Binary Code
Computers and other electronic devices store information as Binary Code (which is a series of 1s and 0s that might look like this: 10101001 01101100 11001010).
Network Topology Map
A Network Topology Map is a diagram of a computer network's components, including network access points and connections between its various parts.
Fake Anti-Virus Software
Fake Anti-Virus Software - also known as 'scareware' - is designed to trick you into buying worthless anti-virus protection that you do not need.
Domain Name System
The Domain Name System (DNS) is like the ‘telephone book’ of the Web – it translates a website's name into its corresponding numerical IP address on the Internet.
Social Engineering
A Phishing e-mail is an attempt to trick the recipient into giving up information, such as account, credit card or password information.
Data Encryption
Data Encryption is the intentional scrambling of information into unreadable form - until it is later converted back into its original form by the intended recipient.
Botnet, or Compromised Computers
A Botnet is a collection of computers compromised by a malware attack that can be controlled remotely (via the Internet) to attack websites, send out spam emails, etc.
Distributed Denial of Service Attack
A Distributed Denial of Service (DDoS) Attack can use a botnet to force a website, network or other resource to shut down by overloading it with requests for data.
USB Flash Drive
A USB Flash Drive, aka a 'stick drive' or 'thumb drive' is a portable data storage device which connects to a computer's USB port to send and receive data.
Electronic vs. Static Media
Static Media is something like a book, magazine or printed photo, while Electronic or Digital Media (websites, digital photos, etc.) requires power to be viewed.
Administrative Access
A user with Administrative Rights has unrestricted power to create, modify or delete files, folders, settings and programs on a particular computer.
Computer Security Tip of the Week
Scott Aurnou – Botnets are made up of computers infected with malware and forced to follow the commands of cyber criminals controlling them via the Internet. Here’s what you can do to avoid being forced into one (or more)
Helpful websites referenced in this video include:
Secunia
FileHippo
AppFresh for Mac
If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.
By Gilad Parann-Nissany
In 2008, the size of the cloud computing industry was $46 Billion. That is more than the GDP of Costa Rica! Think it’s a lot? Ready to jump on the cloud security bandwagon? That was 2008!
In 2014, the size of the cloud computing industry has more than tripled to $150 Billion – almost the GDP of New Zealand. NOW are you ready?
Besides the fact that everyone else is doing it, migrating to the cloud just makes good business sense. Whether you select a private cloud, a public cloud, or some hybrid of the two, cloud computing is just more powerful than traditional datacenters. There are several reasons for this. First, the reduced capital costs of IT infrastructure – no need for hardware, software, and manpower (and training) to manage them. Also, there is the improved accessibility, effectiveness, flexibility and scalability of the cloud.
But with great power comes great responsibility.
When migrating your business data to the cloud, you must ensure the safety and privacy of your records.
Much like data security was your responsibility in the datacenter, it continues to be your responsibility in the cloud. But, if you don’t know where your data is physically located can you still ensure its confidentiality?
Read more ›
By Roberta Anderson
On February 12th, the National Institute of Standards and Technology (NIST) released its long-anticipated Framework for Improving Critical Infrastructure Cybersecurity[1] together with a companion Roadmap for Improving Critical Infrastructure Cybersecurity. The Framework is issued in accordance with President Obama’s February 19 Executive Order 13636, Improving Critical Infrastructure Cybersecurity Version 1.0., which tasked NIST with developing a cost-effective Framework “to reduce cyber risks to critical infrastructure.” The companion Roadmap discusses NIST’s next steps with the Framework and identifies key areas of development, alignment of cybersecurity standards and practices within the U.S. and globally and collaboration with private and public sector organizations and standards- developing organizations.
The Framework applies to organizations in critical infrastructure.[2] But, given the pervasiveness of cybersecurity incidents, and the ever-present, increasing, and evolving cyber risk threat, all organizations should consider whether their current cybersecurity risk management practices would pass muster under the Framework. In addition, although the Framework is “voluntary”—at least so far—organizations are advised to keep in mind that creative class action plaintiffs (and even some regulators) may nevertheless assert that the Framework provides a “de facto” standard for cybersecurity and risk management even for non critical infrastructure organizations. One thing that companies should consider as they review the Framework is what “Tier” of cybersecurity risk management they wish to achieve. The Tiers—which range from “informal, reactive” responses to “agile and risk-informed” are addressed below, together with an overview of the Framework and additional detail regarding certain of its key aspects.
Read more ›
Scott Aurnou – CryptoLocker is a type of “ransomware” that encrypts the data on an infected computer so that it can’t be read and then demands payment to decrypt it. This clip discusses how to safeguard your computer against it and what to do if CryptoLocker strikes.
Helpful websites referenced in this video include:
Secunia
FileHippo
AppFresh for Mac
This clip is taken from the CLE course Data Confidentiality, Security & Recent Changes to the ABA Model Rules.
