Backing Up Your Data
Businesses collect and maintain records on paper and electronically that must be maintained. Having duplicate copies of your most important information saved at a remote location is critical not if but when something goes wrong with your computer systems. This course will provide sound backup strategies; describe best practices on how to protect backup media; and explain test procedures to ensure your data can be restored from backup media.
Breaking Down Cloud Security
Many organizations are moving to the cloud and they need to do so with their eyes wide open. Some organizations and IT administrators may fear the cloud, but we all use cloud services in some way. Our organizations want to take advantage of the financial and operational benefits of cloud computing, but not expose our organizations to undue risk. This presentation covers the topic of cloud security in a down-to-earth and practical way and provides realistic security measures you can put in practice right away. This class will review the current industry standard guidelines for cloud security; We will also review several popular Cloud Service Provider (CSP) security models and security controls. No cloud security presentation would be complete without a brief introduction to software container security concepts. This workshop will review several examples of cloud security controls that provide virtual firewalling, server/service security, encryption. And we will also review a few of the popular cloud security certifications.
Building Your Cyber Security Vocabulary
This course will provide people with a great introduction to terminology often spoken in the cyber security sector. This course is focused on conveying topics and vocabulary specific to cyber security, so if you are new to infosec and want to start learning the basics, this course is for you. Throughout this course students will learn new words, their meanings, the context in which they are used and will ultimately gain an understanding of topics and terminology as they relate to cyber security.
Cyber Security While Traveling
Tightly controlled security is a lot tougher when you are on the road, but security can still be achieved for personal and professional devices. This course will cover cyber security situations you will run into while traveling and technology that can be used to help keep you safe. It will go over the triangle of security, wireless and wired situations, threats, countermeasures and a simple demonstration. This course will primarily raise awareness of travel situations commonly encountered while trying to maintain connectivity. This includes open WiFi techniques, using SSL, using VPNs, etc.
Data Theft Protection
With data theft at record highs, this course provides sound strategies to protect against digital data theft. Strategies are provided for email protection, securing files by default, and controlling files by design. Military grade protection is now available at the civilian level. Those solutions and more will be discussed in this program.
Electronic Commerce Security Risks
This course will cover the different types of electronic commerce, and the associated risks. The students will learn how to interact with electronic commerce sites securely, how to secure electronic commerce sites, and have a better understanding of how they connect with business-to-business transactions, business-to-consumer transactions, and consumer-to-consumer transactions, and how to secure those transactions.
Identifying Personally Identifiable Information (PII)
Importance of Identity Protection
We are in an entirely new world where information is a valuable commodity and we need to be uncharacteristically aware of everything around us. Even the most trivial of actions – or inactions - can have profound impact on our lives, if that ends up in the wrong hands. Being more aware of basic things we can do to protect ourselves is the first step to ensuring our own physical and logical safety. This course covers basic steps that everyone should take to keep their information safe. None of it is hard, but it is a new way of doing things. With diligence and practice, those things will become habits, just like locking the doors to your house or car.
This course talks about the history of malware, how it works, understanding the risk and how to protect against it. Students will learn the basics of malware in the context of both home and corporate users and will understand how to combat malicious software in an effective way.
Mobile Device Security
This course introduces those who use mobile devices as part of their everyday background—whether at work, study, or play—to techniques for protecting those devices from being an attacker’s playground. By shifting security to the foreground, those who follow this course will learn to: identify vulnerabilities in different mobile devices, apps, communications channels; harden their devices against common attacks; configure frequently used apps against misuse by others; and reduce exposure to compromised routers and electronic eavesdropping.
Pairing Physical & Digital Security
Digital Security doesn’t guarantee security. With physical control of a device, information will be available with time regardless of the amount of encryption. With digital access of data, physical control of a device doesn’t actually provide security other than the physical removal of hardware. This course will provide an introduction to physical and digital security, commonly found solutions, and how to integrate the ones that complement each other. For example: locking down electronic files and filing cabinets, encrypting hard drives and locking them in machines or safes, complex passwords not left under your keyboard.
Phishing & Whaling
Portable Data Protection and Data Destruction
This course is for anyone who has data assets that are not contained in a locked file cabinet. It may also have relevance to those with hard copy documents as well, but who have not considered how those documents should be managed. Those who complete this course will be able to design and implement their own data management plan and be able to: categorize data according to protection level desired (for example, what is directory versus personal information); establish expiry dates for portable data (i.e., how to preserve the data); determine what storage options and media format are the best fit; identify and document where data assets may be present; develop robust password or encryption policies for portable data; recover data on various media; erase data records permanently.
Safer Digital Communications
Recent headlines about Sony, Target, The Office of Personnel Management (OPM) security breaches make it clear that computer security is a very real and important issue. Dell Security Solutions have noted that 73% of organization globally have experienced a security breach in the past twelve months. Statistics like that would make us wonder how we could feel protected on the Internet. Taking control of how we use our desktops, laptops, tablets and smart phones by learning how to protect the loss of our most vital information including our personal information along with the valuable assets of the companies that we work for. This course is intended to teach important concepts of how to protect company assets and data by utilizing appropriate technology, approved procedures and becoming aware of risky behaviors.
Security by Geolocation
Security is a lot stronger utilizing electrons as they are extremely hard to spoof, as opposed to other aspects such as cyber addresses, but it is definitely a complicated math problem ripe with errors. This course will help you understand how to locate wireless signal sources using something called spectrum geolocation techniques. This will allow users to trust and verify wireless signals, allow access by location, take wireless snapshots, etc.
Security for Cloud Services
With more company’s moving to cloud providers, it is extremely important to understand the risk associated with cloud services. This course will define what a cloud is and the different types of cloud service offerings; describe some of the risks associated with common cloud-based applications such as Dropbox and Skype; and provide best practices on how to reduce the risks on cloud-based service offerings to an acceptable level.
The course provides and introduction to cyber security in todays world. The course will review: What the C suite wants to know; What are the threats; Where are they coming from. This introduction gives you insight to todays Cyber reality.
An introductory course in the threat of using social media networks – This course will explore the risks and controls of using social media. By the end of the course you will understand the benefits and risks of using social media at home and in the workplace.
The Internet of Things (IoT)
The Internet of Things will forever change our personal and professional lives and it is important that we all have a basic understanding of what this means and how it might impact our safety and privacy in the near future. The Internet of Things will change our personal and professional lives forever. By 2020, there are expected to be over 50 billion devices communicating through the Internet. These devices will range from doorbells, thermostats, cars, and washing machines. These devices can make our lives easier and more efficient. At the same time, some of these devices may put our safety and privacy at risk. Knowing about how the Internet of Things works and what we can do to be safe is important at a personal and corporate level.
Contingency Planning: Business Continuity & Disaster Recovery Plans
Preparing your Organization in the Event of a Business Disruption Key Benefits Disasters could cripple your organization, suspending mission-critical processes and disrupting service to your customers. These disasters could be man-made or natural in nature. The Business Continuity Plan (BCP) addresses an organization’s ability to continue functioning when normal operations are disrupted. A Disaster Recovery Plan is used to define the resources, action, tasks, and data required to manage the business recovery process in the event of a disaster. In this webinar you learn to identify vulnerabilities and implement appropriate countermeasures to prevent and mitigate threats to your mission-critical processes. You learn techniques for creating a business continuity plan and the methodology for building an infrastructure that supports its effective implementation. Learning Objectives
- Create, document and test continuity arrangements for an organization
- Perform a risk assessment and Business Impact Assessment (BIA) to identify vulnerabilities
- Select and deploy an alternate site for continuity of mission-critical activities
- Identify appropriate strategies to recover the infrastructure and processes
- Organize and manage recovery teams
- Test and maintain an effective recovery plan in a rapidly changing business and technology environment
Data Loss Prevention
This 2 hour discussion covers internal security from the perspective of guarding the intranet from: - Malicious computers and devices - Portable media attacks - Data exfiltration by rogue personnel Addressing these issues requires a layered defense that starts with connecting to network access points for initial authentication. Defenses must form a continuous layer of protection through to each endpoint. This course offers 2 training hours of content in role based security training.
Elements of Information Security
What is information security, and why is it important? Who is responsible for security? Check out the elements of Confidentiality, Integrity and Availability. This course offers 2 training hours of content in role based security training and is led by Randy Williams.
Ensuring Network Integrity
What is Network Integrity? Look at infrastructure plus client and user services on the network. Explore the defenses that can be leveraged to secure the network integrity. This course offers 2 training hours of content in role based security training.
How the Bad Guys Get In - Host Application Insecurity
Why do user workstations get compromised, and who is at risk? Explore the dangers and watch demonstrations of attacks. Prepare your defenses! This course offers 2 training hours of content in role based security training.
Importance of Configuration and Change Management to Security
Best Practices for Managing Configuration Changes Implementing information system changes usually results in some adjustment to the system configuration. It is critical to ensure that the adjustments to the system configuration do not adversely affect the security of the information system. This webinar is focused on highlighting the importance of configuration management, change management, and its effect on system security. This webinar:
- Examines why organizations need change management
- Addresses challenges in addressing changes in people, process, and technology
- Defines how to implement well-defined configuration management process that integrates information security
Modern Open Source Intelligence (OSINT)
In this 2 hour Role based security training, Chris Silvers will discuss Modern Open Source Intelligence (OSINT) and review the following topics:
- OSINT defined
- Traditional Techniques
- Browser Based Process - Demonstrations
- Automated Tools - Demonstrations
Operational Security for Personnel
Look at compliance and security from the technical, management and operational view point. Explore policies that could reduce risk in areas such as social media, passwords, and personnel. This course offers 2 training hours of content in role based security training.
Programmable Human Interface Device (PHID)
In this 1.75 hour training event Chris Silvers will explore: Programmable Human Interface Device (PHID)
- What is a PHID?
- First Generation - Teensy
- Second Generation - USB Rubber Ducky
- Third Generation - The Glitch
- References - Shoutz
Many people find the world of security frightening, confusing and full of doom and gloom, otherwise known as FUD (fear uncertainty and doubt). This is because, like selling insurance, security vendors have to convince the rest of the world that security is needed. What most people don't realize is that security, like insurance, is really just about risk management. Through numerous analogies and antic-dotes, Chris Silvers explains the essential concepts of security, focusing on information and cyber in enterprise environments and how they relate to personal privacy in the digital age. Learning Objectives
- The three pillars of security: Confidentiality, Integrity and Availability
- Risk management concepts and definitions
- Different security "frameworks" and how they define the security domains
Threats and Vulnerabilities
Define and rate IT vulnerabilities. Understand testing and the reports that they return. Determine how bad your vulnerabilities are, and how to make them go away. This course offers 2 training hours of content in role based security training.
Examine physical security in your computer room from locks to biometrics. Discussions on various devices weakness. Learn how to shore up your physical defenses from intrusion. This course offers 2 training hours of content in role based security training
Web Application Security & OWASP
Web applications are a favorite target of malicious attackers for two reasons: the tools are simple to use; and, their vulnerabilities are numerous. The results are often devastating. This webinar will educate attendees about the most pervasive threats, their impact and how to remediate the risks. This course offers 2 training hours of content in role based security training.
Wi-Fi Risks and Mitigations
This session will detail the risks to Wi-Fi network users and administrators as well as how to mitigate those risks. From evilAP to denial of service attacks, the session will include demonstrations and real life examples of how these attacks have been leveraged to compromise the confidentiality, integrity and availability of sensitive information and critical systems. Learning Objectives
- awareness of the dangers of open Wi-Fi hotspots
- strategies on protecting yourself when connecting to Wi-Fi networks
- best practice techniques for protecting connected Wi-Fi clients from each other
- mitigation of risks relating to Wi-Fi connectivity into the internal network
Your Users are Under Attack - Social Engineering & Technical Attacks
What is social engineering and who is at risk? Why does it work when technical controls are perfect? Check out examples of social engineering. Explore the technical tools and create your own Social Engineering Toolkit (SET). This course offers 2 training hours of content in role based security training.