Information Security
What we are going to talk about today
The state of cybersecurity in the world
Main threats of 2025
Some statistics
Biggest Cybercrimes 2025
Cyberattack on Marks & Spencer
Phishing in 2025
ShinyHunters ATTACKS, 2025
CYBER THREAT TRENDS 2025-2026
Spam and phishing
SPAM AND PHISHING
Tagging Emails
SPAM AND PHISHING
Phishing - examples
Use of AI tools
WHAT ARE AI TOOLS
Classification of AI tools
Information security of public access AI
Safe use of AI tools
General rules of information security
What we protect
Data classification policy
Personal Data Processing Policy
Physical Security - PASSES
Mobile devices
ON the company's computer
IN THE WORKPLACE
Internet and mail security
Physical Security - hardware
Accounts, passwords, and access
ISMS – MASTER DOCUMENTS
Enforcing security policies
9.59M
Category: life safetylife safety

Information Security 2025

1. Information Security

INFORMATION SECURITY

2. What we are going to talk about today

2 of 33
WHAT WE ARE GOING TO TALK ABOUT TODAY
Cyber Threat Trends
AI and Information Security
Spam and Phishing
Basic Rules of Information security

3. The state of cybersecurity in the world

THE STATE OF CYBERSECURITY IN THE WORLD

4. Main threats of 2025

4 of 33
MAIN THREATS OF 2025

5. Some statistics

5 of 33
Total global loss: $10.5 trillion in 2025.
Cybercrime competes in scale with the economies of entire countries.
That's more than the economies of Germany and Japan combined!
Each vulnerability of the company is a risk of joining this amount.
The average cost of a data breach in 2025 was about $4-5 million.
SOME STATISTICS

6. Biggest Cybercrimes 2025

6 of 33
• ShinyHunters – up to 1.5 billion customer records of various companies.
• The leak of the Chinese surveillance network is ≈4 billion records, one of the
largest in history.
• Cyberattack on the city of St. Paul (USA) – a state of emergency, the National
Guard was involved, and services were stopped.
• Medical data (DaVita) – almost 4 million patients, leakage of sensitive
information.
• Ransomware against industrial and energy companies (LG Energy, etc.) –
terabytes of data, high risks to supply chains.
BIGGEST CYBERCRIMES 2025

7. Cyberattack on Marks & Spencer

7 of 33
• April 2025: cyberattack (ransomware + supply chain), suspension of online
orders, payment failures.
• Estimated losses: £300+ million, market value drop > £1 billion.
• Months of partial/limited operation of online channels.
• Competitors directly benefited against the background of the incident (customer
flow).
• They attacked through a third supplier — a weak link in the chain.
CYBERATTACK ON MARKS & SPENCER

8. Phishing in 2025

8 of 33
• It is used as the first step in most major attacks (ransomware, data breaches,
cloud hacking).
• Very realistic letters: style, signature, logos, themes of real projects.
• Often aimed at:
• administrators and technical users (access to the cloud, CRM, infrastructure);
• finance and HR (payments, salaries, change of details);
• CEOs (CEO fraud / BEC).
• Even with MFA, you can get "caught" if you enter code on a fake page.
PHISHING IN 2025

9. ShinyHunters ATTACKS, 2025

9 of 33
Cybercriminals targeted the accounts of administrators / technical users in various
companies.
They used:
• very plausible letters/messages about "security update", "access check", "integration
problem", etc.;
• fake login pages and tools (like "updated Data Loader").
After the accounts were compromised, they gained access to the CRM data of
companies (customers, contacts, cases, etc.).
SHINYHUNTERS ATTACKS, 2025

10. CYBER THREAT TRENDS 2025-2026

AI-powered cyberattacks
Attacks on the cloud and IoT
The threat of quantum computing
Supply chain vulnerabilities
Geopolitical and state actors
Ransomware
Adaptive Threats (HEAT)
10 of
33

11. Spam and phishing

SPAM AND PHISHING

12. SPAM AND PHISHING

12 of
33
Phishing is the practice of sending email impersonating the sender (companies
or people) to obtain sensitive information.
Spam is sending an e-mail message without the user's permission/request for
the purpose of making money, usually to advertise products and services, but
sometimes also to install malware.
SPAM AND PHISHING

13. Tagging Emails

13 of
33
Emails from third-party addresses are marked as:
CAUTION: External mail. Do not open attachments or click links unless you
are sure the content is safe.
Emails that are detected by the system as spam are marked with the tag
[SPAM]
TAGGING EMAILS

14. SPAM AND PHISHING

14 of
33
Be attentive to letters coming from external sources:
• Disable automatic image loading in the email client
• Do not open attachments in such emails.
• Do not click on the link.
• Do not enter an account/password.
• Forward all suspicious emails (preferably as attachments) to SecurityIncidents email
address.
• If you entered a password, change it urgently and inform the SecurityIncidents email
address.
SPAM AND PHISHING

15. Phishing - examples

15 of
33
PHISHING - EXAMPLES

16. Use of AI tools

16 of
33
USE OF AI TOOLS

17. WHAT ARE AI TOOLS

17 of
33
This is any software or service that includes
Machine Learning (ML)
Natural Language Processing (NLP)
Self-adaptation to user actions
Data recognition and analysis
Content generation
In the modern sense, it is any software that uses large linguistic models (LLMs).
We took active part in the previous AI popularity wave 1990s, so actively promote
AI tools usage.
WHAT ARE AI TOOLS

18. Classification of AI tools

CLASSIFICATION OF AI TOOLS
1. By type – text, for image generation, for working with
audio, for working with video and for creating program
code.
2. By the form of interaction – chatbots, co-pilots,
autonomous agents.
3. By access level
• Public Access
• Local
4. Provided by a third party
18 of
33

19. Information security of public access AI

19 of
33
1.
Do not provide information that is internal or confidential
information of Onseo or its partners.
2.
Do not transfer program code from your project.
3.
Do not use any personal information when interacting
with the system.
4.
Remember:
• Cyber attackers can try AI systems to organize cyberattacks
(phishing, malware, etc.)
• The use of AI results is questionable in terms of personal
information protection, copyright, etc.
• The use of a chatbot can lead to the leakage of personal
information with all the relevant consequences according to
the law.
INFORMATION SECURITY OF PUBLIC ACCESS AI

20. Safe use of AI tools

20 of
33
1.
Be sure to check the results of AI tools
2.
AI is not a substitute for humans, it is just a probabilistic automaton, so
the results need to be thoroughly checked in terms of correctness (AI
hallucinations), copyright, etc.
3.
AI tools must be coordinated with the information security department.
4.
Local AI tools are preferred because they are more reliable in terms of
privacy.
SAFE USE OF AI TOOLS

21. General rules of information security

21 of
33
GENERAL RULES OF INFORMATION SECURITY

22. What we protect

22 of
33
Confidentiality – access is granted only to certain users or systems
Integrity – The information must be complete, accurate, and up-to-date
Availability – Information should be provided as needed
Compliance – the company must monitor compliance with current legislation and
changes in it
WHAT WE PROTECT

23. Data classification policy

23 of
33
We distinguish 5 categories:
• Public (unrestricted) – advertising materials
• Internal (restricted) – this presentation
• Confidential - business, technical, legal documentation
• Personal – personally identifiable information (PII)
• Sensitive personal – information related to health, genetic, biometric
data, etc.
DATA CLASSIFICATION POLICY

24. Personal Data Processing Policy

24 of
33
1) You need to know what data is used on the project for
development, testing, etc.
2) Personal data is always confidential
3) If possible, use artificial data (or anonymized, at least
pseudonymous)
4) Do not send to third parties without appropriate instructions
5) Personal data leakage must be urgently reported to
SecurityIncidents
PERSONAL DATA PROCESSING POLICY

25. Physical Security - PASSES

25 of
33
1) Always carry a pass (badge) in the office so that it is clearly visible
to others
2) Report badge loss to SecurityIncidents as soon as possible
3) Do not use someone else's passes to enter the office
4) Get a temporary pass from the security if you forgot yours at
home.
PHYSICAL SECURITY - PASSES

26. Mobile devices

26 of
33
1) Do not leave mobile devices unattended
2) The device must be protected by a password/pin/biometric
3) Mobile devices with an Exchange client are always encrypted and managed by
Onseo IT – in case of loss, information can be erased remotely if there is an
Internet connection.
4) The data must be erased if the device is transferred for use to another owner
5) If the device is used in a workflow, it must be registered at the link:
https://home.on.seo/helpdesk/Lists/Register%20Personal%20Device/My%20Devic
es.aspx
6) For more information, please refer to the Personal Devices Policy
MOBILE DEVICES

27. ON the company's computer

27 of
33
1) Install only permitted software (see Memos)
2) Do not stop antivirus programs
3) Update the OS according to notifications
4) After finishing work with project code, data, etc., they must be saved in cloud
storages/repositories
5) Do not attempt to repair equipment (or change configuration) yourself
6) Do not install the operating system yourself (unless they are test systems)
ON THE COMPANY'S COMPUTER

28. IN THE WORKPLACE

28 of
33
1)
Do not leave confidential documents on the table
2)
Do not print confidential documents whenever possible
3)
Shredder sensitive documents
4)
Keep an eye on the background during video conferences (blur, artificial
background, etc.)
5)
Erase information from public boards (such as conference rooms) after the
meeting ends
IN THE WORKPLACE

29. Internet and mail security

29 of
33
1) Do not use the company's network and company devices for illegal
activity!
2) Don't use your work email for your own business
3) Don't use personal email for company documents
4) Encrypt particularly important documents in transit
5) Do not store project and other confidential documents in your own cloud
storage
INTERNET AND MAIL SECURITY

30. Physical Security - hardware

30 of
33
1)
Do not move stationary equipment out of the office without
authorization and following the Onseo-PHS-203-WP-3 Equipment
Moving procedure
2)
Comply with the requirements for accounting for test equipment,
including customers' equipment (who has it, history of use).
PHYSICAL SECURITY - HARDWARE

31. Accounts, passwords, and access

31 of
33
1) Don't use your business account password for any other purpose
2) Do not register personal accounts to a work address (stores, social
networks, etc.)
3) Do not write down passwords on a piece of paper, text files, etc.
4) Lock the screen when you leave your workplace
5) Don't use other people's accounts (email, IM, etc.)
6) Monitor the relevance of access rights (when moving between projects,
leaving a project, etc.). Including rights on the side of the customer.
ACCOUNTS, PASSWORDS, AND ACCESS

32. ISMS – MASTER DOCUMENTS

32 of
33
Every employee should know:
1) Information Security Policy
2) Data Classification Policy
3) Information Security Standards
4) Secure Development Policy
ISMS – MASTER DOCUMENTS

33. Enforcing security policies

33 of
33
1) Any employee can be disciplined for violating policies
2) Compliance with security policies will be positively assessed during PR
3) Any exception to these policies must be approved by the company's
management and IT department.
ENFORCING SECURITY POLICIES
English     Русский Rules