creating a cyber aware culture in your small business€¦ · creating a cyber aware culture in...
TRANSCRIPT
![Page 1: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/1.jpg)
SIGNATURE SPONSOR CONTRIBUTING SPONSOR Strategic Partner
Creating A Cyber Aware Culture in Your Small Business
Webinar will begin promptly at 2pm Eastern*All speakers will remain muted until that time
Presented By:
![Page 2: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/2.jpg)
![Page 3: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/3.jpg)
National Cyber Security Alliance’s Small Business Week Initiatives and Resources: www.staysafeonline.org
![Page 5: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/5.jpg)
Goal of 5-Step Approach Is Resilience
Know the threats and Identifyand Protect your assets
Know what recovery looks like & prepare
Detect problems and respondquickly and appropriately
Thanks to ourNational Sponsors
![Page 7: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/7.jpg)
$17 Trillion
7
![Page 8: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/8.jpg)
8
Ponemon Institute's 2017 State of Cybersecurity in Small & Medium-Sized Businesses
58%of malware
victims are
small
business
$2.2Mave. cost of
cyber attack
to SMB
$6Tglobal cost
of
cybercrime
by 2021
![Page 9: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/9.jpg)
DOH! 95%of all security
incidents involved
some form
of human error
Source: IBM Security Services 2016 Cyber Security Intelligence Index
![Page 10: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/10.jpg)
UGH! 91%of all breaches started
with a spear phishing
Source: Trend Micro
![Page 11: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/11.jpg)
![Page 12: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/12.jpg)
People
Page 12
OffboardingOnboarding
Training
Background
Checks
Phishing
SimulationsCulture
![Page 13: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/13.jpg)
Process
Page 13
Access
Controls
Encryption/
File
Transfer
BYOD
Patching/
Updates
Password
Policy
Virtual
Private
Networking
(VPN)
Verification
![Page 14: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/14.jpg)
Technology
Page 14
Internet
Proxy/
Content
Filter
Data
Encryption
Anti-virus
Backups
Firewalls
Virtual
Private
Networking
(VPN)
Filtering
BYOD
![Page 16: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/16.jpg)
The Michigan SBDC
Funded through a cooperative agreement with the:
• U.S. Small Business Administration (SBA)
• Michigan Economic Development Corporation (MEDC)
• Matching funds from Local Network partners in each region.
![Page 17: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/17.jpg)
www.SmallBusinessBigThreat.com
A program of
![Page 18: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/18.jpg)
Organizational culture encompasses values and behaviors that contribute to the unique social and psychological environment of a business. The organizational culture influences the way people interact, the context within which knowledge is created, the resistance they will have towards certain changes, and ultimately the way they share (or the way they do not share) knowledge.
-Wikipedia
The team members needs to understand:
• What is it that we are doing?
• Why are we doing what we are doing?
• How do I personally fit into it?
![Page 19: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/19.jpg)
What is phishing?
• A type of social engineering attack• Other forms of phishing
• Spear Phishing
• Whaling
• Vishing
• Other forms of social engineering• Tailgating
• Pretexting
![Page 20: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/20.jpg)
What can you do about phishing?
• Educate your employees:• Think before you click
• Pick up the phone
• Do not give out their passwords and usernames to others
• Report a visitor or guest who is acting suspicious, provide great customer service
• Trust but verify
![Page 21: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/21.jpg)
What is malware?
• Malware• Virus
• Trojan Horse
• Rootkit
• Bots
• Worms
• Spyware
![Page 22: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/22.jpg)
What can you do about malware?
• Implement an anti-virus and an anti-malware program on all your devices
• Verify software before downloading and installing
• Think before you click
• Backup your critical data
![Page 23: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/23.jpg)
What is ransomware?
• Ransomware• A type of malware that typically encrypts data on your computers,
storage devices, network devices, etc.
• Once encrypted, the attacker asks for a “ransom” usually bitcoin to unlock the data.
![Page 24: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/24.jpg)
What can you do about ransomware?
• Employee awareness and training
• Think before you click
• Minimize opening files in emails
• Deploy security tools to analyze incoming emails for dangerous links and files
• Have regular (daily) backups of data that are separated from infected files
![Page 25: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/25.jpg)
What is VPN?
• VPN (Virtual Private Network)• Not just for off-site accessing in site resources… but critical for
employee ability to connect to your network off-site.
• Encrypts communication between your device and your data
![Page 26: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/26.jpg)
What is a firewall?
• Firewalls• What does it actually do?
• Helps prevent unauthorized access to your network or computers
• Hardware vs Software• Hardware firewalls are physical appliances installed on your network
• Software firewalls are installed on your computer
![Page 27: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/27.jpg)
What can firewalls do?
• Block unauthorized access to your computer or to your network
• Assist in preventing hackers from infiltrating your network
• Properly configured firewalls are vital assets, while improperly configured firewalls are a disaster waiting to happen
![Page 28: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/28.jpg)
What is a password manager?
• Password Mangers• Save passwords in a secure encrypted “vault”
• Easily manage usernames & passwords
![Page 29: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/29.jpg)
What can password managers do?
• Help you create complex passwords
• Remember what logins the passwords are for
• Allow you to only have to remember one complex password, which is used to login to your password manager
• Some password managers let you save to the cloud allowing you to access your passwords from multiple devices, while others save a file to a specific device that can only be accessed with that device
![Page 30: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/30.jpg)
What is multi-factor authentication?
•Adds additional layers of security• Something you have
• USB Dongle
• Card Swipe
• Something you know• Username
• Password
• Something you are• Fingerprint
• Facial Recognition
![Page 31: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/31.jpg)
What can multi-factor authentication do?
• Help prevent unauthorized access
• Send alerts if someone is trying to login to one of your accounts
• Accounts to use Multifactor on• Banking % financial Accounts
• Health/medical accounts
• Insurance accounts
• Social media
• Business accounts
• Network and system accounts
![Page 32: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/32.jpg)
Resources
• Small Business, Big Threat (Michigan SBDC)• https://smallbusinessbigthreat.com
• Small Business Administration (SBA)• https://www.sba.gov/managing-business/cybersecurity
• United States Computer Emergency Readiness Team (US-CERT)• https://www.us-cert.gov/security-publications• https://www.us-cert.gov/ncas/tips
• SANS Institute• https://www.sans.org/security-resources/policies
• Federal Trade Commission (FTC) • https://www.ftc.gov/tips-advice/business-center/small-
businesses/cybersecurity
• National Cyber Security Alliance • https://staysafeonline.org/
![Page 34: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/34.jpg)
Creating A Cyber Aware Culture In Your Small Business
Sarah ChoiFederal Trade Commission
May 7, 2019
The views expressed are those of the speaker, and do not necessarily represent the views of the Commission or any individual Commissioner.
34
![Page 35: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/35.jpg)
35
![Page 36: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/36.jpg)
36
FTC.gov/SmallBusiness
![Page 37: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/37.jpg)
37
Small Business Discussion Guide for Employers
![Page 38: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/38.jpg)
38
Cybersecurity and Your Small Business GuideOctober 2018
![Page 39: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/39.jpg)
39
Small Business Cybersecurity’s Twelve Modules
![Page 40: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/40.jpg)
40
Phishing Fact Sheet
![Page 41: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/41.jpg)
41
Phishing Quiz
![Page 42: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/42.jpg)
42
business.ftc.gov
![Page 43: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/43.jpg)
43
Scams and Your Small Business GuideMay 2018
![Page 44: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/44.jpg)
Start with Security: A Guide for Businessftc.gov/startwithsecurity
• Lessons learned
from FTC data
security cases
• 10 actionable steps
that companies can
take for better data
security
44
![Page 45: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/45.jpg)
11 Videos Covering the Start with Security Principles
![Page 46: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/46.jpg)
46
Stick with Security: A Business Blog Seriesftc.gov/stick-with-security
![Page 47: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/47.jpg)
Protecting Personal Information: A Guide for Business
1. Take Stock.
2. Scale Down.
3. Lock It.
4. Pitch It.
5. Plan Ahead.
47
![Page 48: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/48.jpg)
Data Breach Response: A Guide for Business
• Guidance for businesses if you discover a data breach
• Explains steps to take and who to notify
48
![Page 49: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/49.jpg)
49
![Page 50: Creating A Cyber Aware Culture in Your Small Business€¦ · Creating A Cyber Aware Culture in Your Small Business Webinar will begin promptly at 2pm Eastern *All speakers will remain](https://reader030.vdocument.in/reader030/viewer/2022041013/5ec3d2adffe5527afd0b41dd/html5/thumbnails/50.jpg)
National Cyber Security Alliance
www.staysafeonline.org/cybersecure-business
https://smallbusinessbigthreat.com/
Creating a Cyber Aware Culture in Your SMB
www.ftc.gov/smallbusiness
SIGNATURE SPONSOR CONTRIBUTING SPONSOR Strategic Partner