Cybersecurity and Your Small Business
In this workshop, we'll introduce the basics of online security and how it applies to your business and customers. We will talk about:
- Why cybersecurity matters for businesses of all sizes
- How to protect your business and your customers online
- What steps you can take after a potential security breach
Presented by Marial Elena Duron, Grow with Google instructor
Incident Response Triage: Initial Triage and Data Collectio
CISA is proud to offer the Initial Triage and Data Collection Cyber Range Training (IR215). We are excited to share this information with stakeholders across the federal enterprise and nationally.
This 4-hour skills development cyber range training provides best practices for strengthening detection and initial response capabilities for more effective triaging. Through case studies, presentations by expert facilitators, demonstrations, and lab exercises, participants will explore the tools and techniques necessary to identify suspicious and malicious activity in an enterprise environment.
Throughout the course participants will:
- Practice initial response tactics to an Advanced Persistent Threat (APT) including ransomware attacks, while emphasizing the importance of speed and accuracy in collecting the data from logs, systems, and network traffic.
- Utilize automated tools for initial data gathering and the manual collection of evidence.
This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.
Cybersecurity Basics for Non-Techies Series
The “Cybersecurity Basics for Non-Techies” course is designed to provide a comprehensive introduction to essential cybersecurity concepts. This course is perfect for beginners and non-technical individuals looking to enhance their online safety skills. Both online and onsite formats offer a blend of engaging PowerPoint slides, informative videos, and interactive lecture notes. Participants will learn to recognize common cyber threats such as phishing, malware, and social engineering attacks. The course includes real-life examples and case studies to illustrate the impact of cybersecurity breaches and effective prevention strategies. Practical tips on creating strong passwords, securing personal devices, and safe browsing practices are covered in detail. The course features statistics and citations from reputable sources like the Federal Trade Commission and the US Justice Department. In the onsite sessions, attendees can benefit from face-to-face interactions and live Q&A sessions with the instructor. The online version offers the flexibility to learn at your own pace, with access to all course materials for reference. By the end of the course, attendees will be equipped with the knowledge and skills to protect their personal and professional data, ensuring a safer digital experience.
Cyber Security Post Pandemic for Small Business
Post Covid-19 Small Businesses and Startups are challenged with the challenge of providing a secure and high performance work space for all collaborators.
2023 Small Business Cyber Issues Include:
1. Retooling for remote work created new vulnerabilities
2. Ransomware is more prevalent than before the pandemic
3. IoT and the supply chain has experienced new levels of cyber attacks
4. Expansion of cloud services increases complexity and depth of cyber attacks
5. Mobile computing and wearable’s are more of a target today
6. Phishing is a popular methodology for cyber terrorists
7. Insider threats are more prevalent than ever
8. Data privacy elevated to a primary organizational objective
9. Artificial Intelligence and Expert Systems becoming as component of cyber security
10. Cyber Cold war Security Perspectives
NIST Small Business Cybersecurity Webinar: Ransomware Prevention, Detection, Response, and Recovery
You’ve likely heard the term “ransomware” in the news, but what is it? Ransomware is a type of malware that restricts your ability to access and use critical business data and applications. Imagine trying to log into your email, your finances, or an HR system only to find that the application you use every day is no longer available to you. Instead, you are presented with a screen requesting thousands of dollars to restore functionality. That could be tremendously disruptive to your small business. How long could your business operate without access to critical data or systems?
Ransomware is a very serious and increasingly common threat to organizations of all sizes, and it is particularly devastating to smaller organizations that have limited resources. A successful ransomware attack can stop your business in its tracks.
During this NIST small business cybersecurity webinar, we will convene a panel to highlight:
- Common ways ransomware is delivered to businesses.
- Challenges small businesses face with ransomware.
- Common signs of a ransomware attack.
- What steps to take if your business falls victim to a ransomware attack.
- What role cyber liability insurance plays in ransomware risk management.
- Steps small businesses can take, and free resources you can use, to reduce your likelihood of falling victim to ransomware.
Panelists:
- Bill Fisher, Security Engineer, National Institute of Standards and Technology (NIST)
- Nick Lozano, Director of Technology, The Council of Insurance Agents & Brokers
- Stephanie Walker, Assistant Section Chief of the Cyber Engagement and Intelligence Section, Federal Bureau of Investigation (FBI)
- Ann Westerheim, Ph.D. Founder and President, Ekaru
Moderator:
- Daniel Eliot, Lead for Small Business Engagement, NIST
The Importance of IT Security for Small and Medium Size Business
In today's digital age, businesses of all sizes are vulnerable to cyber threats and data breaches. It is crucial for business owners to understand the risks they face and implement effective security measures to protect their sensitive information.
In this workshop, we will cover:
- Understanding attackers, their motivations, and types of attacks.
- How to protect yourself and your team, minimize your risk, and fly under attackers' radar.
- How to plan ahead for the unfortunate case of a breach occurring.
Putting Together Your Cybersecurity Emergency Response Plan
Join Zack Barton and Jake Blacksten as they discuss how to create an efficient cybersecurity emergency response plan. During this webinar, they will note details such as who to contact, and in what order, and provide a checklist of important steps to take in response to a cybersecurity attack.
Preventing DNS Infrastructure Tampering
The Cybersecurity and Infrastructure Security Agency (CISA) is proud to offer the Incident Response Training event, Preventing DNS Infrastructure Tampering Cyber Range Training (IR206) on Tuesday, August 13, 2024. The 200-level training events are open to government employees and contractors across federal, state, local, tribal, and territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering.
This course is ideal for those working in cybersecurity roles who are interested in learning technical incident response skills and requires active engagement from all participants. The course assumes a mixed audience (e.g., from disparate teams and organizations) of mixed capability.
DNS is one of the core foundations of the internet however, it continues to be one of the mechanisms attackers use to perform malicious activities across the globe. In this course participants will learn about various concepts associated with DNS, become familiar with DNS tools and mapping information, get introduced to common DNS tampering techniques, and gain an understanding of DNS mitigation strategies to enhance security.
Experience these benefits and more:
- Practice in a realistic environment: Analyze network and host-based artifacts and implement remediation changes for the identified vulnerabilities.
- Learn how to implement remediations: Course exercises include remediating vulnerabilities.
- Identify and mitigate vulnerabilities in real time: Students will identify DNS infrastructure tampering techniques and mitigate them.
- Expert facilitation and peer discussion: Throughout the course, expert cybersecurity engineers will moderate discussion and conduct a recovery debrief for the exercises. Participants are also encouraged to help one another and offer relevant input to address peers' questions.
This exercise is a step-by-step, facilitated experience that uses a keyboard approach to understand these topics in a realistic technical environment.
Approved registrants must attend a mandatory student technical check the day before the training to establish a connection to the course content and lab environment.
Cyber Security 101
Cyber attacks are a serious risk for any business. This webinar will increase your awareness of cyber risks involved with owning and operating a small business; and we will recommend actions that should be taken to mitigate those risks. (Duration 1 hour)
Cyber Liability - What's The Point?
Join the UTSA Small Business Development Center and Fernando Almendariz, Almendariz Insurance for this webinar.
Cyber space is full of threats that can threaten the livelihood of a business. Understanding ways to mitigate that exposure is very important to a business’s survival. This webinar takes you through an overview of common threats and discuss ways to help prevent exposure.
Webinar instructed by: Fernando Almendariz, Almendariz Insurance.