Cyber Security

FREE

With experts stating that Cybercrime damages are estimated to exceed $6 trillion this year, our organization invests in cybersecurity infrastructures to protect our customer's data as well as our own, from cyber attacks.

The first step to avoid a cyber attack is to understand how they work which we will cover in this lesson -- once you understand them, you'll find it pretty easy to identify them too!

What are the common goals of criminals behind a cyber attack?

Malware

Social Engineering This is the process of psychologically manipulating people into divulging personal information Phishing is also falls under this cyber attack type, which takes advantage of people’s natural curiosity or trust. An example of an advanced social engineering is through voice manipulation. In this case, cyber criminals take your voice from sources such as social media. By manipulating it, criminals can pretend as you to call your friends and relatives to gain your credit card, or other sensitive information!

Man-in-the-Middle Attack

Preventing Unauthorized Software from Accessing Your Computer

In this lesson, we will cover some of the best tips and tricks to prevent unauthorized software such as malware and viruses from accessing your computer, or your company's network. Ready? Hit the button below to proceed!

Sample notification for Mac computers

Sample notification for Windows computers

Keep the firewall on! If you're familiar with a firewall's concept, you should know its significance as well. Think of firewalls as protective layers between your computer and the internet -- cool, right? Aside from acting as a protective wall, firewalls also track and scan all the data exchanged between a computer and a server. When your firewall identifies a threat, it can immediately notify you, allowing you to easily stop threats in the form of viruses or malware!

How does a firewall prevent unauthorized software from accessing your computer? Select all that applies

TIP NO. 1 Protect Company Data Within the Workspace

Remember these points to keep your workspace secure:

Lock your computer when you're stepping away from your desk -- you can also set up your computer to require a password when unlocking or waking up the computer.

Always clean up your materials after a meeting to avoid having sensitive files laying around.

After printing, copying, or faxing, pick up your documents right away and avoid letting them sit in the machine where other people can see them.

Ensure that sensitive company documents are stored in secure locations, whether they're digital or physical.

Always stay aware of your surroundings.

What are the essential data that you need to take when keeping an inventory of information?

Keep your mobile device with you at all times. In public transportation or airports, avoid checking it in with your baggage.

When travelling by car with your laptop, put it in the trunk of the vehicle and take it with you when you arrive at your final destination.

Avoid storing your password or backups on your mobile devices.

Ensure that company devices such as laptops and phones are locked up or in your personal possession when away from the office.

TIP NO. 5 Recognize Social Engineering Similar to solving a puzzle, social engineers take information from their victims by gathering pieces of information from different sources. This includes your social media profiles, as well as other information about your organization. Since people may not always be who they claim to be, always verify someone's identity before providing any information! If someone you do not know claims to be a colleague at work, you can: • Call the person back using their work number • Send a code word or number to their company email address and ask them to call back with it

How to Avoid Social Engineering and Phishing Social engineering is the art of manipulating people to gain confidential information from them. The types of information that the criminals who perform these attacks may vary; but most of the time, these attacks try to trick you into getting your bank information or access your computer. Criminals use social engineering as they discovered that it's easier to exploit your natural inclination to trust than it is to discover ways to hack your software! In this lesson, we'll cover what social engineering and phishing attacks can look like and how you can avoid them! Ready? Hit that button to proceed!

Contain a link One that you'll probably check out since it came from a friend -- clicking that link can be the attack itself, allowing the attacker's program to steal information from your account.

Contain a downloadable file Where the attacker's malicious program is most likely placed; letting it into your computer after downloading it, and also forward the same attack to your contacts.

WHAT SOCIAL ENGINEERING AND PHISHING ATTACKS LOOK LIKE Email from another trusted source

People who often take the bait may have their device infected with malicious software that can... • Generate new exploits against themselves and their contacts • Lose their money over purchases they never made • Or, if they are foolish enough to pay with a check, may find their bank account empty!

What to do with suspicious emails: • ** Do not open the email, especially if they're from someone you do not know.** If it seems fishy, it probably is! Report the message as spam or delete it immediately and move on. • Never open attached files from emails that you were not expecting. Most malware are sent as attachments and can seriously damage your computer. Scan the attachments with your antivirus software first if you really need to open them.

What are the best actions to take when you find a suspicious email in your inbox? Select all that applies

Do not give your email address to sites you do not trust.

Avoid posting your personal email address to public places such as message boards, social media comments, or even your personal website.

Keep your personal email private except for people that you really want to hear from -- set up a second email account for registering for public websites.

Avoid using your personal email address when buying a product from a site for the first time or signing up for a new service.

Tip no. 1 Use different passwords for accounts that contain sensitive and personal information We've placed this tip first on the list because we simply can't emphasize this tip hard enough. If the same password is used across multiple accounts and it gets cracked, ALL of your accounts become vulnerable! Just as you use different keys for different places, use different passwords to protect important accounts!

Who should we share our passwords to?

TIP NO. 6 If you need help remembering your passwords (and who doesn’t these days, right?) consider using a PASSWORD MANAGER. What's a password manager?

Password managers are software application designed to store and manage your credentials and help generate passwords as well. ‎ Usually, these passwords are stored in an encrypted database and locked behind a master password.

The Risks The risks of visiting malicious, criminal, or inappropriate websites include: • Viruses and spyware -- collectively known as malware • Phishing attempts to obtain your personal or financial information and possibly steal your identity. • Fraud, from fake shopping, banking, charity, dating, gambling and other websites. • Exposure to unexpected inappropriate content. ‎ When you use the internet, your browser keeps a record of which sites you have visited in its 'history'. That history is visible to your Internet Service Provider, who will record details of your internet usage in accordance with legal requirements.

Use your instincts and common sense -- immediately leave and avoid using a website if you feel that something's off with it.

Check for the presence of an address, phone number, or email contact as they often indicate if the website is genuine. If in doubt, send an email or call to establish authenticity.

Do not enter personal information on a site if there is NO padlock in the browser window or "https://" at the beginning of the web address to signify that it is using a secure site.

Websites that request more personal information than you would normally expect to give, such as user name, password, or other security details in full are probably malicious -- it would be best to stay away from them.

Rely on professional advice before making investment decisions. Sites that hype investments for fast or high return – whether in shares or alleged rarities like old wine, whisky, or property – are often fraudulent.

Carry out a web search to see if you can find out whether a website is fraudulent or not if you're suspicious of a website.

Be wary of websites that are advertised in unsolicited emails from strangers.

What are the indicators of a secure website? Select all that applies

Set your browser to warn you when a cookie is installed. Note that some sites will not work if you block cookies completely.

Some browsers will let you enable and disable cookies on a site by site basis so you can allow them on sites you trust.

Use an anti-spyware program that scans for so-called tracker cookies.

Use cookie management programs that can delete old cookies and help manage them.

Creating an Effective Document Management Strategy for Your Business If you are planning to start up a business, it is important to consider having a Document Management Strategy. Why? Because not having one can actually put your organization at unnecessary risk of losing data, and can decrease the efficiency of your business! Other than that, having a document management strategy can help provide benefits to your organization such as: • Improved access to information • Reduced operating costs • Reduced litigation risks • Secured critical information In this lesson, we'll cover the steps that you need to create, and implement a document management strategy for your business! Ready? Hit the button below to proceed!

Why is it important to have your project team made-up of people from different departments?