Security & Privacy Series

Protecting Sensitive Data in a Threat-First World

Understanding your role in defending company and customer information

⏱️ 8 min 📊 7 Screens 🎓 1 CEU

Learning Objectives

By the end of this module, you will be able to:

1

Identify Top Cyber Threats to Our Organization

2

Detect and Deconstruct Phishing Attacks

3

Follow Incident Response Protocol

The Threat Landscape

Cyber threats are evolving constantly. Understanding the threat landscape helps us prioritize our defenses:

$5.9M average breach cost

74% of breaches involve human error

🎣

Phishing

Deceptive emails designed to steal credentials

36% of incidents

🔐

Ransomware

Malware that encrypts critical data for payment

24% of incidents

👤

Insider Threat

Unauthorized access by current/former employees

18% of incidents

Phishing Spotter Challenge

Identify all four red flags in this suspicious email. Click each highlighted element to reveal why it's dangerous.

accounts.supp0rt-us.com

From:

support@bank-us.com

To:

you@company.com

Subject:

URGENT: Verify your account immediately or it will be closed

Dear Customer,

We have detected suspicious activity on your account. You must act now to protect your account. Click here to verify your details and reset your password immediately.

This link expires in 1 hour.

Do not reply to this email. Click the link above.

Red Flags Found

0 / 4

🚩 Spoofed domain (support@bank-us.com)

🚩 False urgency (URGENT, closed, NOW)

🚩 Vague threat (suspicious activity)

🚩 Credential harvesting (click to verify)

Security Best Practices

These practices are your frontline defense. Some are mandatory; others go above and beyond.

REQUIRED practices must be followed without exception.

🔑

Multi-Factor Authentication

Use MFA on all work accounts to prevent unauthorized access

REQUIRED

🖥️

Screen Lock

Lock your device when stepping away from your desk

REQUIRED

☁️

Approved Cloud Storage

Only use company-approved platforms for data storage

REQUIRED

📧

Encrypted Email

Use encryption when sending sensitive information

BEST PRACTICE

Knowledge Check

You receive an email from "IT Support" asking you to click a link to verify your password for a "security update." The sender address looks slightly off. What should you do?

A. Click the link to verify your password as instructed B. Forward the email to colleagues to warn them C. Don\'t click the link. Verify directly with IT by contacting them independently

✓

Module Complete

You've successfully completed Cybersecurity & Data Privacy · Module 1

✓ Verify Senders Always

✓ No Link? No Click!

✓ Report Don't Delete

✓ MFA Always Required