Judy Davis, Senior Trade Advisor with Braumiller Consulting Group to present a three part webinar series on:
CTPAT Minimum Security Criteria
LETS GET SERIOUS ABOUT CYBERSECURITY!
The CTPAT Minimum Security Criteria has stepped up the game to focus on one of THE most dangerous potential impacts to the supply chain.
Next to realizing the importance of the right employee for the right job, and valuing that association, is putting Cybersecurity at the top of your commitment list.
Braumiller Consulting is hosting a three-part series on addressing the expanded cyber area of CTPAT and some of the best remedies recommended by CBP for protecting your business.
Three part CTPAT MSC Cyber Security Series includes:
Part #1 – User Authentication/Password
Part #2 – Network Defense/ Patching
Part #3 – Social Engineering
$25 each, or $60* for the 3 part series
* Offered at the time of registration for any of the three webinars.
Part #1 – User Authentication, Tuesday, August 31st
10:00 a.m. – 11:00 a.m. CST
All you think you know, but don't know about password protection. Authentication started with the idea of requiring passwords to access sensitive information back in 2002. We've come a long way since then! Yet we are still stuck in "password mode." This session will cover a variety of Authentication protocols that will get you up to speed for this Must requirement in the New MSC.
Points of discussion include:
- Scope and expectations
- Standards of Authentication
- Individual accounts
- Single Factor vs. Multi-factor Authentication – when they should apply
- Uncomplicating passphrases
- Practices and Examples for building strong password/passphrases
- Compromised passwords / changes
Part #2 – Network Defense/ Patching , Tuesday, September 7th, 10:00 a.m. – 11:00 a.m.
Contact (POC's) for the program, and other critical company operational directors do not understand the boots on the ground issues until it's too late. CTPAT has made this a target area for validation and re-validation reviews. We want to help you understand what you are up against. This session will address:
- Language and Terminology used in the criterion + general terminology associated with the area of cybersecurity
- Tools to better provide oversight
- The Four "Musts" of MSC 4.2
- Questions to be prepared for in a SCSS Audit
- Overlaps with Physical Security and Suspicious Activity Reporting
- Protection Measures and Patch Update Handling
Part #3 – Social Engineering , Tuesday, September 21st, 10:00 a.m. – 11:00 a.m.
Social Engineering is defined as attackers tying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear benign but are actually malicious. Spending thousands of dollars on the best network protection, and physical infrastructure goes out the window if employees give hackers the keys to the kingdom. In our session on Social Engineering we will look at:
- What do strong social engineering policies look like
- Training – how, how much and how often
- Threat awareness and where it leads
- Pentesting (Penetration Testing Measures) why they are important
- Clear Instruction on handling email
- Real life examples – they happen all too often