take a successful cyber security approach • Use free open-source tools (OpenDNS for example) • Free Trainings • Ensuring things stay updated
  • 150. Evolve Project | Brian Pichman 150 Some Thoughts IT Security Enhance IT Security and Administration • Eliminate repetitive tasks • Analyze Data to predict and prevent potential issues. • Enhance Security performing millions of analysis cycles to review network activity in real-time. • Automatically detect and prevent security threats. • Leverage Ai tools to better enhance your application develop to get in front of potential future security threats. • Monitor server and system logs in real-time and have Ai provide actionable data to correct identified issues. Leveraging the Power of AI
  • 151. Evolve Project | Brian Pichman 151 Operational AI AI in use of Security
  • 152. Evolve Project | Brian Pichman 152 Some Thoughts Dark Side of AI In Security • Can use tools like ChatGPT or similar to look at weak code and ask how to fix it … in hopes of tricking the AI to provide entry points • Remember how easy it was to see a malicious email because of grammar or spelling errors? AI fixes that (even tools like Grammarly have been helping) • Ai digests a vast amount of information and can write official looking emails posing as a leader of the college. • It also can provide harder to find details of staff that may be informative enough to answer security questions, etc. What Do Malicious Actors Do?
  • 153. • Evolve Project • https://www.linkedin.com/in/bpichman • Twitter: @bpichman • Email: [email protected] Brian Pichman Questions?

Editor's Notes

  • #10: http://www.pcmag.com/article2/0,2817,2403388,00.asp
  • #49: https://en.wikipedia.org/wiki/BackTrack
  • #59: Need to define penalties when violations occur. People need to know the consequences are for failure to comply – both from a legal and HR standpoint or even access permissions. Policies and procedures provide what the expectation is and how to achieve that expectation. It should define what the consequence are for failure to adhere.
  • #75: These are also the people that use TorBrowser as well to hide themselves
  • #77: Infrastructure: Network (Switches, Routers, Firewalls, Modem) WiFi Network VPN Connections Servers (File Storage, Active Directory, Application Servers). Phone System, Security System, Website, etc. End Clients End User PCs and other Peripherals Copiers, Scanners, Printers Software
  • #151: One area that I've found extremely beneficial with Ai is to leverage it to get in front of IT Security issues. I've led multiple IT teams and know that trying to keep track of all the vulnerabilities, review all the logs, and really monitor and lock down all the users of the network is near impossible. It would take an army to be really good at it..  But Tools such as DarkTrace, Cylance, Sentinel One, offer Ai based tool sets that do just this with realtime monitoring to keep your network secure and get in front of various issues that may occur.  
  • #152: Tool that we use at IVCC We have DarkTrace implemented at IVCC and the toolset leverages Ai to trend and analyze user behavior and alert when uncharacteristic patterns occur for a specific user. And at times lock down those activities. Talk about how it can leverage Ai in examples, like email sending or file copying etc.
  • #153: Just run with this one..  and talk about how Ai can harvest data and that you should keep your data secure. Talk about editing Website Content and using the NoRobots.txt file to prevent being indexed by Ai.. Also using the Meta Tag of NoIndex to tall bots to not index specific content on your website. Some websites that exist do not have this and there entire site is being indexed by Ai and Search Engines which can make hacking even easier.