Frequently Asked Questions

In this section, we answer common questions that people have about diverse cyber topics.

Cyber Citizens

  • Celebrities
  • Common victims of doxing
    Celebrities, politicians, and journalists are amongst those who have been doxed, making them suffer from online mobs, fearing for their safety, and – in extreme cases – death threats. The practice has also spread to prominent company executives.
  • How do celebs get hacked?

    Most of the time, celebrities get hacked the same way anyone else does. They use weak passwords, fall for social engineering tricks, or suffer from data leaks when larger organizations holding their data are breached. Here’s a closer look at the most common techniques hackers use to hack the stars — techniques we can all fall victim to if we’re not careful.

    Social engineering: Social engineering attacks manipulate victims into disclosing sensitive personal information or access to confidential assets. Many hackers will scour a victim’s social media profiles for data they can leverage in an attack.

    Phishing: Phishing attacks use fraudulent emails, text messages, and other communications to deceive victims into disclosing sensitive information.

    Data breaches: By breaching the data vaults of large organizations, hackers can capture usernames, passwords, and all sorts of other valuable personal data. After a data breach, the stolen data is often made available on the dark web, where others can buy it to commit identity theft and fraud.

    Ransomware: One of today’s most dangerous and fastest-growing online threats, ransomware infects your device, hijacks your data, encrypts it, then holds it hostage while demanding a ransom payment. Many victims choose to pay the ransom, which drives up ransom rates while incentivizing the development of more sophisticated ransomware attacks.

    Password cracking:  Even celebrities sometimes get lazy with their passwords. After a 2012 LinkedIn breach, Facebook CEO Mark Zuckerberg was caught reusing his passwords, as hackers were able to access several more of his accounts using the same password. Other hackers have successfully guessed or cracked the passwords of their victims, often by using personal information obtained via phishing.

  • Is doxing illegal?
    The answer is usually no: doxing tends not to be illegal if the information exposed lies within the public domain, and it was obtained using legal methods. That said, depending on your jurisdiction, doxing may fall foul of laws designed to fight stalking, harassment, and threats.
  • What is doxing?
    Doxing is the act of revealing identifying information about someone online, such as their real name, home address, workplace, phone, financial, and other personal information. That information is then circulated to the public — without the victim's permission.
  • What to do if you become a doxing victim

    Report it. Report the attack to the platforms on which your personal information has been posted. Search the relevant platform's terms of service or community guidelines to determine their reporting process for this type of attack and follow it. While filling a form out once, save it for the future (so you do not have to repeat yourself). This is the first step to stop the spread of your personal information.

    Involve law enforcement. If a doxer makes personal threats against you, contact your local police department. Any information pointing to your home address or financial information should be treated as a top priority, especially if there are credible threats attached.

    Document it. Take screenshots or download pages on which your information has been posted. Try to ensure that the date and URL are visible. This evidence is essential for your own reference and can help law enforcement or other agencies involved.

    Protect your financial accounts. If doxers have published your bank account or credit card numbers, report this immediately to your financial institutions(s). Your credit card provider will likely cancel your card and send you a new one. You will also need to change the passwords for your online bank and credit card accounts.

    Lock down your accounts. Change your passwords, use a password manager, enable multi-factor authentication where possible, and strengthen your privacy settings on every account you use.

    Enlist a friend or family member for support. Doxing can be emotionally taxing. Ask someone you trust to help you navigate the issue, so you don't have to deal with it alone.

  • Why cyber criminals target celebrities?
    Extort the victim: asking for financial compensation in exchange for not disclosing the information obtained. Get popularity: give themselves the credit of having been able to achieve it and ridicule the victim
  • College Students
  • Caution when selling old devices

    Whether you plan to throw away, resell, recycle, or trade in your old computer or phone, you must take steps to ensure your data is permanently erased, overwritten, and inaccessible.

    Avoid taking or storing private photos on your devices. No matter how secure you think your files are, someone may still gain access to them.

    Before ditching your old computer, consider downloading antitheft apps or software to help overwrite your data. On a Mac, the built-in Disk Utility app can wipe and overwrite a drive.

  • How and when can you get phished?

    When you follow a false link or reply to a fake email: Phishing emails are a tried-and-true method for hackers to obtain personal, private information. In 2017, thousands of Dartmouth University students received a phishing email claiming to be from the university’s president. An embedded link asked recipients to enter their university NetID. This year, college students have been the target of similar COVID-19 phishing scams. These messages claim to be from university financial departments and link to portals requiring students to enter their login credentials. Phishing emails typically appear to come from trusted senders and request that you verify banking details, login credentials, or credit card information. These emails may feature the same layout, color scheme, and language of the real entity, and may link to a site specifically designed to spoof the real thing.

    When you open an infected attachment: Common phishing scams seen on the Bowling Green State University campus include fake fraternity recruitment emails and senders posting as professors in search of student employees. Students may receive several such emails a week, often with suspicious attachments that they are careful not to open. According to one expert analysis, 85% of all malicious emails carry common attachment formats like .DOC, .XLS, .PDF, and .ZIP. In some cases, these attachments may be perfectly harmless, but many contain malware and other nasty features, activated with just a click. Using these tools, phishers can steal sensitive information, demand a ransom for the safe return of your data, or even remotely take over your device.

    When you answer a suspicious phone call: College students love texting and social media, but sometimes we still need to pick up the phone for an old-fashioned call. Phone scams are a popular tactic of phishers looking for financial information, largely because they are proven to work. Nearly 1 in 6 Americans lost money to a phone scam in 2019. In the last few years, major mobile carriers including T-Mobile, AT&T, and Sprint introduced scam protection features to help fight phishing calls. You can see this in action when your caller ID labels an incoming number as “scam likely” or “potential fraud.” This screening feature works by checking callers against a database of reported scam numbers. Unfortunately, some phishing calls still slip through. The most common phone scams targeted at college students relate to financial aid, tuition, and taxes.

    When you follow a malware link in a text: Many phishing attempts depend on tricking the recipient into providing sensitive information, but more malicious phishing texts can contain links to malware that spy on your activity, data, and files without your knowledge. In recent years, hackers have targeted both Apple and Android devices. Once discovered, manufacturers quickly develop software patches that address vulnerabilities and close security loopholes, but for infected users, these patches may be too little, too late.

  • How to protect your digital identity

    · Limit sharing your social security number—whether in a doctor’s office, at school, or online.

    · Use strong and unique passwords on each of your online accounts.

    · Make sure you’re on a secure network or using a VPN, a virtual private network, when banking, shopping, or making other online transactions.

    · Don’t share your login credentials with others.

    · Shred documents containing personal information before discarding.

    · Secure your home Wi-Fi network with a strong password.

  • What damage a cybercriminal can do?
    A successful cybercriminal might be able to delete valuable documents, access financial accounts, steal and sell personal information or demand a ransom to unlock a compromised computer.
  • What is cyberbullying?
    Cyberbullying is bullying or harassment that happens online to Kids and Teens. It can happen in an email, a text message, an online game, or comments on a social networking site. It might involve rumors or images posted on someone’s profile or passed around for others to see, or creating a group or page to make a person feel left out.
  • What is phishing?
    Phishing is a hacking method in which fraudulent emails, websites, and other forms of electronic communication are used to obtain sensitive information like usernames, passwords, and credit card details. Young people often start seriously handling their own finances for the first time in college, taking on the responsibilities of credit cards, loans, and bank accounts. This abundance of sensitive data, combined with inexperience, makes college students an ideal target for phishing attacks. Cybersecurity awareness is the best way to keep yourself safe.
  • Executives
  • Common cybersecurity threats while traveling

    Unsecured wireless networks. While public wireless networks provide great convenience, allowing people to connect to the Internet from almost anywhere, they are unsecure and can allow cybercriminals access to your Internet-enabled devices. Beyond the typical public wireless networks found at airports, restaurants, hotels, and cafes, they are increasingly available in other places, such as on airplanes and in public parks.

    Publicly accessible computers. Hotel business centers, libraries, and cyber cafes provide computers that anyone can use. However, travelers cannot trust that these computers are secure. They may not be running the latest operating systems or have updated anti_x0002_virus software. Cybercriminals may have infected these machines with malicious viruses or installed malicious software.

    Physical theft of devices. Thieves often target travelers. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary — these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.

  • Steps to achieve executive cyber security

    Executive vulnerability assessments. Quantifying executives’ cyber risk vulnerability across the entire network – including their families – is essential. Assessments should cover not only the potential for corporate compromise but also individual and family compromises. Assessments can involve one-on-one discussions and data gathering, including examinations of both the open and dark web to evaluate an executive’s cyber security risk. Organizations can take steps to secure the executive and their family members with individualized cyber security solutions to bolster resilience in this particularly vulnerable threat vector.

    Awareness campaigns. Mitigating executives’ cyber risk can include information governance, training on phishing and social engineering attacks, instruction on reducing exposure, and sharing knowledge of emerging fraud schemes. Resilience begins with executives’ awareness of the problem and guidance on how they can address their own risk. As with any culture change, building organizational cyber resilience works best when executives lead by example: modeling a culture in which every employee believes it is their responsibility to build and maintain a level of cyber vigilance. Implementation of cross-functional governance programs as well as comprehensive cyber awareness training programs – collaborating with learning and development experts in HR – can accelerate cyber risk maturity. Setting cyber maturity goals and expanding accountability for cyber resilience to leaders beyond the chief information security officer are also important.

    Risk transfer. Risk-transfer mechanisms such as cyber insurance can help executives address the impact of identity theft, business email compromise losses, and ransomware attacks. Beyond cover that protects the organization from cyber attack losses, executives might consider adding a layer of personal identity theft protection. Many companies offer such coverage as an employee benefit and, while the market for personal cyber insurance is evolving, companies could consider offering it to board members, executives, and employees.

     
  • The danger of over-focusing on technology

    Non-technical executives often tend to think of cyber risk in terms of technological threats. This is a problem for several reasons. For one thing, when company leaders — who are often nontechnical — believe that cybersecurity is a technology problem, it makes the cyber risk even more frightening than it already is because they don’t understand it. Rather than attempting to manage cyber risk, those executives will outsource it, either relying on their IT or security organization to manage cybersecurity for the entire company or by trying to buy their way out of a breach, investing in solutions that will protect their data and networks.

    Harvard Business Review recently wrote about the pitfalls of cybersecurity efforts that focus only on technology. HBR paints a bleak picture of meetings filled with tech jargon that CEOs and boards accept but don't understand, and threats unaddressed in favor of long mitigation lists.

  • Top 5 cybersecurity threats for executives

    Mobile security. Executives and high-ranking officials are often called upon for domestic and international business travel. Their extensive use of mobile platforms while on the road and during their commutes increases the odds of a mobile security threat. Like viruses and spyware that can infect computers, there are security threats specific to devices such as smartphones, tablets, and connected IoT devices. Mobile threats can be divided into four basic categories: application-based threats, web-based threats, network-based threats, and physical threats. Biggest mobile security threats: *Data leakage, *Social engineering, *Wi-fi interference, *Out-of-date devices, *Cryptojacking, *Poor password hygiene, *Physical device breaches

    Increased Likelihood of Cyber Crimes against Businesses. No matter the size of the organization, one of the most prominent challenges executives face is the risk of their business becoming a cyber crime target. Common motives for attacking a principal are financial, revenge, or activist related. Now more than ever, executive digital protection has become a business necessity. And with cyber crimes against businesses on the rise, it’s only a matter of time before executives are face to face with a cybersecurity threat

    Social media. An executive’s social media habits and preferences can be leveraged by a threat actor to gain access to their data, and in turn, damage their organization’s brand. When considering any form of executive digital protection, analyzing the social media usage of the executive and their family should be a key part of the conversation. Hackers can use public information on social media platforms such as LinkedIn, Instagram, Facebook, and other sites to build profiles of targets. This profile can be used to tailor a phishing attack or coerce the target. An attack on an executive can cause a significant amount of brand damage. And being able to protect them on the cyber front is very important.

    Business Email Compromise Scams (BEC). When targeting high level executives, hackers might rely on a combination of attacks: whaling phishing attacks, executive impersonation, and business email compromise. Business email compromise (BEC) scams can combine spear phishing, email spoofing, social engineering, and occasionally malware. BEC scams are an increasing problem for businesses of all sizes, resulting in massive losses to organizations. What makes these messages more devious is that they can usually avoid the spam filter since they’re not a part of a mass-mailing campaign. BEC scams are more targeted in nature, and typically avoid the usual spam indicators that get flagged by most email servers. Insider threats. What can executives do to protect themselves and their company against insider threats?

    To reduce the chances of a breach caused by current employees, former employees, contractors, or business associates, cybersecurity professionals recommend auditing, securing, and regularly patching software as the first step. Applications to secure: *Legacy systems, *Communication and collaboration apps, *Cloud storage and file sharing tools, *Finance and accounting tools, *Social media and intranets

  • What can C-level executives do to limit their chances of becoming a statistic?

    Be much more vigilant and obtain better security/usability training to avoid falling prey to scams in the first place Use enterprise-grade VPNs to avoid getting snooped on while traveling.

    Enterprises can adopt more fine-grained security postures (e.g., stricter access controls when traveling) and track the behavior of these high-profile C-level executives’ IT assets (e.g., laptop, tablet) to check for signs of compromise as soon as possible to minimize the damage Use two-factor authentication where possible.

    Don't install the software you weren't expecting to install (for example, if you receive an email to install a software update) Verify unusual requests for sensitive information Have strong, unique passwords for important accounts, such as email, banking, etc. Have a PIN or passcode on your smartphone, in case you lose it

  • Investors
  • 5 cyber vulnerabilities for investors

    Failure to identify due diligence responsibilities. During the diligence stage of the investment, there may be confusion around which party is responsible for surfacing and mitigating potential security issues. Let’s be clear – the responsibility lies with the investor, who must conduct robust diligence to validate and verify the potential investment’s claims. What’s also clear is that the investment target should be an active participant in this phase of the process, providing supporting information about the organization’s security performance over time. By doing so, the target can showcase the organization’s commitment to managing enterprise risk, which should increase enterprise value.

    Not asking the right questions. For years, cyber diligence consisted of one question: “Have you ever experienced a breach?” For most targets, the answer to that question is a resounding “no,” regardless of the veracity of that statement. Investors need to go beyond this simple question, exploring, for example, the target’s data protection strategy, the types of technologies it has in place to mitigate risk, executive leadership, and employee training, in order to gain a broader understanding.

    Untapped data. While asking more questions is important, investors must also seek out quantitative, objective security performance information. Historically, the due diligence process has largely relied on qualitative data based on written or in-person interviews with executives and board members, which frequently produces subjective, emotionally-driven results. When evaluating the potential risk an organization may inherit through an investment, it’s best to avoid gut feelings and focus on the facts. While there is value to hearing directly from executives, qualitative analysis should be supplemented with objective, straightforward measurements of security successes and challenges throughout the period. Security ratings provide significant, relevant insight here.

    Security monitoring. Cybersecurity is dynamic and things can change quickly. Investors often assess the status of an investment’s cybersecurity environment at the beginning of the relationship and fail to monitor the environment throughout the investment period. Failing to continuously monitor the security environment leads to a lack of visibility into risk and potential threats. Just as sales teams report on leads and revenue quarterly, cybersecurity teams should monitor and report on the state of the organization’s security strategy to interested parties on an ongoing basis.

    Lack of business context. More often than not, those driving the due diligence processes are not cybersecurity professionals, which means that they need cybersecurity metrics to be contextualized against potential business impact. For example, it is not enough to share that one million records were exposed in a data breach; investors also need to know the losses the business incurred as a result. Investors should be sure to ask questions that frame these metrics within the context of business impact, such as, “How will this impact stock price, revenue, and our brand’s reputation?”

  • Attack Methods

    Advanced persistent threats: This method employs a combination of the other methods (discussed below) to evade discovery, whilst gathering information surreptitiously over time. Through this coordinated and subvert approach threat actors are able to precisely target the weakest target personnel in a PE anyone connected to a PE Firm.

    Social Engineering: This method requires gaining the trust of individuals who are the least cybersecurity proficient persons in a PE Firm. Thereby, exploiting a PE Firm’s vulnerabilities by riding on weaknesses in the “human perimeter’s” awareness to cyber risk.

    Phishing: This method, like social engineering, exploits vulnerabilities through weaknesses in the human perimeter. PE Firms forget that their human perimeter also encompasses their service providers, such as third-party custodians or fund administrators. Many PE Firms still depend far too much on email as a form of communication with these providers. The sophistication and quality of these fake notices have greatly improved, making them almost indistinguishable from legitimate sources. Phishing also succeeds by targeting overworked personnel at these service providers, who typically deal with a high volume of emails. This high-stress scenario increases the likelihood of phishing emails being mistaken as legitimate. It is important to invest in penetration testing, multi-factor authentication, and effective workflow design together with service providers

  • Threat Actors

    Nation States undermine the integrity of another nation’s financial services sector through cyber terrorism. Cyber terrorism propagates harm in the same way as any other crime: physical or digital, economic, psychological, reputational, and social or societal.  Cyberwarfare is characteristically a “persistent form of engagement”. Effective risk mitigation depends on strategic investment into effective controls and continuous alignment with international standards and continually adapting to regulatory obligations.

    Hacktivists, aggrieved about the perceived lack of engagement into environmental, social, or ethical activities, or perceived unethical or immoral activities undertaken by a PE Firm or by stakeholders.

    Organized criminals intend to use personal data or materially non-public data for nefarious purposes.

  • What does cyber risk mean?
    Cyber risk is a broad term. For most people, it represents the risk of loss or harm from breaches or attacks on information systems. That loss can take many forms, including direct financial costs, reputational damage, or operational continuity. Data privacy is commonly associated with cyber risk and is a centerpiece of the EU’s General Data Protection Regulation (GDPR) regulation, which came into force in May 2018. That law has become a de facto global standard; it clarifies and expands upon what sensitive data entails, who has the usage rights and assigns the responsibility to companies to keep customer data safe, with high fines if they fail to do so.
  • What to do in case of identity theft

    Contact your investment firm and other financial institutions immediately.  If you think your personal financial information has been stolen, contact your broker-dealer, investment adviser, or other financial professionals immediately to report the problem.  You should also contact any other financial institutions where you have accounts that may be impacted by the loss of your personal financial information. These may include banks, credit card companies, or insurance companies. Please remember to document any conversations with your investment or financial firms in writing.

    Change your online account passwords.  Immediately change the password for any investment or financial accounts associated with the compromised personal financial information.  Always remember to use strong passwords that are not easy to guess, consisting of at least eight or more characters that include symbols, numbers, and both capital and lowercase letters.

    Consider closing compromised accounts.  If you notice any unauthorized access to your investment account, you may want to ask your investment firm to close the account and move the assets to a new account.  You should consult your investment firm about the best way to handle closing an account if you choose to do so.

    Activate two-step verification, if available.  Your brokerage firm or investment adviser may offer a two-step verification process for gaining access to your online accounts.  With a two-step verification process, each time anyone attempts to log into your account through an unrecognized device (i.e., a device you have not previously authorized on the account), your investment firm sends a unique code to either your e-mail or cell phone.  Before anyone can gain access to your account, they must enter this code and your password.  Activating this added layer of security may help reduce the risk of unauthorized access to your accounts by identity thieves.

    Monitor your investment accounts for suspicious activity.  Closely monitor your investment accounts for any suspicious activity.  Look out for any changes to your account information that you do not recognize (e.g., a change to your address, phone number, e-mail address, account number, or external banking information). You should also confirm that you authorized all of the transactions that appear in your account statements and trade confirmations.  If you find any suspicious activity, immediately report it to your investment firm.  Please remember to document any conversations with your investment firm in writing and provide a copy to your investment firm.

    Place a fraud alert on your credit file.  Placing an initial fraud alert in your credit file provides notice to potential creditors (e.g., banks and credit card companies) that you may have been a victim of fraud or identity theft and will help reduce the risk that an identity thief can use your personal financial information to open new accounts.

    Monitor your credit reports.  After you place an initial fraud alert in your credit file, you are entitled to obtain a free copy of your credit report from each of the credit bureaus.  Check each of your reports for signs of fraud, such as an unknown account, a credit check or inquiry to your credit file that you do not know about, an employer you have never worked for, or unfamiliar personal information.

    Consider creating an identity theft report.  If a breach in your personal financial information results in identity theft, you may want to consider creating an identity theft report.  An Identity Theft Report helps you deal with credit reporting companies, debt collectors, and businesses that opened accounts in your name. Creating an Identity Theft Report involves three steps: 1. Report the identity theft to the Federal Trade Commission (FTC) by completing the FTC’s online complaint form at www.identitytheft.gov 2. Contact your local police department about the identity theft 3. Attach your FTC Identity Theft Affidavit to your police report to make an Identity Theft Report.

    Document all communications in writing.  Remember to document, in writing, and keep copies of any communications you have related to your identity theft.

  • Why do bad actors target investors?

    A PE Firms’ most critical asset is information. Vulnerabilities exist in the nature and movement of data, and threat actors seek out weaknesses whilst data is static, in transition, or in motion through interconnected entities.

  • Kids
  • Chatting with Kids About Being Online by CISA

    The Internet offers a world of opportunities.

    People of all ages are: - Posting video from mobile devices

    - Building online profiles texting each other from their mobile devices.

    -Creating alter egos in the form of online avatars

    -Connecting with friends online they don’t see regularly in person

    -Sending photos to friends

    -Broadcasting what they’re doing to hundreds of people

    Talk to your kids about online threats.

    Read Full CISA Booklet

  • Children’s Online Privacy Protection Act (COPPA)

    Children’s Online Privacy Protection Act (COPPA) helps parents protect their children’s privacy by giving them specific rights. COPPA requires websites to get parental consent before collecting or sharing information from children under 13. The law covers sites designed for kids under 13 and general audience sites that know certain users are under 13. COPPA protects information that websites collect upfront and information that kids give out or post later.

    Protecting Children’s Privacy Under COPPA - Cybermaterial

  • What are some of the biggest online risks for kids?

    Inappropriate conduct: The online world can feel anonymous. Kids sometimes forget that they are still accountable for their actions.

    Inappropriate contact: Some people online have bad intentions, including bullies, predators, hackers, and scammers.

    Inappropriate content: You may be concerned that your kids could find pornography, violence, or hate speech online.

  • What are some of the biggest online risks for kids?

    Inappropriate conduct: The online world can feel anonymous. Kids sometimes forget that they are still accountable for their actions.

    Inappropriate contact: Some people online have bad intentions, including bullies, predators, hackers, and scammers.

    Inappropriate content: You may be concerned that your kids could find pornography, violence, or hate speech online.

  • What is cyberbullying?
    Cyberbullying is bullying or harassment that happens online to Kids and Teens. It can happen in an email, a text message, an online game, or comments on a social networking site. It might involve rumors or images posted on someone’s profile or passed around for others to see, or creating a group or page to make a person feel left out.
  • What's child grooming?

    Child grooming  (a.k.a. enticement of children or solicitation of children for sexual purposes) "can be described as a practice by means of which an adult 'befriends' a child (often online, but offline grooming also exists and should not be neglected) with the intention of sexually abusing her/him".

     
  • What's cyberstalking?

    Cyberstalking  involves the use of information and communications technology (ICT) to perpetrate more than one incident intended to repeatedly harass, annoy, attack, threaten, frighten, and/or verbally abuse individuals.

    Perpetrators can engage in cyberstalking directly by emailing, instant messaging, calling, texting, or utilizing other forms of electronic communications to communicate obscene, vulgar, and/or defamatory comments and/or threats to the victim and/or the victim's family, partner, and friends, and use technologies to monitor, survey and follow the victim's movements.

    Perpetrators can also engage in cyberstalking indirectly by causing damage to the victim's digital device (by, for example, infecting the victim's computer with malware and using this malware to surreptitiously monitor the victim and/or steal information about the victim) or by posting false, malicious, and offensive information about the victim online or setting up a fake account in the victim's name to post material online (social media, chat rooms, discussion forums, websites, etc.).

     
  • What’s at stake? (Types of threats)

    Threats to information: Cybercriminals are pros at using a variety of tactics to steal sensitive information, like account passwords.

    Threats to identity: You and your kids need to keep your personal information safe, but it’s difficult to do that if your kids post personal details online.

    Threats to finances: Cybercriminals use many ways to steal your money. That may not matter much to a kid, but it may have to come out of your pocket. It’s also a lesson that should be taught at an early age so that they don’t fall for scams later in life.

  • When do parents should start talking to their kids about online security?
    Start early. After all, even toddlers see their parents use all kinds of devices. As soon as your child is using a computer, a cell phone, or any mobile device, it’s time to talk to them about online behavior, safety, and security. As a parent, you have the opportunity to talk to your kid about what’s important before anyone else does.  
  • When should parents start talking to their kids about online security?
    Start early. After all, even toddlers see their parents use all kinds of devices. As soon as your child is using a computer, a cell phone, or any mobile device, it’s time to talk to them about online behavior, safety, and security. As a parent, you have the opportunity to talk to your kid about what’s important before anyone else does.
  • Seniors
  • How to properly report an elder fraud
    When writing your report, it’s important to think like a detective and relay financial information and tactical details about the perpetrator. If possible be ready to share: *Dates and times of activity, *Perpetrator’s financial information (bank names, account numbers), *Perpetrator’s IP addresses, *Perpetrator’s email and account names (even if it was a fake one).
  • How to protect yourself from online fraud

    Medical advice:  Be sure to find out who is providing the information, know where you’re going online Many pharmaceutical companies create websites with information to sell products. Look for sites ending in .edu (for education) or .gov (for government).

    Banking Avoid:  accessing your personal or bank accounts from a public computer or kiosk, such as the public library Don’t reveal personally identifiable information such as your bank account number, social security number, or date of birth to unknown sources. When paying a bill online or making an online donation, be sure that you type the website URL into your browser instead of clicking on a link or cutting and pasting it from the email.

    Shopping: Make sure the website address starts with “HTTPS,” s stands for secure Look for the padlock icon at the bottom of your browser, which indicates that the site uses encryption Type new website URLs directly into the address bar instead of clicking on links or cutting and pasting from the email.

       
  • Identity theft tips

    Identity theft is the illegal use of someone else's personal information in order to obtain money or credit.

    Don’t use the same password twice.

    Choose a password that means something to you and you only; use strong passwords with eight characters or more that use a combination of numbers, letters, and symbols.

    Do not reveal personally identifiable information online such as your full name, telephone number, address, social security number, insurance policy number, credit card information, or doctor’s name.

    Avoid opening attachments, clicking on links, or responding to email messages from unknown senders or companies that ask for your personal information.

    When making online donations, make sure any charity you donate to is a legitimate non-profit organization and that you type in the web address instead of following a link.

    Be sure to shred bank and credit card statements before throwing them in the trash; talk to your bank about using passwords and photo identification on credit cards and bank accounts.

    Check your bank and credit card statements monthly for unusual charges.

  • Types of Identity Thefts

    Medical Identity Theft. Has someone stolen or gained access to your Medicare/Medicaid or private health insurance ID or card or records? Cybercriminals will use this information to get medical services, prescriptions, or other benefits, or they may send fake bills to your health insurer to receive money/reimbursements.

    Social Security Identity Theft. Is someone using your Social Security number for fraudulent purposes? Social Security fraud and identity theft refers to a fraudster or scammer gaining access to your Social Security number and using it to receive your tax refund, secure employment, obtain a driver’s license, and/or receive unemployment benefits or any other state/federal aid.

    Deceased Identity Theft. Is someone using your deceased loved one’s personal information fraudulently? Deceased identity theft, or “ghosting,” is when a deceased individual’s personal information is used to commit fraudulent acts such as tax refund fraud, medical identity theft, driver’s license identity theft, credit card fraud, and more.

    Financial Identity Theft. Financial identity theft happens when a scammer gains access to your bank accounts, credit cards, retirement accounts, or personal information for their financial gain.

  • What can caretakers do to help seniors stay safe online?
    You can assist a senior to stay safe online by helping them install easy-to-use programs and online tools to protect their internet activity.
  • What is elder fraud?

    Each year, millions of elderly Americans fall victim to some type of financial fraud or confidence scheme, including romance, lottery, and sweepstakes scams, to name a few. Criminals will gain their targets’ trust and may communicate with them directly via computer, phone, and the mail, or indirectly through the TV and radio. Once successful, scammers are likely to keep a scheme going because of the prospect of significant financial gain. Seniors are often targeted because they tend to be trusting and polite. They also usually have financial savings, own a home, and have good credit—all of which make them attractive to scammers.

    Additionally, seniors may be less inclined to report fraud because they don’t know how, or they may be too ashamed at having been scammed. They might also be concerned that their relatives will lose confidence in their abilities to manage their financial affairs. And when an elderly victim does report a crime, they may be unable to supply detailed information to investigators.

  • Teens
  • Chatting with Kids About Being Online by CISA

    The Internet offers a world of opportunities.

    People of all ages are: - Posting video from mobile devices

    - Building online profiles texting each other from their mobile devices.

    -Creating alter egos in the form of online avatars

    -Connecting with friends online they don’t see regularly in person

    -Sending photos to friends

    -Broadcasting what they’re doing to hundreds of people

    Talk to your kids about online threats.

    Read Full CISA Booklet

  • Children’s Online Privacy Protection Act (COPPA)

    Children’s Online Privacy Protection Act (COPPA) helps parents protect their children’s privacy by giving them specific rights. COPPA requires websites to get parental consent before collecting or sharing information from children under 13. The law covers sites designed for kids under 13 and general audience sites that know certain users are under 13. COPPA protects information that websites collect upfront and information that kids give out or post later.

    Protecting Children’s Privacy Under COPPA - Cybermaterial

  • What are some of the biggest online risks for kids?

    Inappropriate conduct: The online world can feel anonymous. Kids sometimes forget that they are still accountable for their actions.

    Inappropriate contact: Some people online have bad intentions, including bullies, predators, hackers, and scammers.

    Inappropriate content: You may be concerned that your kids could find pornography, violence, or hate speech online.

  • What are the signs parents should look out for?

    There are several signs to be aware of (although a lot of them are quite common among teens). Generally, parents should look out for increased instances of:

    • Being secretive about who they’ve been talking to online and what sites they visit.
    • A move from expressing moderate views to following more extreme views.
    • A sudden conviction that their religion, culture, or beliefs are under threat and treated unjustly.
    • A conviction that the only solution to this threat is violence or war.
    • Lack of feeling of belonging or a desperate need to find acceptance within a group.
    • Displaying intolerant views to people of other races, religions, or political beliefs.
  • What is cyberbullying?
    Cyberbullying is bullying or harassment that happens online to Kids and Teens. It can happen in an email, a text message, an online game, or comments on a social networking site. It might involve rumors or images posted on someone’s profile or passed around for others to see, or creating a group or page to make a person feel left out.
  • What signs are different from other types of grooming?
    The signs are similar to other types of grooming but what’s slightly different is the script talking. Within other types of grooming, it is less likely to see the same sense of political judgment or entitlement, the same anger or resentment towards a particular group. That’s fairly unique to radicalization.
  • What's child grooming?

    Child grooming  (a.k.a. enticement of children or solicitation of children for sexual purposes) "can be described as a practice by means of which an adult 'befriends' a child (often online, but offline grooming also exists and should not be neglected) with the intention of sexually abusing her/him".

     
  • What's cyberstalking?

    Cyberstalking  involves the use of information and communications technology (ICT) to perpetrate more than one incident intended to repeatedly harass, annoy, attack, threaten, frighten, and/or verbally abuse individuals.

    Perpetrators can engage in cyberstalking directly by emailing, instant messaging, calling, texting, or utilizing other forms of electronic communications to communicate obscene, vulgar, and/or defamatory comments and/or threats to the victim and/or the victim's family, partner, and friends, and use technologies to monitor, survey and follow the victim's movements.

    Perpetrators can also engage in cyberstalking indirectly by causing damage to the victim's digital device (by, for example, infecting the victim's computer with malware and using this malware to surreptitiously monitor the victim and/or steal information about the victim) or by posting false, malicious, and offensive information about the victim online or setting up a fake account in the victim's name to post material online (social media, chat rooms, discussion forums, websites, etc.).

     
  • When do parents should start talking to their kids about online security?
    Start early. After all, even toddlers see their parents use all kinds of devices. As soon as your child is using a computer, a cell phone, or any mobile device, it’s time to talk to them about online behavior, safety, and security. As a parent, you have the opportunity to talk to your kid about what’s important before anyone else does.  
  • Why could social networking be a concern?
    • Your child may actively search for content that is considered radical, or they could be persuaded to do so by others. Social media sites, like Facebook, Ask FM, and Twitter, can be used by extremists looking to identify, target, and contact young people. It’s easy to pretend to be someone else on the internet, so children can sometimes end up having conversations with people whose real identities they may not know, and who may encourage them to embrace extreme views and beliefs.
    • Often children will be asked to continue discussions, not via mainstream social media, but via platforms, such as Omegle. Moving the conversation to less mainstream platforms can give users a greater degree of anonymity and can be less easy to monitor.
    • People who encourage young people to do this are not always strangers. In many situations, they may already have met them, through their family or social activities, and then use the internet to build rapport with them. Sometimes children don’t realize that their beliefs have been shaped by others, and think that the person is their friend, mentor, boyfriend, or girlfriend and has their best interests at heart.
  • Travelers
  • 8 cyber security tips for business travelers

    1. Lock Devices Down: Most smartphones, laptops, and tablets come equipped with security settings that will enable you to lock the device using a PIN number or fingerprint ID. Do this on every available device. While traveling, change the PIN numbers you regularly use.

    2. Be Cautious of Public Wi-Fi: The laws and regulations that govern cyber security in other countries are typically not going to be the same as those found in the US. Free Wi-Fi access can be very appealing for business or leisure travelers but is also particularly vulnerable to security issues. Avoid unencrypted Wi-Fi networks; ask your hotel about its security protocol before connecting to the Web. Be extra cautious using Internet cafes and free Wi-Fi hotspots; if you must use them, avoid accessing personal accounts or sensitive data while connected to that network.

    3. Disable Auto-Connect: Most phones in the US have a setting that allows a device to automatically connect to Wi-Fi networks as you pass through them on your day-to-day activities. While this is a nice feature when used at home, it’s not something you should allow while traveling abroad. Before you travel, change this setting so that your smartphone and laptop must be manually connected each time you wish to access the Web.

    4. Minimize Location Sharing: It’s very common for travelers to update social networking sites as they move about new counties or cities. The problem with this type of excessive sharing is that it creates a security threat at home. By signaling your every location, you make it easy for a criminal to determine that you’re not in your hotel room or at your home, leaving your personal belongings within these areas vulnerable to a physical intrusion. Limit the information you post online about your specific whereabouts to limit these threats to your personal property.

    5. Install Anti-Virus Protection: This is one of the easiest and most effective ways you can keep your personal information, as well as company information, secure while traveling. In addition to using a trusted brand of security, make sure that you regularly update this software as new versions become available.

    6. Update Operating Systems: Just like your anti-virus software, you should keep your operating system as current as possible. This also goes for apps on your phone; take special care to update apps that you regularly use to conduct financial or personal business.

    7. Update Passwords: If you plan on traveling, change all of the passwords you regularly use. Similarly, if you must create a PIN for a safe or security box in a hotel room, make sure it’s unique and not something you commonly use. Don’t skimp on password creation either—a numerical sequence is not ideal. Take the time to create something that will keep a criminal out of your personal property. Once you return home, you can change all the passwords back.

    8. Disable Bluetooth Connectivity: Just like your phone’s automatic Wi-Fi connectivity, Bluetooth connectivity can present problems. Bluetooth signals can come from anywhere. If your Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device. Keep Bluetooth disabled as much as possible while traveling abroad. In addition to implementing these eight cyber security tips for travelers, you should also check out the laws and regulations governing cyber security in each country you plan to visit. By remaining vigilant during your business travels, you can greatly reduce your risk of suffering a cyber threat.

  • 9 Tips for Travelers

    1. Create A Backup: Backing up your devices' data to another physical device or the cloud before traveling will keep your data safe in case of a data breach or any unfortunate event where you lose your data or devices on the go.

    2. Software Updates: Operating systems in your devices all have built-in security systems that get regular updates from the manufacturer. Keeping your apps and operating system updated will give you better security while you travel. Make sure your devices have the latest security patch installed before leaving home for improved cybersecurity.

    3. Auto And Remote Connectivity: Auto connectivity is an extremely useful feature around the house or workplace, which is why most of our devices have this feature turned on. While traveling, your wireless network and Bluetooth can automatically connect to available networks and devices on the go. This can create problems if you connect to a network or device that is malicious. Turning off your devices' auto and remote connect features while traveling will allow you to only connect when you want to connect.

    4. Physical Security: Keeping your devices physically secure while in hotel rooms, airports, planes or any other mode of transport will help prevent unauthorized access, physical theft, and consequent data breaches. A good practice is to never leave your devices unattended in a public space or on any means of transport.

    5. Locks And Passwords: Using a strong password or PIN is always useful but keeping your device locked at all times is even more important, especially while traveling. If you leave your device unlocked for even a minute or two, it can potentially give hackers enough time to breach your device.

    6. Location Sharing: Immediately updating social media networks with pictures and locations is very common among travelers on vacation. This can sometimes be problematic if a cybercriminal has access to your social media pages. They can track your location and use that information to break into your hotel rooms or even your home and steal valuables while you are away. Always be cautious with what you share on social media, especially when it comes to letting people know where you are, or even where you’re not.

    7. Public Wireless Networks: Connecting to public hot spots or wireless networks that are available in hotels, planes, cafes and transportation can be risky, which is why you must always confirm with the staff the exact procedures and networks to connect. Often, hackers use these public networks to gather sensitive data. If you are connected to a public network, make sure to only use "https" sites and avoid online shopping or accessing any sensitive data to avoid a security breach. If possible, always use your own data network connection or make sure to have a VPN.

    8. Public Computers: More and more public places are allowing access through public computers. Libraries, internet cafes, hotels, and even some restaurants have publicly available computers for you to use and access the internet.

    9. Skimmer Devices: A skimmer device is used by criminals to copy your credit card information without ever touching or using your credit card. Criminals need only hover a skimmer device over your credit card for a few seconds to copy its data and use it for personal gains. They can even do this by hovering the device over your wallet or pocket that contains your card. An easy way to avoid this from happening is to use an RFID wallet or cardholder that prevents data theft by creating a digital wall between your card and the skimmer device.

    Conclusion: The threat of cybercrime is very real, and the probability of that threat increases when we are vulnerable. That is why a good cybersecurity mindset while traveling is a must. Whether you are traveling for work or vacation, be sure to practice these tips and proceed with caution.

  • COMMON CYBERSECURITY THREATS WHILE TRAVELING

    Unsecured wireless networks. While public wireless networks provide great convenience, allowing people to connect to the Internet from almost anywhere, they are insecure and can allow cyber criminals access to your Internet-enabled devices. Beyond the typical public wireless networks found at airports, restaurants, hotels, and cafes, they are increasingly available in other places, such as on airplanes and in public parks.

    Publicly accessible computers. Hotel business centers, libraries, and cyber cafes provide computers that anyone can use. However, travelers cannot trust that these computers are secure. They may not be running the latest operating systems or have updated antivirus software. Cyber criminals may have infected these machines with malicious viruses or install malicious software.

    Physical theft of devices. Thieves often target travelers. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary — these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms

  • CYBERSECURITY TIPS FOR TRAVELERS

    Before You Go:

    Update your mobile software. Treat your mobile device like your home or work computer. Keep your operating system software and apps updated, which will improve your device’s ability to defend against malware.

    Back up your information. Back up your contacts, photos, videos, and other mobile device data with another device or cloud service.

    Keep it locked. Get into the habit of locking your device when you are not using it. Even if you only step away for a few minutes, that is enough time for someone to steal or destroy your information. Use strong PINs and passwords.

    While You Are There

    Stop auto-connecting. Disable remote connectivity and Bluetooth. Some devices will automatically seek and connect to available wireless networks. And Bluetooth enables your device to connect wirelessly with other devices, such as headphones or automobile infotainment systems. Disable these features so that you only connect to wireless and Bluetooth networks when you want to.

    Think before you connect. Before you connect to any public wireless hotspot – like on an airplane or in an airport, hotel, train/bus station, or café – be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. Do not conduct sensitive activities, such as online shopping, banking, or sensitive work, using a public wireless network. Only use sites that begin with https:// when online shopping or banking. Using your mobile network connection is generally more secure than using a public wireless network.

    Think before you click. Use caution when downloading or clicking on any unknown links. Delete emails that are suspicious or are from unknown sources. Review and understand the details of an application before installing.

    Guard your mobile device. To prevent theft and unauthorized access or loss of sensitive information, never leave your mobile devices–including any USB or external storage devices–unattended in a public place. Keep your devices secured in taxis, at airports, on airplanes, and in your hotel room.

  • CYBERSECURITY WHILE TRAVELING: TIP CARD

    Cybersecurity should not be limited to the home, office, or classroom. It is important to practice safe online behavior and secure our Internet-enabled mobile devices whenever we travel, as well. The more we travel and access the Internet on the go, the more cyber risks we face. No one is exempt from the threat of cyber crime, at home or on the go, but you can follow these simple tips to stay safe online when traveling.

  • Ethics, Compliance and Audit Services

    Traveling overseas with high tech equipment, confidential, unpublished, or proprietary information or data - Traveling with certain types of high tech equipment including but not limited to advanced GPS units, scientific equipment, or with controlled, proprietary, or unpublished data in any format may require an export license depending on your travel destination. Federal export and sanctions regulations prohibit the unlicensed export of specific commodities, software, technology, and payments to or from certain countries, entities, and individuals for reasons of national security, foreign policy, or protection of trade. University employees are required to comply with United States export and sanctions regulations when traveling abroad with commodities, software, and technology. ECAS can assist with export and sanction determinations related to your international travel. Helpful information may be found below concerning international travel procedures and best practices to ensure compliance with these federal regulations.

  • International Travel Tips and Additional Information

    Presentations and discussions must be limited to topics that are not related to controlled commodities, software, or technology unless that information is already published or otherwise already in the public domain. Verify that your technology or information falls into one or more of the following categories prior to traveling: Research that qualifies as fundamental research Published information Publicly available software Educational information

    Check with your local export control contact prior to traveling with any commodities, software, or technology that fall into one of the following categories: Controlled Unclassified, or Export Controlled or information under any other restriction including 3rd party proprietary information received under a non-disclosure agreement (NDA) Limited Distribution, Proprietary, Confidential, or Sensitive Specifically designed for military, intelligence, space, encryption software, or nuclear related applications Data or information received under a Non-Disclosure Agreement Data or information that results from a project with contractual constraints on the dissemination of the research results Computer software received with restrictions on export to or on access by non-US Persons

  • Women
  • Tips for protecting yourself from cyberstalkers
    • Make your posts 'friends only' so that only people you know get to see them.
    • Don't let social networks post your address or phone number publicly. (You might even want to have a separate email address for social media)
    • If you need to share your phone number or other private information with a friend, do so in a private message - not in a public post
    • Use a gender-neutral screen name or pseudonym for your social media accounts — not your real name.
    • Leave optional fields in social media profiles, like your date of birth, blank.
    • Only accept friend requests from people you have actually met in person. Set your social networks to accept friend requests only from friends of friends.
    • Disable geolocation settings. You may want to also disable GPS on your phone.
  • What is catfishing?
    Catfishing is a form of fraud or abuse where someone creates a fake online identity to target a particular victim. Catfishers may lure their victims into providing intimate photos or videos, then blackmail them, or may develop a relationship and then ask for money for a sudden emergency
  • What is Cyberharassment?

    Cyberharassment involves the use of ICT to intentionally humiliate, annoy, attack, threaten, alarm, offend, and/or verbally abuse individuals. Only one incident is needed for cyberharassment to occur; however, it can involve more than one incident.

    Cyberharassment may also involve targeted harassment, where one or more persons work together to repeatedly harass their target online over a finite period (often a brief period) to cause distress, humiliation, and/or to silence the target. The perpetrators of cyberharassment can hack into the victim's account and steal the victim's personal information, images, and videos.

    Cyberharassment can also involve the posting or other distribution of false information or rumors about an individual to damage the victim's social standing, interpersonal relationships, and/or reputation (i.e., a form of cybersmearing). This false information is posted on websites, chat rooms, discussion forums, social media, and other online sites to damage the reputations of people and businesses. Offenders can also impersonate victims by creating accounts with similar names and, by making use of existing images of the victims, use these accounts to send friend and/or follower requests to victims' friends and family members to deceive them into accepting these requests (a form of online impersonation).

  • What is sextortion?
    It is a form of cyber extortion. It occurs when individuals demand their victims provide them with sexual images, sexual favors, or other things of value. There is no specific federal sextortion offense, but it falls under the federal cyberstalking law.
  • What's cyberstalking?

    Cyberstalking  involves the use of information and communications technology (ICT) to perpetrate more than one incident intended to repeatedly harass, annoy, attack, threaten, frighten, and/or verbally abuse individuals.

    Perpetrators can engage in cyberstalking directly by emailing, instant messaging, calling, texting, or utilizing other forms of electronic communications to communicate obscene, vulgar, and/or defamatory comments and/or threats to the victim and/or the victim's family, partner, and friends, and use technologies to monitor, survey and follow the victim's movements.

    Perpetrators can also engage in cyberstalking indirectly by causing damage to the victim's digital device (by, for example, infecting the victim's computer with malware and using this malware to surreptitiously monitor the victim and/or steal information about the victim) or by posting false, malicious, and offensive information about the victim online or setting up a fake account in the victim's name to post material online (social media, chat rooms, discussion forums, websites, etc.).

     
  • Where to report cyberstalking
    Submit an Internet crime complaint with the Internet Crime Complaint Center - IC3. Complaints filed via the IC3 website are processed and may be referred to federal, state, local or international law enforcement or regulatory agencies for possible investigation.      
  • Institutions

  • Corporations
  • How to protect your organization against cybercrime
    • Companies should no longer be asking why cybersecurity is important, but how can I ensure my organization's cybersecurity practices are sufficient to comply with GDPR and other regulations and to protect my business against sophisticated cyber-attacks. There are three simple steps you can take to increase security and reduce the risk of cybercrime.
    • Educate all levels of your organization about the risks of social engineering and common social engineering scams like phishing emails and typosquatting.
    • Invest in tools that limit information loss, monitor your third-party risk and fourth-party vendor risk, and continuously scan for data exposure and leak credentials.
    • Use technology to reduce costs like automatically sending out vendor assessment questionnaires as part of an overall cyber security risk assessment strategy.
  • Sources of cybersecurity threats

    nation-state attackers, corporate spies, criminal groups, malicious insiders, hackers, hacktivists, terrorist groups.

  • What are the most common types of cybersecurity threats?
  • What is cyber security compliance?
    Cybersecurity compliance involves a set of guidelines and controls to protect the confidentiality, integrity, and availability of information stored, processed, or transferred.
  • Which consequences my corporation can face?
    Beyond causing severe financial damage, cyberattacks can lead to regulatory penalties, lawsuits, reputational damage, and business continuity disruptions.    
  • Why corporations need cyber security compliance?
    As organizations continue to migrate to the digital realm, they face a multitude of challenges related to privacy and protection of customer, employee, and shareholder data.
  • Governments
  • How do public data need to be handled?

    We need better technology that delivers more effective security to protect data, combined with ease of use. Such technology needs to be transparent to users while removing them from security decisions. The principle that everything – 100% – should be encrypted all of the time, in storage, in transit, and in use, is the goal. This means that when a file on a running system is copied from one location to another, it remains encrypted.

    Furthermore, strong authentication should be built into the encrypted file so that only authorized individuals can decrypt the data. With this transparent, 100% file encryption, all data will be protected no matter where it gets copied because security is part of the file rather than a feature of its storage location. And by continuing the 100% encrypted principle, IT security experts no longer need to spend hours tweaking data classification rules so that ’important’ data gets more strongly protected.

  • How do Public Data need to be Handled?

    We need better technology that delivers more effective security to protect data, combined with ease of use. Such technology needs to be transparent to users while removing them from security decisions.

    The principle that everything – 100% – should be encrypted all of time, in storage, in transit and in use, is the goal.

    This means that when a file on a running system is copied from one location to another, it remains encrypted. Furthermore, strong authentication should be built into the encrypted file so that only authorised individuals can decrypt the data.

    With this transparent, 100% file encryption, all data will be protected no matter where it gets copied because security is part of the file rather than a feature of its storage location.

    And by continuing the 100% encrypted principle, IT security experts no longer need to spend hours tweaking data classification rules so that ’important’ data gets more strongly protected.

  • How government agencies are facing cyber security challenges

    The government is now using four new strategies to secure its sensitive information and protect its vital infrastructure:

    • Proactive cyber threat hunting. The federal government is turning to cyber threat hunting as a proactive means of identifying dormant threats because traditional prevention and response measures are often ineffective against determined adversaries. The ability to actively search endpoints and identify sophisticated threats is an ongoing process that requires advanced tools, technology, and people to discover both the external origins of breaches and internal compromises of systems and data. Obtaining and maintaining full visibility of threat actors targeting a specific environment is important to enabling cyber threat hunting operations in complex settings.
    • Increased use and sharing of cyber intelligence data. intelligence gleaned from information sharing is now proactively incorporated into indicators of compromise (IOCs) to search for other signs of malicious activity, such as nefarious users who may be harvesting data and performing privilege escalation. Such activity likely stems from threats that have not been appropriately categorized or that include previously unknown malware. This gives analysts the ability to examine various system artifacts for IOCs linked to nation-state threat actors. New hunting techniques include the use of advanced detection technology to search for specific IOCs and perform sweeps specifically associated with advanced threat actors targeting federal agencies. This technology allows analysts to examine various system artifacts for IOCs linked to nation-state, criminal, and other sophisticated threat actors. In addition to the automated IOC sweeps, analysts collect and analyze data using frequency of occurrence analysis to better discover anomalies that might have gone undetected with previous measures. This technique enables analysts to focus on finding deviations in the environment that IOCs did not detect.
    • Continuous security monitoring, with an emphasis on boundary protection and security event lifecycle management. The Continuous Diagnostics and Mitigation program (CDM) enables government departments and agencies to expand their continuous monitoring and diagnostic capabilities by increasing their sensor capacity, automating data collection, and prioritizing risks. The program was designed to integrate commercial technology with government networks and systems.
    • Automation and orchestration of security operations. Agencies that must defend the federal government’s critical infrastructure with existing tools and capabilities face four major limitations: Lack of skilled staff to analyze the growing number of incidents, Slow incident remediation time, Error-prone and inconsistent manual remediation processes, Inexperienced staff spending less time hunting for new threats and more time remediating false alerts. Security orchestration can help combat these limitations through the process of connecting security tools and integrating disparate security systems to drive automation and reduce human analysis and interactions. It requires that the organization have a mature security environment and appropriately classify actionable incidents.
  • Nonprofits
  • Do Nonprofits need Cybersecurity?

    Yes. Because they normally store sensitive information desirable for attacker, and also they can be seen as an easy entry to larger nonprofits or government entities.

  • How likely is it that hackers will take over your nonprofit’s website?

    That depends on the strength of the security of individual nonprofits’ websites and how consistently users follow strong password protocols.

  • How serious are the risks of a site takeover?

    Typically, the main website remains intact, but the hackers create additional content that can’t be good for your nonprofit’s reputation – or Google analytics. So, on balance, a site takeover does not create the same type of liability risks that other security breaches do, but cleaning up the mess can be time consuming and costly.

  • Is Cyber Liability Insurance needed?

    Insurance policies are available to cover losses from breaches affecting a nonprofit’s own information and losses affecting third parties’ information (such as patients/clients, and donors). The types of losses/expenses that cyber insurance can cover a range from the cost of notifying all the folks whose information may have been comprised; to the cost of content repair, such as repair to a hacked website; to the cost of hiring a PR whiz to help your nonprofit recover its reputation after a severe security breach. There are even some policies that address business interruption in the event a cybersecurity breach is so severe that it forces the nonprofit to temporarily suspend operations

  • Most Common Risks Associated with the Business of Charit

    Risk #1: Online Donations While technology has made it much easier for nonprofits and charitable organizations to accept donations online, it has also made it that much simpler for a digital pickpocket to steal from the organization.

    While payment is easy for the customer, having an unsecured website could mean leaving an open avenue for a cyberattack.

    Risk #2: Phishing Scams and Ransomware

    Communicating with donors, partner organizations, and clients is a simple process today. Automated emails and newsletters keep interested parties aware of what's going on in the organization. But as you're responding to emails, you could be putting the organization at risk. Clicking a bad link, downloading a seemingly safe Word, Excel, or PowerPoint file, or even just opening a PDF file could put your hard-won funds at risk.

    Cybercriminals use phishing emails, a type of social engineering scam, in an attempt to obtain sensitive information. They may also install ransomware, or ransom malware, on a nonprofit's computer system, blocking access until they receive a sum of money or another action has been completed.

    Risk #3: Volunteers

    Volunteers share their time for many reasons, from being a surviving family member to wanting to give back to the local community. And while many volunteers have good intentions, there are a few that may volunteer their time to gain access to your data stores. Training time is short, onboarding an on-the-job process, and the bad guys can sometimes slip through the cracks, leaving your organization at risk for a cyberattack.

  • Three of the Best Ways you can Lower nonprofit Cybersecurity Risks

    Lock Down the Digital Donation System

    Using encryption and a secure website helps protect information during online financial transactions. Whether accepting donations or accepting payment through an online store, protecting customer and company data should be a top concern for nonprofit cybersecurity

    Secure Your Email Communications

    Using a secure server and network to collect, sort and transmit important donor information can help you keep your email communications secure. Email addresses, physical addresses, and other personal identification information can be used in a nonprofit cyberattack.

    Get a Criminal Background Check

    Starting the onboarding process with a criminal background check is one of the best ways to ensure your volunteers are there for good will. In addition to making sure you have the right people, be sure to train employees on cybersecurity at the beginning of their safety training to make sure there isn’t an accidental cyber breach.

  • What are the risks of a Data Breach?

    Many nonprofits collect and store sensitive personal information that is protected by law as confidential. When there is a breach of the confidentiality of those data, that poses a risk for the individuals whose data was disclosed, AND for the nonprofit that will now potentially be subject to liability for the breach.

  • What cybersecurity steps a nonprofit can take?

    First Step | Risk assessment: assessing your nonprofit’s data risks is to take inventory of all the data your nonprofit collects and identify where it is stored

    Second Step | Are the data your nonprofit maintains "protected" or "confidential"?: Second, know whether the data your nonprofit collects and maintains is covered by federal or state regulations as “personally identifiable information.” If so, forty-seven states’ laws require nonprofits to inform persons whose “personally identifiable information” is disclosed in a security breach, and 31 states have laws that require the disposal of such data in certain ways. Additionally, the Federal Trade Commission's Disposal Rule also requires proper disposal of information in consumer reports and records to protect against “unauthorized access to or use of the information.” Protecting personally identifiable information is all about training staff on how to collect/store/dispose of and generally protect this data.

    Third Step | Drill down on the actual risks: Third, consider using the US National Institute of Standards and Technology (NIST) Cybersecurity Framework to help your nonprofit identify risks, and make management decisions to mitigate those risks. This framework is not intended to be a one-size-fits-all approach but to allow organizations to manage cybersecurity risks in a cost-effective way, based on their own environment and needs.

  • What should nonprofits do?

    It makes sense for EVERY nonprofit to - at a minimum - assess the risks of a data security breach, and protect its data from unauthorized disclosure.

  • What steps a noprofit should take before deciding whether to purchase cyber-liability insurance?

    (1) Understand how a breach of privacy claim could affect your nonprofit

    (2) Work with a knowledgeable insurance agent or broker who not only understands how different cyber liability policies differ in their coverage, but also understands your nonprofit’s operations and activities well enough that s/he can break down your nonprofit’s exposures with you. Choosing insurance products should be a collaborative effort with your nonprofit’s broker/agent

    (3) as with all insurance, take a hard look at the cost of the annual premium.

  • Who and What does PCI Compliance Apply to Within Nonprofit Organizations?

    PCI compliance comes into play any time you are accepting credit cards as a form of payment. During fundraising efforts, and accepting donations on your website, you will undoubtedly be handling and processing credit card information. It is important to remain PCI compliant on your website’s donation page, and also when accepting donations via credit card at fundraisers and events.

  • Why is it Important to be PCI Compliant with my Nonprofit?

    PCI compliance is not optional, and it is a necessary component of your organization’s security plan. Not only will you avoid paying legal fees, but you will gain trust with your donors while protecting their personal information. If your nonprofit is flagged as a company that has had credit card theft in the past, it will be very difficult to bring new donors on board for fear of history repeating itself.

    Becoming and remaining PCI compliant is a must for any serious nonprofit organization. On top of the possibility of bad press making it harder to attract new donors, you run the risk of having to pay substantial fines set in place by the PCI Security Standards Council (PCI SSC). These fines range anywhere from $5,000 to $500,000 depending on the size of your operation.

  • Why Nonprofits can be Attacked?

    Because many nonprofits store personally identifiable information (PII), including full names, addresses, social security numbers, medical information, driver’s license numbers, email addresses, and more, their IT systems are a target-rich environment.

  • Small Businesses
  • Common scams that target small businesses

    Fake Invoices

    Scammers create phony invoices that look like they’re for products or services your business uses — maybe office or cleaning supplies or domain name registrations. Scammers hope the person who pays your bills will assume the invoices are for things the company ordered. Scammers know that when the invoice is for something critical, like keeping your website up and running, you may pay first and ask questions later. Except it’s all fake, and if you pay, your money may be gone.

    Directory Listing and Advertising Scams

    Con artists try to fool you into paying for nonexistent advertising or a listing in a nonexistent directory. They often pretend to be from the Yellow Pages. They may ask you to provide contact information for a “free” listing or say the call is simply to confirm your information for an existing order. Later, you’ll get a big bill, and the scammers may use details or even a recording of the earlier call to pressure you to pay.

    Utility Company Imposter Scams

    Scammers pretend to call from a gas, electric, or water company saying your service is about to be interrupted. They want to scare you into believing a late bill must be paid immediately, often with a wire transfer or a reloadable card or gift card. Their timing is often carefully planned to create the greatest urgency — like just before the dinner rush in a restaurant.

     

    Government Agency Imposter Scams

    Scammers impersonate government agents, threaten to suspend business licenses, impose fines, or even take legal action if you don’t pay taxes, renew government licenses or registrations, or other fees. Some businesses have been scared into buying workplace compliance posters that are available for free from the U.S. Department of Labor. Others have been tricked into paying to receive nonexistent business grants from fake government programs. Businesses have received letters, often claiming to be from the U.S. Patent and Trademark Office, warning that they’ll lose their trademarks if they don’t pay a fee immediately, or saying that they owe money for additional registration services.

     

    Tech Support Scams

    Tech support scams start with a call or an alarming pop-up message pretending to be from a well-known company, telling you there is a problem with your computer security. Their goal is to get your money, access to your computer, or both. They may ask you to pay them to fix a problem you don’t really have, or enroll your business in a nonexistent or useless computer maintenance program. They may even access sensitive data like passwords, customer records, or credit card information.

  • What are the top cyber threats against small businesses?
  • Why do bad actors target small businesses?
    Small businesses are attractive targets because they have information that cybercriminals want, and they typically lack the security infrastructure of larger businesses. Sometimes the gains to be had from attacking a small business are smaller than what the results could be if a larger enterprise were the focus of a cyber-attack. But, because of the corresponding lack of security controls, bad actors can see small businesses as “easy pickings”. Other times, however, a small business is viewed as a critical component of the attack vector into a large enterprise. Large firms of every type use small business vendors. The SBA incentivizes large companies to use small business suppliers. Cybercriminals have found that attacking a large firm through their small business partners can be a successful strategy.
  • Startups
  • Causes of cyber attacks
    • Unsecured Wi-Fi connections: This remains one of the main causes of cyber attacks. Unsecured networks give hackers a free pass to confidential log-in details from connected computers.
    • Insecure passwords: Failure to secure your passwords makes them easily accessible to hackers who can gain access to your system and launch cyber attacks against you.
    • Human error: According to Kaspersky, human error is the second most probable cause of a serious security breach, second to malware.
  • Legal ramifications of a data breach
    As a startup owner, you should be not only worried about the financial implications of a data breach, but also the legal consequences that may follow. Government penalties, fines, and in extreme circumstances, jail time, are some of the legal ramifications of not protecting Personally Identifiable Information (PII).
  • Steps that start-up entrepreneurs can take to improve IT security

    VPN. A virtual private network (VPN) creates a private network from a public internet connection ensuring online privacy and anonymity. It should be a part of your cybersecurity toolkit. Secure the network with a VPN to defend against DDoS attacks, malware, snooping, and a wide range of other online threats.

    Antivirus. Use antivirus to protect your system from viruses and malware. Malware may include viruses, trojans, spyware, worms, etc. Antivirus software is essential to cybersecurity as it helps you protect your start-up’s data from hackers and other online threats.

    Backup. A comprehensive backup strategy is a vital part of a start-up’s cybersecurity safety net. Backing up your mission-critical data ensures that it’s available for restore in the event of a breach or a ransomware attack. With a backup, you can always start afresh.

    Risk assessment. A risk assessment is a comprehensive audit of your system. Assess risks and vulnerabilities to find possible entry points. Assessing risks and vulnerabilities helps you know where your business is most vulnerable which, in turn, helps you patch these weaknesses and protect your company data.

  • Top cyber security threats facing start-ups in 2020
  • Why do cyber criminals target start-ups?
    Most start-ups don’t have robust cybersecurity infrastructure, which makes them an easy target.
  • Cyber Professionals

  • Analyst
  • How much does a cybersecurity analyst make?
    According to the Bureau of Labor Statistics (BLS), the average annual salary of a cybersecurity analyst is $103,590 ($49.80 per hour) (2020). The longer you are in this field, the more you can make. However, if you have a Master's and a specialized skill set, you may be able to make more. There will be different pay rates for various titles.
  • How to become an information security analyst?
    Most information security analyst positions require a bachelor’s degree in a computer-related field. Employers usually prefer to hire analysts with experience in a related occupation.
  • What education does a cybersecurity analyst need?
    Cybersecurity analysts are more entry-level roles in the cybersecurity field. In order to be qualified, you will need a bachelor's degree in cybersecurity and information assurance. This type of degree program will help you learn IT fundamentals as well as critical cybersecurity foundations that will prepare you for the requirements of this job. Scripting and programming, data management, penetration testing, hacking and countermeasures, and more will all be critical elements of your cybersecurity education.
  • What is a cybersecurity analyst role?
    A cybersecurity analyst protects an organization from cyber threats and actively develops protocols used to respond to and quell cyberattacks. Cybersecurity analysts protect organizational infrastructure, such as computer networks and hardware devices, from cybercriminals and hackers seeking to cause damage or steal sensitive information.
  • What is a cybersecurity analyst?
    A cybersecurity analyst is a trained cyber professional who specializes in network and IT infrastructure security. The cybersecurity analyst thoroughly understands cyberattacks, malware, and the behavior of cybercriminals, and actively seeks to anticipate and prevent these attacks. The analyst usually possesses at least a bachelor's degree in cybersecurity or a related field.
  • What skills does a cybersecurity analyst need?

    The job of a cybersecurity analyst is a specialized position that requires a unique skill set. Some of the required skills of a cybersecurity analyst are:

    • Communication: You may understand the threats to your company's network, but you need to be able to explain them in laymen's terms to others. You will have to communicate with others a lot in this job and work with a team that is responsible for security.
    • IT Knowledge: This job requires you to stay up-to-date on trends in the technology world. You need to be aware of the best practices, techniques, and any laws that change.
    • Creativity: You may not think a cybersecurity expert needs to be creative, but this is a must! You need to think of creative ways that bad guys can breach your organization's system, then think of creative solutions to prevent them.
    • Strong Attention to Detail: This is not something that should be overlooked. You need to be detail-oriented for this job, paying strong attention to the smallest adjustments and changes in your organization's network.
    • Reading Comprehension: Reading work-related information.
    • Critical Thinking:  Thinking about the pros and cons of different ways to solve a problem.
    • Active Listening: Listening to others, not interrupting, and asking good questions.
    • Complex Problem Solving: Noticing a problem and figuring out the best way to solve it.
  • DevSecOps
  • What are common DevOps capabilities?
    • Platform familiarity: While the days of worrying about infrastructure systems and servers are over, most engineers should be familiar with infrastructure automation tools (Kubernetes) and have experience working with virtual machines (VMs) and pods.
    • Programming/scripting languages: Most engineers would require familiarity with at least one or two programming languages. Given the variety of languages out there, organizations tend to be very targeted in hiring for specific languages, such as Java, Go, C and Python.
    • Operations: These would be things like configuration management, provisioning, and deployment, which are automated and require programming skills.
    • Security: Some organizations and technology companies have used the term DevSecOps to emphasize the security aspects of DevOps – although security should already be baked into DevOps processes.
    • Integration: This involves integrating different pipelines, through which development teams deploy different features that come together in an application release, which makes release automation and continuous delivery more important than integration.
    • Communication and team management: communication is the most important skill for a DevOps professional.
     
  • What are common DevOps roles?

    A DevOps team is made up of skilled professionals who work closely together but carry out different roles or are cross-trained to perform multiple roles. The roles might vary from one team to the next, or they might go by different names, but they can all play an important part in the DevOps effort. Some of the more common DevOps roles include the following:

    • DevOps engineer: Oversees DevOps operations and the software development lifecycle, while fostering a collaborative environment and cross-team communication.
    • Release manager: Oversees the continuous integration/continuous delivery (CI/CD) pipeline, as well as other operations associated with building and deploying applications.
    • Automation engineer: Responsible for planning and delivering automation solutions that eliminate manual, repetitive tasks and support the CI/CD pipeline.
    • Software developer: Writes and updates application code, along with unit tests and IaC instruction sets, where applicable.
    • Software tester: Ensures products meet defined QA standards and can be safely released to customers.
    • Security engineer: Focuses on application and infrastructure security, with an eye toward data integrity and compliance.
    • DevOps evangelist: Promotes an organization's DevOps initiatives and articulates its benefits, relying heavily on interpersonal communication.
    • User experience (UX) engineer: Ensures products meet UX expectations and UX goals align with test and release goals.
  • What does a DevSecOps engineer do?

    DevSecOps engineers typically test and monitor a company's system for vulnerabilities. Then, they will work in collaboration with program developers (often called DevOps engineers) to create new programs that patch holes in the current security program, add countermeasures to prevent new threats, or simply make the program stronger and more effective.

    They also often need to present the results of their security tests — and the programs they created to respond to those results — with other professionals within the company. Ultimately, they are responsible for keeping the company's digital data safe through monitoring, programming, testing, and communication.

  • What does it take to be a DevSecOps engineer?

    Becoming an effective DevSecOps engineer requires a distinct set of skills and practical experience. DevSecOps engineers should have a deep understanding of how security impacts each stage of the development pipeline and the final product or service. Just as important is their ability to be team players with good communication skills.

    The ideal DevSecOps engineer has involvement in and appreciation of every stage in the software project lifecycle, from initial design and build to rollout and maintenance. In a continuous integration/continuous delivery (CI/CD) environment, this entails working under pressure with critical task times.

  • What to consider before starting a career in DevOps?
    A career in DevOps is not for the faint of heart. It's a demanding undertaking that requires skilled professionals who know how to solve problems and work in a team setting. DevOps practitioners must be able to adapt to changing circumstances, collaborate with colleagues, and empathize with customers and other stakeholders. Before deciding on a career in DevOps, candidates should have a clear sense of the DevOps job market and what it takes to be a DevOps professional.
  • What's the DevSecOps engineer salary?
    The average DevSecOps salary in the USA is $143,294 per year or $73.48 per hour. Entry-level positions start at $121,500 per year while most experienced workers make up to $180,000 per year.
  • Forensics
  • Do digital forensics analysts need certifications?

    Candidates do not need a formally issued license to become a computer forensics analyst, but employers often prefer candidates who hold one or more of the following:

    • Global Information Assurance Certifications: GIAC certifications focus on incident response capabilities, and include seven unique programs as of 2020.
    • Computer Hacking Forensic Investigator: Offered by the world-renowned EC-Council, the CHFI designation appeals to professionals interested in investigating cybercrime.
    • Certified Forensic Computer Examiner: Delivered by the IACIS, the CFCE program includes two phases: a peer review phase and a certification phase. Candidates must recertify every three years to maintain valid standing.
    • Access Data Forensics Certifications: Access Data offers numerous specialized certifications for professionals who aspire to work in law enforcement settings.
  • Do Digital Forensics Analysts need certifications?

    Candidates do not need a formally issued license to become a computer forensics analyst, but employers often prefer candidates who hold one or more of the following:

    Global Information Assurance Certifications: GIAC certifications focus on incident response capabilities, and include seven unique programs as of 2020.

    Computer Hacking Forensic Investigator: Offered by the world-renowned EC-Council, the CHFI designation appeals to professionals interested in investigating cybercrime.

    Certified Forensic Computer Examiner: Delivered by the IACIS, the CFCE program includes two phases: a peer review phase and a certification phase. Candidates must recertify every three years to maintain valid standing.

    AccessData Forensics Certifications: AccessData offers numerous specialized certifications for professionals who aspire to work in law enforcement settings.

  • How does digital forensics work?

    Forensic investigators typically follow standard procedures, which vary depending on the context of the forensic investigation, the device being investigated or the information investigators are looking for. In general, these procedures include the following three steps:

    • Data collection: Electronically stored information must be collected in a way that maintains its integrity. This often involves physically isolating the device under investigation to ensure it cannot be accidentally contaminated or tampered with. Examiners make a digital copy, also called a forensic image, of the device's storage media, and then they lock the original device in a safe or other secure facility to maintain its pristine condition. The investigation is conducted on the digital copy. In other cases, publicly available information may be used for forensic purposes, such as Facebook posts or public Venmo charges for purchasing illegal products or services displayed on the Vicemo website.
    • Analysis: Investigators analyze digital copies of storage media in a sterile environment to gather the information for a case. Various tools are used to assist in this process, including Basis Technology's Autopsy for hard drive investigations and the Wireshark network protocol analyzer. A mouse jiggler is useful when examining a computer to keep it from falling asleep and losing volatile memory data that is lost when the computer goes to sleep or loses power.
    • Presentation: The forensic investigators present their findings in a legal proceeding, where a judge or jury uses them to help determine the result of a lawsuit. In a data recovery situation, forensic investigators present what they were able to recover from a compromised system.
  • How does Digital Forensics work?

    Forensic investigators typically follow standard procedures, which vary depending on the context of the forensic investigation, the device being investigated or the information investigators are looking for.

    In general, these procedures include the following three steps:

    Data collection: Electronically stored information must be collected in a way that maintains its integrity. This often involves physically isolating the device under investigation to ensure it cannot be accidentally contaminated or tampered with. Examiners make a digital copy, also called a forensic image, of the device's storage media, and then they lock the original device in a safe or other secure facility to maintain its pristine condition. The investigation is conducted on the digital copy. In other cases, publicly available information may be used for forensic purposes, such as Facebook posts or public Venmo charges for purchasing illegal products or services displayed on the Vicemo website.

    Analysis: Investigators analyze digital copies of storage media in a sterile environment to gather the information for a case. Various tools are used to assist in this process, including Basis Technology's Autopsy for hard drive investigations and the Wireshark network protocol analyzer. A mouse jiggler is useful when examining a computer to keep it from falling asleep and losing volatile memory data that is lost when the computer goes to sleep or loses power.

    Presentation: The forensic investigators present their findings in a legal proceeding, where a judge or jury uses them to help determine the result of a lawsuit. In a data recovery situation, forensic investigators present what they were able to recover from a compromised system.

  • How long does it take to become a computer forensics analyst?

    Most digital forensics analysts hold at least a four-year bachelor’s degree when they land their first job. Those seeking master’s degrees and/or optional certifications usually add 1-3 years to that timeline.

  • How much does a digital forensics analyst make?
    According to the Bureau of Labor Statistics (BLS May 2019), the median salary for information security analysts was $99,730 in 2019. Those in the lowest 10 percent earned $57,810 or less, while those in the highest 10 percent earned $158,860 annually or more.
  • How much does a Digital Forensics Analyst make?

    According to the Bureau of Labor Statistics (BLS May 2019), the median salary for information security analysts was $99,730 in 2019. Those in the lowest 10 percent earned $57,810 or less, while those in the highest 10 percent earned $158,860 annually or more.

  • Is Digital Forensics right for me?

    Computer forensics is an ever-evolving field. New challenges arise for computer forensics investigators as cybercrimes grow in frequency and complexity, and hardware and software advances. Computer forensics can be a stressful field, as you often need to find information quickly for a criminal investigation and criminals can be highly skilled at technology. On the other hand, a computer forensics career is in a top growing field that has many diverse employment opportunities. Some of these digital forensics jobs include becoming a forensic computer analyst or a cyber forensic investigator. If you’re someone who would like to put your technology skills toward keeping the public safe, then a rewarding career in forensic computing is for you.

  • Job Outlook

    Because the world increasingly uses computers, it means that the world may need to have more specialists with the knowledge and know-how to handle the crimes that follow.

    As noted above, growth is expected to be quite fast in the information security analyst field.

    According to the BLS, the computer system analyst field is expected to grow only 9 percent between 2018 and 2028 (BLS 2019). While not nearly as impressive as the information security analyst position, this rate is still faster than the expected rate of growth for all positions, on average, which is just 5 percent.

    As with any career, the job prospects for a computer forensic examiner will depend largely on the experience and education that a person brings to the table. Those that have gained at least some experience working with computers, such as experience as a database administrator, will have better luck than those with a less technological background.

    People who have an interest in the outlook for the computer forensic examiner career and who want to know more about the possibilities that it can offer will find a number of professional organizations that offer resources and information. The International Society of Forensic Computer Examiners (ISFCE), and the International Association of Computer Investigative Specialists (IACIS) are two organizations that can offer unique insights about this growing career.

  • Professional Organizations for Computer Forensics Analysts

    International Association of Computer Investigative Specialists: This high-profile organization offers three tiers of memberships to students, junior professionals, and law enforcement personnel. IACIS training and certification programs carry major prestige, and members enjoy priority access.

    International Society of Forensic Computer Examiners: This organization administers the industry-standard Certified Computer Examiner (CCE) credential. Formal membership remains available solely to CCE-certified professionals, who enjoy discounts on professional liability insurance along with many other career-building resources and benefits.

    The American Society of Digital Forensics and eDiscovery: Operating in select U.S. cities, including Chicago, Atlanta, and New York, this organization offers membership benefits that include hours of downloadable training videos and access to an exclusive career center.

    High Technology Crime Investigation Association: Offering free courses, intensive online training seminars, and a packed lineup of conferences and events, this education-oriented organization remains open to active professionals who investigate technology-based crimes and students in relevant programs.

  • Steps to Becoming a Digital Forensics Analyst

    1. Develop familiarity with digital technologies, including computer operating systems and programming. Build an academic background in mathematics and sciences.

    2. Enroll in a bachelor’s program in computer science or computer engineering. Qualified applicants can also consider specialized undergraduate programs in cybersecurity, depending on their availability.

    3. Add a specialized master’s degree in cybersecurity or digital forensics to earn a competitive edge in the job market. Consider adding optional specialized computer forensics certifications to bolster your resume.

    4. Identify a potential practice area, either specifically or by narrowing it down to public-sector and private-sector options. Research job openings that match your qualifications and desired career path criteria, then apply.

  • What does a digital forensics analyst do?
    Computer forensics analysts assist in the investigation of crimes and cybersecurity incidents. In many cases, they work to recover hidden, encrypted, or deleted information related to the case. They also safeguard the integrity of data by following a chain of custody that ensures its admissibility in court.
  • What does a Digital Forensics Analyst Do?

    Computer forensics analysts assist in the investigation of crimes and cybersecurity incidents. In many cases, they work to recover hidden, encrypted, or deleted information related to the case. They also safeguard the integrity of data by following a chain of custody that ensures its admissibility in court.

  • What education does a Digital Forensics Analyst need?

    Most people enter the field after earning a bachelor’s degree or a master’s degree. Applicable majors include computer science and computer engineering, as well as specialized cybersecurity degrees that offer concentrated study paths in digital forensics.

  • What is Anti-forensics

    Anti-forensics is the practice of attempting to thwart computer forensic analysis through encryption, over-writing data to make it unrecoverable, modifying files’ metadata, and file obfuscation (disguising files). As with encryption, the evidence that such methods have been used may be stored elsewhere on the computer or on another computer that the suspect can access. It’s very rare to see anti-forensics tools used correctly and frequently enough to totally obscure their presence or the presence of the evidence they were used to hide.

  • What job can you get in digital forensics?
    • Digital forensic investigator
    • Computer expertise technician
    • Information security analyst
    • Digital forensics analyst
    • Digital/computer forensics engineer
    • Information systems security analyst
    • Forensic computer analyst
    • Cybersecurity consultant
    • Computer/digital forensic technician.
  • What job can you get in Digital Forensics?
    Digital forensic investigator Computer expertise technician Information security analyst Digital forensics analyst Digital/computer forensics engineer Information systems security analyst Forensic computer analyst Cybersecurity consultant Computer/digital forensic technician.
  • What skills does a Digital Forensics Analyst need?

    Technical Knowledge: Computer forensics professionals require up-to-date, advanced knowledge of digital storage methods, operating systems, programming, hacking techniques, and malware.

    Strong Ethics: The ability to ethically handle retrieved and recovered data ranks among the most critical hard skills a computer forensics analyst needs.

    Understand the Law: Digital forensics experts need to understand the legal aspects of criminal investigations to at least an intermediate level.

    Knowledge of Best Practices: Chain of custody practices represent a crucial aspect of what digital forensics experts do. Capable professionals must display excellent mastery of best practices.

  • Where does a digital forensics expert work?
    Digital forensics experts commonly work in the criminal justice system. Many private industries also employ them, including companies in financial services, information technology, computing, network security, and defense sectors. Privately employed digital forensics analysts help buttress an organization’s internal cybersecurity team and provide an added safeguard in the event of a hack or cybercrime.
  • Where does a Digital Forensics expert work?

    Digital forensics experts commonly work in the criminal justice system. Many private industries also employ them, including companies in financial services, information technology, computing, network security, and defense sectors. Privately employed digital forensics analysts help buttress an organization’s internal cybersecurity team and provide an added safeguard in the event of a hack or cybercrime.

  • Attackers

  • Hacktivists
  • Types of hacktivism
    Hacktivism comes in many forms, each with its own way to support a hacktivist’s intentions. That might be promoting free speech and information, crashing websites, or exposing incriminating information. Here are 10 known types of hacktivism:
    1. Anonymous blogging
    2. RECAP
    3. Website defacement
    4. Website redirects
    5. Website mirroring
    6. Denial of Service (DoS) or Distributed Denial of Service attacks (DDoS)
    7. Virtual sit-ins
    8. Leaks
    9. Doxing
    10. Geo-bombing
     
  • What are hacktivism attacks?

    Despite any altruistic intentions, hacktivism attacks are hacking attacks, which means they’re illegal. But they’re also difficult to prosecute because they’re mostly conducted anonymously.

    Unlike traditional hacking attacks, though, hacktivism attacks rarely have true malicious intent. In some cases, you might think of them as a form of antagonism, such as the way we might see graffiti on billboards.

    Still, just as this is vandalism in real life, website defacing is considered cyber vandalism. This is just one example of the types of hacktivism that exist today.

  • What is the difference between a hacker and a hacktivist?
    Hackers and hacktivists generally use the same tools and techniques to achieve their goals. Unlike hacktivists, hackers are not defined solely by social causes.
  • What motivates hacktivists?

    Hacktivists generally believe they’re acting altruistically for the public good. Similar to activism in our physical world, online activists seek to bring public attention to a cause that’s important to them in hopes they’ll invoke change. This often means exposing and correcting perceived injustices.

    The nature of the perceived injustices might be political, social, or religious:

    • Politically motivated hacktivism seeks to promote or upheave a political agenda, sometimes to the extent of anarchy.
    • Socially motivated hacktivism sets out to expose social injustices, ranging from government censorship to human rights.
    • Religiously motivated hacktivism acts in the name of a religious ideology and may seek to discredit or encourage the belief.
  • What's the premise of hacktivism?
    Carrying out hacking attacks as a form of activism. So, you might think of hacktivism as online activism, digital activism, or cyberactivism,
  • Who carried out hacktivism attacks?
    People who carried out hacktivism attacks are hacktivists. They generally claim to operate with altruistic intentions, meaning not to cause malicious harm but rather to draw attention to a cause that’s important to the hacktivist group.
  • Who do hacktivists target?
    Hacktivists target entities that they believe violate their values or stand in the way of their agenda. Common targets may include Nation-states, Government agencies, Corporations, Religious institutions, Terrorist organizations.
  • Malicious Insiders
  • How does the insider threat attack happen?
    Malicious insiders have a distinct advantage in that they already have authorized access to your company's network, information, and assets. They may have accounts that give them access to critical systems or data, making it easy for them to locate it, circumvent security controls and send it outside of the organization.
  • What are insider threats?
    Insider threats are users with legitimate access to company assets who use that access, whether maliciously or unintentionally, to cause harm to the business. Insider threats aren’t necessarily current employees, they can also be former employees, contractors, or partners who have access to an organization’s systems or data.  
  • What do insider threats target?
    • Company unclassified networks (internal and extranets), partner and community portals, and commonly accessed websites.
    • Proprietary information (business strategy, financial, human resource, email, and product data).
    • Export-controlled technology.
    • Administrative and user credentials (usernames, passwords, tokens, etc.).
    • Foreign intelligence entities seek the aggregate of unclassified or proprietary documents which could paint a classified picture.
  • Where do the inside attackers come from?
    Inside attackers come from within your organization - they can be insiders in your company with bad intentions, or cyberspies impersonating contractors, third parties, or remote workers. They can work both autonomously or as part of nation-states, crime rings, or competing organizations. While they might also be remote third-party suppliers or contractors located all over the world, they have some level of legitimate access to your systems and data.
  • Why are insider threats so dangerous?
    Detecting insider threats is no easy task for security teams. The insider already has legitimate access to the organization’s information and assets and distinguishing between a user’s normal activity and potentially malicious activity is a challenge. Insiders typically know where the sensitive data lives within the organization and often have elevated levels of access, they don’t act maliciously most of the time; that’s why it’s harder to detect their harmful activities than it is to detect external attacks. As a result, a data breach caused by an insider is significantly more costly for organizations than one caused by an external attacker.
  • Why are you a target for insider threats?
    • Publicly available information helps foreign intelligence entities identify people with placement and access.
    • Contract information (bid, proposal, award, or strategies).
    • Company website with technical and program information.
    • Connections (partnerships, key suppliers, joint ventures, etc.) with other cleared or non-cleared companies.
    • Employee association with companies or technologies made public through scientific journals, academia, public speaking engagements, social networking sites, etc.
  • Nation State (APTs)
  • How do I prevent an APT?
    When organizations detect gaps in their security, they intuitively deploy a standalone product to fill that void. A solution filled with standalone products, however, will continue to have inherent gaps. To avoid these security gaps, organizations need to take a holistic approach. This requires a multilayered, integrated security solution. Deploying a portfolio of products that can seamlessly work together is the best way to enhance security.
  • What's an APT?
    An APT is a cyber-attack launched against a specific company, person, or institution. These attacks are usually deployed by well-trained attackers using advanced technology, strategic tactics, and the necessary (financial) resources. APTs are well-structured and complex.
  • Where does the APT attack come from?
    Most APT groups are affiliated with or are agents of governments of sovereign states. An APT could also be a professional hacker working full-time for the above. These state-sponsored hacking organizations usually have the resources and ability to closely research their target and determine the best point of entry.  
  • Who is affected by APTs?
    According to Bitkom (Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e. V.), medium-sized companies are most seriously affected by IT espionage or sabotage – over 60 percent. Most organizations are already compromised without even being aware of it.
  • Why would someone launch an APT?
    A successful advanced persistent threat can be extremely effective and beneficial to the attacker. For nation-states, there are significant political motivations, such as military intelligence. For smaller groups, APTs can lead to significant competitive advantages or lucrative payouts.  
  • Welcome Back!

    Login to your account below

    Retrieve your password

    Please enter your username or email address to reset your password.

    Add New Playlist