SlideShare una empresa de Scribd logo

Cyber Crime Impact on Higher Education

J
Jacqueline Fick

The document discusses cyber crime and its impact on higher education in South Africa. It introduces a hypothetical case study of "Jack le Hack", a university student who engages in various cyber crimes like unauthorized access of data, computer-related fraud, and intimidation. The document then defines cyber crime and common types seen in South Africa. It outlines strategies for organizations to protect their data and implement proactive cyber security practices. The document concludes with practical cyber security tips for users.

EducaciónViajes
1 de 28
www.pwc.com Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa Higher Education Conference 2011 5 September 2011 Adv Jacqueline Fick
Agenda Meet Jack le Hack Cyber crime defined The online entrepreneur How to protect data Implementing a pro-active strategy in your organisation Practical guidelines and tips Closing remarks Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 2
Meet Jack le Hack Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 3
Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice It is Monday afternoon after a rough weekend for Jack. He is sure he failed the test he wrote that morning as the beers he consumed made him suffer from memory loss and he forgot to study. His finances are also shot as he had to sponsor some of his friends for their social activities. To boot his professor also made some comments about the quality of his work which Jack felt was not appropriate. Jack also assists with some classes for first year students and realises that he still has to prepare for a lecture for the next day. He goes to the office that was assigned to him. He shares the office with one of the admin clerks of the faculty. When he walks past her desk, he notices that she did not log of her computer. Jack decides that it is time to put his master plan into action... Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 4
Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... Jack has a fair knowledge of computers and has long since been toying with the idea of putting this knowledge to good use. He firstly uses the admin clerks’ mailbox to send the offending professor a message, stating that his day will come and that he knows where he lives and has intimate knowledge of the professor’s family. He also stated that a bomb will go off within the next week in the professor’s classroom. Secondly, he logs into the shared folders of the faculty where he knows the results of the test he wrote are kept. Jack decides that he certainly deserves a better mark than he received that morning. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 5
Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... When studying the test results, he sees that he was not the only one that failed. Jack realises that this could present an opportunity to deal with his financial difficulties. He phones some of the other students and offers a deal to them to change their marks for a small donation. A few days pass and Jack’s business kicks off beyond his own expectations. He is also approached by students that have financial difficulties and cannot pay their class fees. With a little research and questions posed in chat rooms, he acquires the necessary information to hack into the financial system of the university. He installs a key logger on one of the financial clerk’s computer and so gains access to his password. He once again accesses the system from the admin clerk’s computer. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 6
Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... Jack is so impressed with his own efforts that he posts this information on Facebook and Twitter and also uses Skype to tell his friends in the UK about his endeavours. Because his data bundle expired, he posts this information from a computer connected to the university network and also installed Skype on the computer. He did, however, remove Skype from the computer later. Life is good for our Jack le Hack. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 7
Cyber crime defined Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 8
Cyber crime defined • Move in South African law to the use of the term cyber crime which is wide enough to encompass all illegal activities in respect of computers, information networks and cyberspace. • Most important legislation is the Electronic Communications and Transactions Act 25 of 2002. • 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. • 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 9
Cyber crime defined Common types of cyber crime • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography, cyber obscenity and cyber stalking • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 10
Cyber crime defined Common types of cyber crime (cont.) • For 15 consecutive months South Africa has been amongst the top three target countries in the world for mass phishing attacks. • Identity theft remains the most common type of cyber crime in South Africa. • “ Identity theft is a serious crime. It occurs when your personal information (name, social security number, date of birth, credit card number, or bank account number) is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit and ruin your good name.” USA Federal Trade Commission Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 11
The online entrepreneur Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 12
The online entrepreneur Possible cyber crimes identified from Jack le Hack • Unauthorised access to data • Unauthorised modification of data • Computer-related fraud • False bomb threat, intimidation • Using a device to gain unauthorised access to data • Furthermore: - Exposing network to vulnerabilities – chat rooms, Skype. - Reputational risk to university and publicity about what Jack had done. - Possible loss of investors. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 13
How to protect your data Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 14
How to protect your data • Protecting data starts with each user of a computer on your campus and is not only related to the functions and responsibilities of the IT department. • Your responsibilities include: - Protecting the university property stored on your computer, including information about staff, faculty, students, and alumni. - Accessing only that information which you are authorised to access in the course of your duties. Your ability to access other information does not imply any right to view, change, or share information. - Not establishing access privileges for yourself or others outside of formal approval processes. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 15
How to protect your data - Adhering to procedures and business rules governing access and changes to the data for which you are a custodian. - Expect all stewards and custodians of administrative data to manage, access, and utilise this data in a manner that is consistent with the need for security and confidentiality. • Correlation between physical and network security. (Computer Security at Cornell: Secure your Computer on and off Campus 2009 (http://www.cit.cornell.edu)) Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 16
Implementing a pro-active strategy in your organisation Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 17
Implementing a pro-active strategy in your organisation • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 18
Implementing a pro-active strategy in your organisation • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cyber crimes. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 19
Implementing a pro-active strategy in your organisation • Effective public private partnerships. • Value of intelligence: Exchange information with law enforcement agencies and other organisations. Know your opponent and use the information to develop and update security policies. Think like a hacker. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 20
Implementing a pro-active strategy in your organisation • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 21
Practical guidelines and tips “The vast majority of computer breaches that we have investigated over the past few years have been the result of poor personal choices, weak computer practices, and less-than-satisfactory data-handling procedures.” Steve Shuster, director of IT Security at Cornell Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 22
Practical guidelines and tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 23
Practical guidelines and tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 24
Practical guidelines and tips • Where practicable, do not grant administrative or root/super user privileges to end-users. • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 25
Practical guidelines and tips • Campus executives and data stewards should know: - What/where is my data? - How sensitive is it? - Who is responsible for it? - Who has access to it? - Do I need to keep it? - What if it gets into the wrong hands? Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 26
Closing remarks • Need to realise the true value of information. • Cyber criminals steal INFORMATION. • We can only effectively combat cyber crime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 27
“It takes more than anti-virus software to safeguard your computing resources and data. It takes you. Taking steps to secure your computer not only helps keep your data safe, it demonstrates your commitment to protecting the university network and all data created, stored, and shared over the network by the campus community.” This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.

Recomendados

Cyber crime lecture pp update
Cyber crime lecture pp updateCyber crime lecture pp update
Cyber crime lecture pp updateyahooteacher
 
Cyber Safety Class 9
Cyber Safety Class 9Cyber Safety Class 9
Cyber Safety Class 9NehaRohtagi1
 
Cybercrime
CybercrimeCybercrime
CybercrimeAnuj Bhardwaj
 
Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber SafetyHarsh Tekriwal
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Termsmikel_l
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safetyMOHAMMADZAINULABIDEE3
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEEMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEAlminaVelasco
 

Recomendados

Cyber crime lecture pp update
Cyber crime lecture pp updateCyber crime lecture pp update
Cyber crime lecture pp updateyahooteacher
 
Cyber Safety Class 9
Cyber Safety Class 9Cyber Safety Class 9
Cyber Safety Class 9NehaRohtagi1
 
Cybercrime
CybercrimeCybercrime
CybercrimeAnuj Bhardwaj
 
Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber SafetyHarsh Tekriwal
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Termsmikel_l
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safetyMOHAMMADZAINULABIDEE3
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEEMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEAlminaVelasco
 
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesMark Jhon Oxillo
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethicsPreet Hanspal
 
Online safety, security, and ethics
Online safety, security, and ethicsOnline safety, security, and ethics
Online safety, security, and ethicsJohnlery Guzman
 
Internet safety v 4 slides and notes
Internet safety v 4 slides and notesInternet safety v 4 slides and notes
Internet safety v 4 slides and notesLinda Barron
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteAngelito Quiambao
 
Cyber safety
Cyber safetyCyber safety
Cyber safetyBunmi Omololu-Afilaka
 
Cyber safety 101
Cyber safety 101Cyber safety 101
Cyber safety 101Manjula Sridhar
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against childrenAnchalanshri Dixit
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & SecurityUday Bhaskarwar
 
Rules of Netiquette
Rules of Netiquette Rules of Netiquette
Rules of NetiquetteRochelle Nato
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safetyJana Jiwan Secondary School, Khairahani-2, Chainpur
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and securityjovellconde1
 
Cyber security
Cyber securityCyber security
Cyber securityDebaroy1995
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online NetiquetteZoro18
 
The Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and PrivacyThe Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and PrivacyJonathan Bacon
 
Lesson 2 Rules of Netiquette
Lesson 2 Rules of NetiquetteLesson 2 Rules of Netiquette
Lesson 2 Rules of NetiquetteACLC Antipolo
 
Internet safety
Internet safetyInternet safety
Internet safetyjonathancallcott-efc
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYFaMulan2
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Moumita Chatterjee
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteJuan Miguel Palero
 
Cyber crime 101
Cyber crime 101Cyber crime 101
Cyber crime 101Jacqueline Fick
 
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 

Más contenido relacionado

La actualidad más candente

Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesMark Jhon Oxillo
 
Online safety, security, and ethics
Online safety, security, and ethicsOnline safety, security, and ethics
Online safety, security, and ethicsJohnlery Guzman
 
Internet safety v 4 slides and notes
Internet safety v 4 slides and notesInternet safety v 4 slides and notes
Internet safety v 4 slides and notesLinda Barron
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteAngelito Quiambao
 
Rules of Netiquette
Rules of Netiquette Rules of Netiquette
Rules of NetiquetteRochelle Nato
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and securityjovellconde1
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online NetiquetteZoro18
 
The Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and PrivacyThe Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and PrivacyJonathan Bacon
 
Lesson 2 Rules of Netiquette
Lesson 2 Rules of NetiquetteLesson 2 Rules of Netiquette
Lesson 2 Rules of NetiquetteACLC Antipolo
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYFaMulan2
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Moumita Chatterjee
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteJuan Miguel Palero
 

La actualidad más candente (20)

Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethics
 
Online safety, security, and ethics
Online safety, security, and ethicsOnline safety, security, and ethics
Online safety, security, and ethics
 
Internet safety v 4 slides and notes
Internet safety v 4 slides and notesInternet safety v 4 slides and notes
Internet safety v 4 slides and notes
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Cyber safety 101
Cyber safety 101Cyber safety 101
Cyber safety 101
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against children
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
Rules of Netiquette
Rules of Netiquette Rules of Netiquette
Rules of Netiquette
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safety
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
 
The Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and PrivacyThe Ten Commandments of Online Security and Privacy
The Ten Commandments of Online Security and Privacy
 
Lesson 2 Rules of Netiquette
Lesson 2 Rules of NetiquetteLesson 2 Rules of Netiquette
Lesson 2 Rules of Netiquette
 
Internet safety
Internet safetyInternet safety
Internet safety
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTY
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
 

Similar a Cyber Crime Impact on Higher Education

The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and SystemParam Nanavati
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentationshannoncmorris
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiKnowledge Group
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeDivithC
 
127027205 selected-case-studies-on-cyber-crime
127027205 selected-case-studies-on-cyber-crime127027205 selected-case-studies-on-cyber-crime
127027205 selected-case-studies-on-cyber-crimehomeworkping8
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYChaya Sorir
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
Star Kamal 9 B
Star Kamal 9 BStar Kamal 9 B
Star Kamal 9 Bjboulanger
 

Similar a Cyber Crime Impact on Higher Education (20)

Cyber crime 101
Cyber crime 101Cyber crime 101
Cyber crime 101
 
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentation
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
The Digital Dilemma - Igor Verhoeven, Bindung
The Digital Dilemma - Igor Verhoeven, BindungThe Digital Dilemma - Igor Verhoeven, Bindung
The Digital Dilemma - Igor Verhoeven, Bindung
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
cybersecurity-101_4
cybersecurity-101_4cybersecurity-101_4
cybersecurity-101_4
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
127027205 selected-case-studies-on-cyber-crime
127027205 selected-case-studies-on-cyber-crime127027205 selected-case-studies-on-cyber-crime
127027205 selected-case-studies-on-cyber-crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
2.Cyber law and Crime.pptx
2.Cyber law and Crime.pptx2.Cyber law and Crime.pptx
2.Cyber law and Crime.pptx
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
Star Kamal 9 B
Star Kamal 9 BStar Kamal 9 B
Star Kamal 9 B
 
Cyber security
Cyber securityCyber security
Cyber security
 

Más de Jacqueline Fick

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 

Más de Jacqueline Fick (8)

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeering
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile Law
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnerships
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 

Último

Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsFood processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsManeerUddin
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 

Último (20)

Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
Food processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture honsFood processing presentation for bsc agriculture hons
Food processing presentation for bsc agriculture hons
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 

Cyber Crime Impact on Higher Education

  • 1. www.pwc.com Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa Higher Education Conference 2011 5 September 2011 Adv Jacqueline Fick
  • 2. Agenda Meet Jack le Hack Cyber crime defined The online entrepreneur How to protect data Implementing a pro-active strategy in your organisation Practical guidelines and tips Closing remarks Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 2
  • 3. Meet Jack le Hack Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 3
  • 4. Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice It is Monday afternoon after a rough weekend for Jack. He is sure he failed the test he wrote that morning as the beers he consumed made him suffer from memory loss and he forgot to study. His finances are also shot as he had to sponsor some of his friends for their social activities. To boot his professor also made some comments about the quality of his work which Jack felt was not appropriate. Jack also assists with some classes for first year students and realises that he still has to prepare for a lecture for the next day. He goes to the office that was assigned to him. He shares the office with one of the admin clerks of the faculty. When he walks past her desk, he notices that she did not log of her computer. Jack decides that it is time to put his master plan into action... Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 4
  • 5. Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... Jack has a fair knowledge of computers and has long since been toying with the idea of putting this knowledge to good use. He firstly uses the admin clerks’ mailbox to send the offending professor a message, stating that his day will come and that he knows where he lives and has intimate knowledge of the professor’s family. He also stated that a bomb will go off within the next week in the professor’s classroom. Secondly, he logs into the shared folders of the faculty where he knows the results of the test he wrote are kept. Jack decides that he certainly deserves a better mark than he received that morning. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 5
  • 6. Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... When studying the test results, he sees that he was not the only one that failed. Jack realises that this could present an opportunity to deal with his financial difficulties. He phones some of the other students and offers a deal to them to change their marks for a small donation. A few days pass and Jack’s business kicks off beyond his own expectations. He is also approached by students that have financial difficulties and cannot pay their class fees. With a little research and questions posed in chat rooms, he acquires the necessary information to hack into the financial system of the university. He installs a key logger on one of the financial clerk’s computer and so gains access to his password. He once again accesses the system from the admin clerk’s computer. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 6
  • 7. Meet Jack le Hack Third year student : University of Cyberfucious Putting knowledge into practice ... Jack is so impressed with his own efforts that he posts this information on Facebook and Twitter and also uses Skype to tell his friends in the UK about his endeavours. Because his data bundle expired, he posts this information from a computer connected to the university network and also installed Skype on the computer. He did, however, remove Skype from the computer later. Life is good for our Jack le Hack. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 7
  • 8. Cyber crime defined Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 8
  • 9. Cyber crime defined • Move in South African law to the use of the term cyber crime which is wide enough to encompass all illegal activities in respect of computers, information networks and cyberspace. • Most important legislation is the Electronic Communications and Transactions Act 25 of 2002. • 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. • 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 9
  • 10. Cyber crime defined Common types of cyber crime • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography, cyber obscenity and cyber stalking • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 10
  • 11. Cyber crime defined Common types of cyber crime (cont.) • For 15 consecutive months South Africa has been amongst the top three target countries in the world for mass phishing attacks. • Identity theft remains the most common type of cyber crime in South Africa. • “ Identity theft is a serious crime. It occurs when your personal information (name, social security number, date of birth, credit card number, or bank account number) is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit and ruin your good name.” USA Federal Trade Commission Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 11
  • 12. The online entrepreneur Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 12
  • 13. The online entrepreneur Possible cyber crimes identified from Jack le Hack • Unauthorised access to data • Unauthorised modification of data • Computer-related fraud • False bomb threat, intimidation • Using a device to gain unauthorised access to data • Furthermore: - Exposing network to vulnerabilities – chat rooms, Skype. - Reputational risk to university and publicity about what Jack had done. - Possible loss of investors. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 13
  • 14. How to protect your data Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 14
  • 15. How to protect your data • Protecting data starts with each user of a computer on your campus and is not only related to the functions and responsibilities of the IT department. • Your responsibilities include: - Protecting the university property stored on your computer, including information about staff, faculty, students, and alumni. - Accessing only that information which you are authorised to access in the course of your duties. Your ability to access other information does not imply any right to view, change, or share information. - Not establishing access privileges for yourself or others outside of formal approval processes. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 15
  • 16. How to protect your data - Adhering to procedures and business rules governing access and changes to the data for which you are a custodian. - Expect all stewards and custodians of administrative data to manage, access, and utilise this data in a manner that is consistent with the need for security and confidentiality. • Correlation between physical and network security. (Computer Security at Cornell: Secure your Computer on and off Campus 2009 (http://www.cit.cornell.edu)) Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 16
  • 17. Implementing a pro-active strategy in your organisation Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 17
  • 18. Implementing a pro-active strategy in your organisation • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 18
  • 19. Implementing a pro-active strategy in your organisation • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cyber crimes. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 19
  • 20. Implementing a pro-active strategy in your organisation • Effective public private partnerships. • Value of intelligence: Exchange information with law enforcement agencies and other organisations. Know your opponent and use the information to develop and update security policies. Think like a hacker. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 20
  • 21. Implementing a pro-active strategy in your organisation • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 21
  • 22. Practical guidelines and tips “The vast majority of computer breaches that we have investigated over the past few years have been the result of poor personal choices, weak computer practices, and less-than-satisfactory data-handling procedures.” Steve Shuster, director of IT Security at Cornell Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 22
  • 23. Practical guidelines and tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 23
  • 24. Practical guidelines and tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 24
  • 25. Practical guidelines and tips • Where practicable, do not grant administrative or root/super user privileges to end-users. • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 25
  • 26. Practical guidelines and tips • Campus executives and data stewards should know: - What/where is my data? - How sensitive is it? - Who is responsible for it? - Who has access to it? - Do I need to keep it? - What if it gets into the wrong hands? Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 26
  • 27. Closing remarks • Need to realise the true value of information. • Cyber criminals steal INFORMATION. • We can only effectively combat cyber crime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Cyber crime 101: The impact of cyber crime on Higher Education in South Africa September 2011 PwC 27
  • 28. “It takes more than anti-virus software to safeguard your computing resources and data. It takes you. Taking steps to secure your computer not only helps keep your data safe, it demonstrates your commitment to protecting the university network and all data created, stored, and shared over the network by the campus community.” This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.