Security

Awareness
Training
 Group Members
• Aman Shrestha
• Sujal Kayastha
• Tapendra Raj Joshi
• Oman Ryne
Introduction To CyberSecurity
• Refers to the protection from unauthorized access of information
systems,
• Emerging in today’s world,
• Ensures Confidentiality, Integration and Accessibility.
 Common CyberSecurity Threats
Malware:
• Malicious software designed to infiltrate, damage, or gain
unauthorized access to computer systems,
• Includes various types such as viruses, worms, Trojans, ransomware,
and spyware,
• Causes significant harm by corrupting files, stealing sensitive
information, disrupting system operations, or enabling remote control
by attackers.
 Common CyberSecurity Threats
Phishing
• A cyber attack technique that involves tricking individuals into
providing sensitive information such as passwords, credit card
numbers, or personal details,
• Attackers typically use deceptive emails, text messages, or phone calls
to lure victims into divulging confidential information,
• Often exploits human vulnerabilities, relying on social engineering
tactics to manipulate recipients into actions that compromise their
security and privacy.
 Common CyberSecurity Threats
Social Engineering
• Psychological manipulation technique used by cyber attackers to
deceive individuals or employees into divulging confidential
information that threats security,
• Exploits human trust, empathy, and authority, often through tactics
like pretexting,
• Occurs via various communication channels, including in-person
interactions, phone calls, emails, or social media, exploiting human
weaknesses.
 Best Practices for Password Security
Importance of Strong Passwords:
• For protecting personal and sensitive information from unauthorized
access and cyberattacks,
• Defense against hackers attempting to exploit weak passwords to gain
entry into accounts or systems,
• Safeguards against data breaches, financial loss, identity theft, and
other cybersecurity threats, ensuring the integrity and confidentiality
of digital assets.
Guidelines for Strong Passwords
• Lengthy,
• Includes symbols and numbers,
• Uppercase and Lowercase letters,
• Avoiding Personal Information.
 Risk with weak passwords
• Easily hackable,
• Can compromise security,
• Can be an opposing threat.
 Email Security
Tips for Email Security
• Verify the sender's email address for integrity,
• Only hovering over trusted links and sites,
• Avoid downloading attachments from unknown sources.
 Social Engineering Awareness
Means to Protect from Social Engineering
• Training employees to be aware of requests for sensitive information,
especially if they seem unusual,
• Encourage employees to verify the identity of individuals making
requests through official channels,
• Promoting culture of caution, where employees are empowered to
question suspicious requests and report potential social engineering
attempts to the appropriate authorities promptly.
 Device Security
Importance of Securing Devices:
• Prevents unauthorized access to sensitive information, protecting both
personal and company data,
• Keeping devices secure helps prevent malware infections and other
cyber threats,
• Reduces the risk of security breaches and potential financial or
reputational damage.
 Reporting Security Incidents
Importance of Reporting Security Incidents
• Protecting sensitive data ensures compliance with regulations and
standards, reducing the risk of legal consequences and financial
penalties.
• Maintaining confidentiality instills trust among customers, partners,
and stakeholders, safeguarding the reputation and credibility of the
organization.
• Securing sensitive data mitigates the potential impact of data
breaches, preserving the integrity and confidentiality of valuable
information assets.
Instruction to Report Security Incidents
• Direct employees to immediately report any suspected security
incidents to the IT/security team through communication channels,
such as a dedicated emails,

• Outline the information required for reporting, including details of the

incident, any relevant evidence or screenshots, and the affected
systems or accounts,

• Encourage employees to act swiftly and responsibly when reporting

security incidents,
 Conclusion
• Cyber Security is a vast term,
• There are several threats such as phishing, social
engineering,
• Practices for password security must be followed,
• Device security is essential,
• Security incidents must be reported.
 References
• Google.com
• Chat GPT
Any Queries?
Thank You!