Presentation PowerPoint

[Audio] …..Welcome to CyberSecurity Awareness Training 2026. Our goal is to give you practical habits to protect people, data, and systems, to stop, spot, and report threats quickly. • What you'll get? clear examples, simple actions, and a short certification quiz. • Remember, security is everyone's responsibility—when in doubt, …ask!.

[Audio] Cybersecurity is the practice of keeping systems and information safe from malicious actors. It protects sensitive data, keeps business operations running, and reduces legal and financial risks. • Why it matters?... even a single careless click can trigger a company‑wide incident. It protects what matters; personal, financial, and confidential business information. it minimizes disruptions that can hurt business trust and reputation. And It minimizes the risks and negative impacts of an incident.

[Audio] Unsafe Practices, Unpatched devices and Unchecked third-party integrations open the door for costly breaches and even national security risks. In a recent breach of the ESA. The European Space Agency suffered a major loss of over 200 gigabytes of Data. Including critical infrastructure data, key API's and proprietary source code, due to vulnerabilities from unpatched machines. A recent case study showed that the Manufacturing sector has been the top-targeted industry for years. Groups like Lockbit5, and Qilin targeted industrial control systems, compromising companies such as Eros Elevators, Sugawara Laboratories, and The CSV Group. Other notable manufacturing companies as Parker-Hannifin, Clorox, Simpson, Bridgestone, Rockwell Automation, Johnson Controls and NUCOR have also fallen victim since 2020. The manufacturing sector is projected to account for approximately 24% of all cyber attacks globally in 2026.

[Audio] Think of cybersecurity as a continuous cycle. Identify, Protect, Detect, Respond, and Recover. This helps us stay prepared, aware, and ready to act. The first two steps are mostly handled by the IT department: know what needs protected and deploy measures to protect it. The next two are where you come in. Detect and respond: Staying vigilant for threats and anomalies when emailing or using the internet and reporting immediately if anything seems suspicious. When in doubt, ask. Recovery is a community effort to contain issues quickly, communicate clearly, restore safely, and improve safeguards..

[Audio] Social engineering/phishinig, targets people instead of firewalls to get around them. Attackers use many tactics; email, SMS, voice calls, social media, and even QR codes to steal credentials, plant malware, or redirect payments. Attackers are after fast access to accounts, data, or money. Your defense: pause, report it., validate the request. Use the Mindset: trust but verify, anything unexpected is treated as suspicious, and gets checked and validated..

[Audio] Phishing scams can come in many forms—email, SMS, fake ads, QR codes, social messages, voice calls, or targeted spear‑phishing. No matter the form the goal is always the same: theft. All utilize generic details to look legitimate to gain your trust. Spear‑phishing and Vishing are specific to the recipient utilizing personalized details to gain your trust. Attackers are increasingly using AI to their benefit to spoof emails and websites, and even to create AI‑cloned voices to call as a trusted individual. Always Treat any unexpected link or attachment as high‑risk until reported and proven safe. When in doubt, ask..

[Audio] Most phishing attempts become obvious once you pause and look closely. Always hover over the senders address to check the true source. and always hover over link before clicking them to check their destination. Watch for urgency, mismatched sender details, unusual requests, errors, suspicious links, or strange payment or MFA behavior. Look for public email domains or subtle typos or grammatical errors. Beware of MFA fatigue, don't just approve all, deny unexpected prompts and report them. When in doubt, ask..

[Audio] The right response is more important than spotting every trick. Always verify through known channels, report quickly, and avoid interacting with suspicious messages in any way. • Use the Report Phishing button, then delete and block. • Never share passwords, MFA codes, or payment info over email. • As always: when in doubt, ask. The IT depart is always available and never minds checking of something is safe..

[Audio] Passwords are your strength and their strength is driven primarily by length and complexity. Complexity is important, but length is vital. Each added character dramatically increases difficulty for attackers. • Aim for 12+ characters; go longer for high‑value accounts. • Use a password manager to store strong, unique credentials. • Avoid reusing passwords—ever. Now lets look at how to create strong passwords.

[Audio] There are three key but easy factor to a strong password. Keep them long, unique, and random. Target 12+ characters when possible. Avoid patterns or personal info—mix cases, numbers, and symbols. One account = one password to limit breach impact. Never reuse a password when possible • Using a password manager can help you stay organized and remembers them for you Modern requires 12 characters minimum, with a lowercase, an uppercase, a number, and a special character for all passwords. And provides access to keepass, a password manager.

[Audio] Using a passphrase instead of password is also recommended. Passphrases turn length and complexity into something memorable. Combine 4–5 unrelated words with a simple separator such as a dash or symbol or number. Avoid quotes or common phrases. • Example format: Word‑Word‑Word‑Word + ! or 7. • Use a different passphrase for each account and store it securely. A password manager will keep all of these organized and seceure. And you will only need to memorize the one master passphrase..

[Audio] Multi‑Factor Authentication adds crucial protection to keep everything safe and secure. There are multiple types of MFA available. Push notifications over SMS and email are better than nothing. While app‑based codes are stronger and hardware security keys offer the highest, phishing‑resistant security. Modern utilizes Duo and Microsoft Authenticator. You will be notified if this changed or new ones are added. Never approve unexpected MFA prompts—report them to IT, immediately..

[Audio] Ransomware continues to surge, often with "double extortion" where data is stolen even if ransom is paid. Prevention, detection, and disciplined recovery are essential. Assume backups will be targeted—maintain offline/immutable copies. Protect endpoints, patch quickly, and monitor. Practice incident response before you need it. Maintain a high standard of everyday digital hygiene..

[Audio] Everyday digital hygiene or Cybersecurity best practices…can block most malware and prevent ransomware. Always check your sources, use a password manger not a post it or notebook, Keep work and personal accounts and task separate, keep your pc up to date with antivirus enabled, and do not use local admin accounts for day to day tasks..

[Audio] It also includes good habits with physical and network security as well. Protect against risky USB devices from third parties. Never plug in unknown or found drives with out having them checked by IT to ensure they are safe. Protect yourself when using public Wi‑Fi. Always use mobile data or a VPN to encrypt data. Always confirm Wi‑Fi network names and security and always connect to your Modern VPN promptly. Avoid conducting sensitive work on open networks when possible. Remember while public Wifi is free it is Never safe..

[Audio] Know the early warning signs: slowdowns, random restarts, missing files, unexpected resets, disabled security tools, or strange network activity. Quick action minimizes damage. • Disconnect from the network. Turn off wifi or unplug the ethernet cable, and contact IT Security immediately • Don't attempt DIY cleanup—preserve evidence for investigation. • Report concerns even if you're unsure—small anomalies matter. When in doubt, ask..

[Audio] Security is everyone's job—share the responsibility. -Stay vigilant: Always pause and think before you click. -Choose long, unique passwords and enable Multi-Factor Authentication (MFA). -Keep all your devices updated with the latest patches. -Follow safe practices for networks and USBs—avoid risky connections and devices. -Report suspicious activity or issues right away. -When in doubt, ask. - Thank you, Please complete the following short quiz to confirm your training. -If you need help setting up a password manager or MFA? Contact [email protected]..