Scribd
Upload
79 views18 pages

BSBXCS402 - Assessment Task 2 Activity 2 Jiale Zhang

Uploaded by

neal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
79 views18 pages

BSBXCS402 - Assessment Task 2 Activity 2 Jiale Zhang

Uploaded by

neal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

cybersecurity

Jiale Zhang

20XX 年 2 月 2 日星期二 示例页脚文本 1


The organization
Our training organization recognizes the need for
cybersecurity management to feature as a consideration
in strategic and operational planning, day-to-day
cybersecurity management and decision making at all
levels in the organization

20XX 年 2 月 2 日星期二 示例页脚文本 2


Introduction:

The training organization has experienced a number Website hacking


of cyber threats recently including but not limited to: 6
•A ransomware attack
5
•A number of phishing activities
4
•Data leakage on a number of occasions
3
•Website hacking (two times in the last month)
2

0
Jan Feb Mar Apr

ransomware attack Phishing attack data leakage

20XX 年 2 月 2 日星期二 示例页脚文本 3


Scope of the Cybersecurity policy

• This policy is broad and applies to parties at our training organization that hold or process training
organization information, including:

• Students;

• Staff;

• Third parties (e.g. suppliers, contractors, consultants and partners);

• Visitors.

20XX 年 2 月 2 日星期二 示例页脚文本 4


Cybersecurity practices according to
organizational policies and procedures
Our training organization is committed to managing and
minimizing cyber risk by identifying, analyzing, evaluating,
and treating exposures that may impact on the training
organization achieving its objectives and/or the continued
efficiency and effectiveness of its operations.

We will Back up our data, Secure our devices and network,


Encrypt important information, Ensure to use of multi-factor
authentication (MFA), Monitor the use of computer equipment
and systems, and limit further damage of the cyber incident by
isolating the affected systems

20XX 年 2 月 2 日星期二 示例页脚文本 5


Training Schedule
WIA Training
Monday Tuesday Wednesday Friday
Organization
Back up data 8am-9am 8am-9am 8am-9am 8am-9am

handle sensitive data 12pm-1am 12pm-1am 12pm-1am 12pm-1am


Prepare for an
2pm-3pm 2pm-3pm 2pm-3pm 2pm-3pm
incident
Monitor use of
computer equipment 4pm-5pm 4pm-5pm 4pm-5pm 4pm-5pm
and systems

20XX 年 2 月 2 日星期二 示例页脚文本 6


Cybersecurity training requirements
and purpose
•To develop cyber security awareness in the work
area by developing one set of policies and
procedures for a work area that promote cyber
securityawareness and practices.

•Effective security awareness training helps


employees understand proper cyber hygiene, the
security risks associated with their actions and to
identify cyber attacks they may encounter via email
and the web.

20XX 年 2 月 2 日星期二 示例页脚文本 7


Phishing attacks

Staff Pattern who click the unsafe link


6

0
Financial team Acciunt team management team IT team

Financial team Acciunt team management team

20XX 年 2 月 2 日星期二 示例页脚文本 8


Removable media
•Removable media is any type of storage device that can be
removed from a computer while the system is running. Examples
of removable media include CDs, DVDs and Blu-Ray disks, as
well as diskettes and USB drives. Removable media makes it easy
for a user to move data from one computer to another.

•In a storage context, the main advantage of removable disks is


that they can deliver the fast data backup and recovery times
associated with storage area networks (SANs) while also
providing the portability of tape that may be required to meet
corporate backup and recovery requirements. The main drawback
of removable media is that it's more expensive than tape.

20XX 年 2 月 2 日星期二 示例页脚文本 9


Passwords and Password-Based Authentication is the process of gaining
access to resources which one is entitled to with the help of a

Authentication. set of credentials containing username and password. This is


a rampantly used method known for process simplicity and low
cost.

20XX 年 2 月 2 日星期二 示例页脚文本 10


Passwords and Authentication.
• Multi-factor authentication (MFA) is a verification
security process that requires you to provide two
or more proofs of your identity before you can
access your account. For example, a system will
require a password and a code sent to your mobile
device before access is granted. Multi-factor
authentication adds an additional layer of security
to make it harder for attackers to gain access to
your device or online accounts.

20XX 年 2 月 2 日星期二 示例页脚文本 11


Physical
security

20XX 年 2 月 2 日星期二 示例页脚文本 12


Mobile Device Security.
Mobile Device Security refers to the measures designed to
protect sensitive information stored on and transmitted by
laptops, smartphones, tablets, wearables, and other portable
devices. At the root of mobile device security is the goal of
keeping unauthorized users from accessing the enterprise
network. It is one aspect of a complete enterprise security plan.
working remotely security tips
Separate Work and Personal
Secure Your Home Office Secure Your Home Router Devices

ZOOM Google Meeting Voov Meeting Microsoft Team Wechat

Encrypt Your Devices. Use Supported Operating Systems.

14
Public Wifi

Malware, Viruses, and Worms. ...

Rogue Networks. ...

Unencrypted Connections. ...

Network Snooping. ...

Log-in Credential Vulnerability. ...

System Update Alerts. ...

Session Hijacking.

20XX 年 2 月 2 日星期二 示例页脚文本 15


Cloud Security

Cloud Security

18-29 30-40 40-45 45-55

20XX 年 2 月 2 日星期二 示例页脚文本 16


Any Questions?

20XX 年 2 月 2 日星期二 示例页脚文本 17


Thank you
Jiale Zhang

20XX 年 2 月 2 日星期二 示例页脚文本 18

You might also like