Okay, so we've talked about some foundational ideas with risk. We've talked about mitigating strategies. The last little piece I want covers. I just want to give you some ideas about performing your due diligence in relation to the world of risks. And the idea is, you know, risks are evolving every day.
It is all you can do some days just to be knowledgeable with what's currently going on, much less have that eye towards the future that we need in dealing with I t security. So I just mentioned there are a lot of sources out there that you can go to some more reliable than others.
You know, if you look at social media site and social news, whether it's Facebook or Twitter or any of the other different types of social media,
um, you know, you couldn't keep abreast of threats and attacks on the site, certainly. But again, the information is only is reliable as its source. Many security professionals have weblogs orb logs that are out there. There are a lot of podcasts.
Ah, weekly podcast on different security events can get a lot of good information.
There are also new sights and really This is how I would rate them as faras reliability, with new sites being the most reliable things, like social media sites being the least because there are a lot of hoaxes out there and, you know, they come across Facebook, they come across Twitter again. You've really gotta know the reliability
off the sites and of their sources so you can see a little chart.
You know, some of these social media sites not very reliable. The new sites are more reliable, and there's a lot of information out there. Sometimes it's so much that it's very difficult to sift through, and the best we can do again is to use our do due diligence and becomes knowledgable is possible.
Um, social media integration within the business. So going beyond due diligence. But just talking about some, uh, implementing social media, one of things I like to ask my class. I like to ask them,
You know, if this word test question, what would the answer be?
Is it okay for users to browse social media sites while it work?
Not at lunch, not on break, but on the clock during business hours on business machines. Is it okay to browse Twitter or Facebook or any of the other social media sites,
and often I get a lot of mixed responses. The answer is, it depends and it depends, is always a good answer. It's one of those answers that that you can usually be safe in saying it's a It's a nice way of saying maybe
maybe Social Media's okay, It depends on your business. Watch those knee jerk reactions that say
social media means goofing off on Facebook because it doesn't. Many organizations now have a legitimate business need tohave social media access. Social media is a very common way of communicating with the public. Most people have Facebook accounts today, so if I want
ah, quick way of letting people know I'm a restaurant, one should be able to access my menu.
I want you to make comments. I want you to know about specials and sales. Whatever my type of businesses. Social media is a very appropriate way to do that. Twitter Ah, lot of companies handle complaints via Twitter. It's a quick short forum.
They take complaints, they're able to resolve complaints on again, keep it kind of short and sweet,
so the bottom line is social media has legitimate is business purposes, and I know you guys know that. But watch for questions that kind of mislead you. You know, that kind of make it appealing to say no, you shouldn't be doing that on the clock. The answer is what his policy say, and I know many organizations that forbid the use of social media.
But I also know many organizations who
thrive upon the use in the integration of social media with business. Social media, though, presents again a large potential for loss loss of confidentiality of information. Um, social engineering through impersonation is very easy to do. If you're using social media frequently,
your employees can disclose information that shouldn't be readily disclosed.
The military. A lot of times, the military is now allowing their soldiers to use social media to communicate with loved ones back home. The problem with that is when I post a picture of me in a specific location, that's not public information, and there's a national landmark in the background. I just
just disclosed a lot of information.
People don't really realize how much information is contained within a picture, and later on this week, we'll talk about metadata. Things like time stamps, GPS positioning information. You have to be very, very careful. What information you make available to the public and social media can be one means of that.
So if it is gonna be something integrated with business,
you know, honestly, what I would say is the worst way of business can handle social media is to ignore it, take a stance. We're gonna allow it or we're not.
If we're not going to allow it, we're not gonna allow it. Here's how we're gonna prevent it and its presence on the network and hear the repercussions of somebody violent violates that policy.
If we're going to allow it, here's how it's to be used. Here's how we're gonna protect it here, the rules that we follow.
And here's how we're gonna monitor to make sure it's used accordingly. The last thing you want to do is just to say nothing, because that that really leaves the decision making up to the general public. And that's never a good idea, Remember? So maybe down the line you could see how social media would benefit your company. You're just not there yet. Fine block it. For now,
policies can evolve,
but we want to be very proactive. And remember, if it's not something we need to do, our jobs don't allow it. It brings in the potential for harm,
you know, just like instant messaging. A lot of companies use instant messaging. Well, that's fine. If you need it for personal, you know if you need it for business communications. But if you don't block it, walk in its your firewall, remove the applications, put a policy in place that says, We're not going to do it. You know, it's It's a good way for impersonation
information transmitted, not encrypted. So
eavesdropping, You know, they're all sorts of problems. If it's something you decided that your company can benefit from right, use it. Have a policy. If you don't need it, block it and have a policy about what's compliance and what's not.
Okay. Many companies D'oh! Business logs. Absolutely.
Now there are many conferences and conventions that air out there. The bottom one that you can't see here is the Secure World Expo. That's okay. We could name a 1,000,000 there, or there is no lack of conference conventions seminars, and
this is a great field to be in if you like to travel, because every week, there somewhere you can go and somebody's putting on a conference,
you know, some that are well known. Def Con is very well known Black hat. Black hat has been described as the single most dangerous place on Earth for one week of the year, and I think I would agree with that. You're inviting Attackers in from all over the world with, um uh,
it's a very, very impressive skill sets to gather in a town.
Um, and as appealing as it is to attend one of those conferences, be very careful about what you bring in. What you leave with other conferences. They're fine. There's nothing testable here, but certainly the way to stay in the no, no, the threats know what's out there.
So I Black hat is so, uh, popular know your enemy.
You know what those tools and techniques are? And you know, even though the name Black Hat suggests a negative malicious activity and black hat hacking is malicious, it's all about harm. You'd be amazed at how much great information is out there
for the good of the organization not just the harm. So,
uh, black hat to me. Yeah, there's a huge potential for loss, but you get a lot of very good information to protect your organization. So certainly conferences, conventions are good ways to stay knowledgeable. Other things, you know, Know your vendors. What products do you have on your network
There Many RCs feeds that you can stay apart off.
Microsoft Cisco, Adobe It doesn't matter who the vendor is. Every vendor puts out security related information. You can follow them on their feeds. You could go to the website. The feeds could be aggregated onto a security page so that you have all of this information across multiple vendors.
But the bottom line is
this field is rapidly changing. Threats are evolving, the good guys and the bad guys. The lines are getting blurred
as a technician, as an engineer, as an administrator, as a senior official, I must stay knowledgeable. There is no shortage of resource is it's finding the budget, finding the time in order to attend these conferences and order
to take the time to review the feeds and the logs and so on