Cybersecurity and You

Transcript

1. Cybersecurity and You Heather Noggle Virtual June 4, 2024

2. Heather Noggle •Public sector HR •Long career as Software Developer

   / Business Analyst / Project Manager •Writer •Business owner •Board leader •Cybersecurity practitioner / advocate

3. Cybersecurity Defined People, processes, and technology working together to protect

   the confidentiality, integrity, and availability of data. Keeping private data private and enabling proper access to other data.

4. Cyber Hygiene (Behaviors) • Password Best Practices • Password Manager

   • Multifactor Authentication • Update (Patch) Software • Cybersecurity Mindset (Awareness) • Antivirus/Antimalware • Know Your Devices • Back Up Your Data • Understand Social Engineering (Fraud) • Own Your Clicks

5. Train Your People • What technology and information security mean

   to business. (Continued Operation) • To value cybersecurity as necessary in our modern world. (Data Privacy) • How to do the work. (Behavior)

6. Change How We Trust • Trust the people we know

   and interact with in person • Anything else – the digital – can be faked • Zero trust – for people and machines

7. Foundation for Growth •Leadership Values Cybersecurity •Change Management Process •Agreement

   There’s Work to be Done

8. Another Princess, Another Castle (Levels) • Cybersecurity is part of

   modern business • You’re never done • Small and medium-sized organizations DO get breached and with great impact. They don’t tend to make the news, though. • Small changes and choices in the early levels are people-oriented, behavior. • Those small changes can gain your organization great impact. • Integrate cybersecurity as early and as pervasively as you can in your organization

9. Standards and Frameworks • NIST Cybersecurity Framework – CSF https://www.nist.gov/cyberframework

   • Center for Information Security - CIS v8 https://www.cisecurity.org/controls/cis-controls-list

10. Cybersecurity Assessment • What do we have? (Assets) • What

    are our risks? (Risk Posture) • What are we doing? (Current State) • What do we need to do? (Desirable State) • What are the gaps? (The Work)

11. Missouri Cybersecurity Center of Excellence • Non-profit located in the

    Jordan Valley Innovation Center • Training the workforce in cybersecurity • Helping with job placement • Securing the region – cybersecurity services at all levels • Also, the best kept secret in Southwest Missouri – working to change that. • I’m employed part time here. https://www.mccoe.org

12. Parting Advice • Tech Isn’t Going Away – Secure It

    • Train Your Organization! • Safer – at Home and at Work • Build Security Into Your Culture

13. Heather Noggle LinkedIn - https://www.linkedin.com/in/heathernoggle/ Codistac - https://codistac.com/ [email protected] Missouri

    Cybersecurity Center of Excellence https://www.mccoe.org [email protected]

14. Discussion Questions • What is your organization’s risk posture? Is

    cybersecurity considered among its risks today? • How often do you talk about cybersecurity? What about fraud? • Where do you see the opportunity (and need) to improve in your organization? • What’s the first step? Engage!