The Demand For Security: information security program

THE DEMAND FOR SECURITY LESSON 2 framework in security planning

The primary objective of an information security program, distinct from other IT initiatives, is to preserve the integrity of systems and their data. Organizations allocate substantial resources, both monetary and manpower, to keep their data systems up-to-date. These resources could be redirected to enhance the systems that house the information if there were no risks to information and systems. Information systems are frequently targeted, leading to a corresponding increase in the need for information security as these attacks become more sophisticated. INTRODUCTION

BUSINESS NEEDS FIRST FOR A COMPANY, INFORMATION SECURITY SERVES FOUR CRITICAL FUNCTIONS: L. KEEPING THE COMPANY'S ABILITY TO FUNCTION SAFE. 2, ENSURE THAT APPLICATIONS OPERATING ON THE ORGANIZATION'S IT PLATFORMS ARE SAFE TO USE. 3, KEEPING THE DATA THAT THE COMPANY OBTAINS AND UTILIZES SAFE. 4, KEEPING THE COMPANY'S TECHNOLOGICAL ASSETS SAFE.

SAFEGUARDING ORGANIZATIONAL FUNCTIONALITY Information security implementation ensuring organizational functionality is a shared responsibility between general management and IT management. Despite the perception of information security as technically complex, its effectiveness relies more on management than technology. Charles Cresson Weed highlights the importance of effective information technology management in ensuring security. Convincing stakeholders to view information security as a management and people issue rather than just a technical one is a significant effort. Each community within an organization must address information security considering its commercial impact and potential business interruptions.

CREATING A SECURE ENVIRONMENT FOR APPLICATIONS Organizations face pressure to acquire and operate efficient applications, necessitating the development of protective environments, especially for critical infrastructure apps. Management should maintain oversight of the organization's infrastructure rather than solely relying on the IT department.

PROTECTING COLLECTED DATA Data is vital for an organization's transactions and value delivery, emphasizing the importance of securing both data in motion and at rest. Attackers target data due to its value, hence an effective information security program managed by management is crucial for safeguarding data integrity and value.

ENSURING SAFETY OF ORGANIZATIONAL TECHNOLOGY ASSETS Organizations should adopt secure infrastructure services suitable for their size and requirements, upgrading as needed with organizational growth. Public Key Infrastructure (PKI) and digital certificates are examples of advanced security measures to protect confidential interactions and transactions.

ADDRESSING THREATS Understanding both internal and external threats is essential for protecting organizational data and assets. Management must be aware of various risks to people, applications, data, and information systems to make informed decisions about information security. Internet connectivity increases the threat from external sources, with a substantial percentage of the world's population having internet access, as highlighted in research findings.

INTELLECTUAL PROPERTY (IP) IN COMMERCIAL ACTIVITIES Companies engage in creating or supporting the development of intellectual property (IP) as part of their business endeavors. IP encompasses the ownership and control of ideas, whether in tangible or virtual form, and may involve the use of another party's IP with or without royalty payments or permission. Key components of IP include trade secrets, copyrights, trademarks, and patents, all of which require proper acknowledgment of the source. Unauthorized use of IP poses a risk to information security, especially as employees often interact with various forms of IP in their daily tasks.

ACQUISITION AND USE OF IP Organizations often acquire or lease IP from other entities and must adhere to the terms specified in the purchase or license agreements to ensure fair and responsible use. Software-based IP infringement, commonly known as software piracy, is prevalent and occurs when individuals or businesses use software contrary to the terms of the owner's license agreements. Violating software licensing terms, such as copying programs to multiple computers without proper licensing, constitutes a breach of copyright.

INTENTIONAL SOFTWARE ATTACKS Deliberate software attacks occur when individuals or groups create and deploy software with the purpose of harming or disrupting systems. This type of software, commonly referred to as malicious code or malware, is designed to inflict damage, destruction, or hinder the normal functioning of target systems. Examples of such malicious programming include viruses, worms, Trojan horses, logic bombs, and backdoors.

NOTABLE INCIDENTS OF MALICIOUS ATTACKS The infamous denial-of-service attacks orchestrated by Mafiaboy targeted major websites such as Amazon.com, CNN.com, ETrade.com, eBay.com, Yahoo.com, Excite.com, and Dell.com, resulting in significant financial losses. Goudimie, a British Internet provider, was reportedly the first company "hacked out of existence" in a denial-of-service attack similar to Mafiaboy’s. THE TYPE OF VIRUS USED Macro viruses, embedded in macro code of word processors, spreadsheets, and databases, and boot viruses, which infect key operating system files in a computer's boot sector, are among the most common types of computer viruses.

VIRUSES Computer viruses are coded segments designed to execute destructive actions, analogous to biological viruses that infect living organisms. These viruses propagate by attaching themselves to existing programs and seizing control of the host system's functions, subsequently spreading to other systems. Users often unwittingly assist in the spread of viruses by opening infected emails or performing seemingly innocuous actions, leading to various levels of damage, from odd messages to complete data loss. Viruses spread through physical media, email, or other means of data transmission, with email attachments being a common vector. Modern viruses exploit networked environments, posing significant risks if proper controls are not implemented. Anti-virus software from reputable manufacturers like Symantec Norton Anti-Virus and McAfee VirusScan are essential tools for combating computer infections.

WORMS Named after the Tapeworm in John Brunner's novel "The Shockwave Rider," worms are malicious programs that autonomously replicate themselves without requiring a host program. Worms can continue replicating until all available system resources, such as memory, hard drive space, and network bandwidth, are exhausted. Notable worm examples include Code Red, Sircam, Nimda (which spells "admin" backward), and Klez, which employ various attack techniques in a single package. Some worms, like Klez, carry dual payloads, containing both the worm itself and attempting to deliver a macro virus if opened in an HTMLenabled browser. Comprehensive attack worms and viruses such as MSBlaster, MyD00m, and Netsky exploit vulnerabilities in popular operating systems and software programs. Worms can initiate their activities with or without user interaction, spreading to all email accounts on an infected system and leaving copies on accessible web servers. They exploit open shares on networks where an infected system resides, installing copies of the worm code on servers to infect users who access those shares.

TROJAN HORSE Trojan horses are software programs that disguise their true nature until activation, revealing their purpose upon being triggered. They often masquerade as helpful, entertaining, or essential software, like readme.exe files found in shareware and freeware bundles. Similar to their namesake in Greek mythology, Trojan horses become active once infiltrating a system and can wreak havoc on unsuspecting users. An illustrative Trojan horse incident occurred on January 20, 1999, when Internet email users received emails containing a Trojan horse named Happy99.exe as an attachment. Upon opening the attachment, users were presented ith a short multimedia display featuring fireworks and a "Happy New Year" message, while the Trojan horse quietly installed itself on their PCs. Furthermore, every email sent by the infected user automatically included a second email to the same recipient, containing the Happy99 Trojan horse program, thereby facilitating the virus's propagation.

BACK DOOR OR TRAP DOOR A virus or worm payload can include a component that installs a back door or trap door in a system, granting attackers access with special privileges at their discretion. Subseven and Back Orificæ are notable examples of this type of payload.

POLYMORPHIC THREATS Polymorphic threats pose significant challenges in combating viruses and worms. These threats alter their appearance over time, making detection difficult for antivirus software that relies on predefined signatures. To evade antivirus detection, viruses and worms adapt by changing their size and other file characteristics.

VIRUS AND WORM HOAXES While viruses and worms are troublesome, viral hoaxes can be even more disruptive. Wellintentioned individuals may spread false warnings about nonexistent viruses through group emails, disrupting organizational harmony and productivity. This can lead to network overload as users forward warning messages, post them on bulletin boards, and attempt to update antivirus software. Individuals can verify virus information using various internet tools, such as the CERT Coordination Center and the HoaxSlayer website.

VARIATIONS IN SERVICE QUALITY The smooth operation of interconnected support systems, including power grids, communication networks, and service vendors, is crucial to an organization's information system. Unexpected events like storms or personnel illnesses can disrupt these support systems, leading to potential service interruptions. Incidents such as a backhoe damaging a fiberoptic link can illustrate how unforeseen events can impact service delivery.

FORCES OF NATURE Natural disasters and acts of God can be extremely catastrophic as they often occur suddenly and are beyond human control. Examples include fires, floods, earthquakes, lightning, volcanic eruptions, and bug infestations, which can disrupt lives and information storage, transfer, and usage.

EXAMPLES FORCES OF NATURE Fire: Structural fires can damage computing equipment and cause smoke or water damage via . Fire and business interruption insurance can mitigate this risk. Flood: Overflowing water can damage the information system and its building, potentially disrupting operations. Flood insurance and business interruption insurance can help. Earthquake: Sudden movements of the earth's crust can damage the information system or its building, affecting operations. Specialist casualty and business interruption insurance can address this risk. Lightning: Electric discharge can directly damage the information system or its power components, leading to fires or other facility damage. Multipurpose insurance can mitigate this risk. Landslide or mudslide: Downward earth movements can destroy the information system or its building, hindering operations. Casualty and business interruption insurance can minimize this risk. Tornado or strong windstorm: Highspeed air movements can damage the information system or its building, obstructing access. Insurance coverage can reduce this risk. Hurricane or typhoon: Severe tropical storms can damage the information system or its building, especially in coastal areas. Insurance can help manage this risk. Tsunami: Ocean waves triggered by seismic events can directly harm the information system or its building, affecting organizations near the shore. Insurance coverage can mitigate this risk.

HUMAN ERROR OR FAILURE This category encompasses unintentional actions by authorized users, often due to mistakes or lack of awareness. Users can make errors due to factors like inexperience, inadequate training, or incorrect assumptions, all of which can have significant consequences. Minor errors, such as typing mistakes, can lead to major disruptions. For instance: In April 1997, a routine Internet router table update resulted in the core of the Internet being disrupted, affecting connectivity between service providers for about fifteen minutes and impacting roughly 45% of Internet users. In July 1997, an accidental upload to the root domain servers of the Internet caused widespread disruptions. Employees pose a significant threat to an organization's information security due to their access to sensitive data.

HUMAN ERROR OR FAILURE Their errors can jeopardize data confidentiality, integrity, and availability, including disclosing classified information, incorrect data entry, accidental data deletion or alteration, storing data in insecure locations, and failing to protect information. Training, ongoing awareness efforts, and controls ranging from simple processes like doublechecking critical commands to more complex procedures like command verification by a second party can help mitigate human error. Dual approval controls, such as those embedded in many military applications, represent an example of more sophisticated measures to prevent human error or failure.

INFORMATION EXTORTION Information extortion occurs when an attacker or insider steals data from a computer system and demands payment or secrecy. For instance, in a case of credit card theft, a Russian hacker named Maxus stole customer credit card data from CD Universe and demanded $100,000 in extortion. When not paid, he posted the card numbers online, limiting access to his website due to its popularity. In another incident in 2008, Express Scripts, Inc., a pharmacy benefits manager, was hacked by an individual who claimed access to customer data, demanding an undisclosed sum. The company alerted the FBI, offered a $1 million reward, and notified affected customers as per state breach notification laws. They also incurred undisclosed costs for alerts and credit monitoring services for customers.

MISSING, INADEQUATE, OR INCOMPLETE ORGANIZATIONAL POLICY OR PLANNING When other threats lead to attacks, an organization's information assets can suffer due to lacking, inadequate, or incomplete policies or strategies. Information security is primarily a management responsibility, with senior leadership overseeing strategic planning for security, IT, and business functions, known as governance.

MISSING, INADEQUATE, OR INCOMPLETE CONTROLS Organizations lacking, inadequately implementing, or incompletely managing controls, such as security measures and protection systems, are more prone to losses. For example, if a small business initially sets up its network with consumer grade equipment and then fails to upgrade, increasing traffic can degrade performance and cause data loss. Regular security audits help ensure ongoing protection of an organization's assets.

SABOTAGE OR VANDALISM Deliberate sabotage or acts of vandalism aimed at destroying assets or harming an organization's image fall under this category. Examples include employee vandalism or organized sabotage against an organization. Attacks on an organization's image can be serious, impacting consumer confidence and brand value. For instance, vandalism to a website can lead to revenue loss and damage to a company's reputation.

HACKTIVISM AND CYBERTERRORISM Hacktivist operations, aimed at protesting organizational or governmental policies or actions, are on the rise. Cyberterrorism involves using computer hacking for terrorist purposes over networks or the Internet. Security measures are being developed globally to protect critical computing, communications networks, and infrastructure from cyberterrorist threats.

THEFT Theft, whether physical, technological, or intellectual, poses a constant threat as it involves the unauthorized taking of property. While physical theft can be managed with security measures like secured doors and alarm systems, electronic theft is harder to detect. Electronic data theft can go unnoticed, especially if thieves are careful, leading to significant consequences.

TECHNICAL HARDWARE FAILURES OR ERRORS Technical hardware failures occur when equipment is distributed with known or undisclosed faults, causing inconsistencies or unavailability in system functionality. Some hardware faults can be fatal, resulting in unrecoverable loss, while others may be intermittent, making them difficult to reproduce.

TECHNOLOGICAL OBSOLESCENCE Outdated infrastructure can lead to unreliable systems, risking data integrity due to assaults. Management must regularly assess current technology to prevent obsolescence, with IT professionals playing a key role in identifying potential issues.

ATTACK An attack compromises a system by exploiting vulnerabilities, causing destruction or theft of information or assets. Attacks occur when actions exploit system vulnerabilities, unlike constant threats. Malicious code, including viruses and worms, can cause significant harm.

HOAXES Hoaxes involve transmitting a fake virus warning with an actual virus attached, tricking users into spreading it under the guise of a legitimate message.

BRUTE FORCE Brute force attacks involve trying every possible password combination to gain access to accounts, often targeting commonly used passwords. Defense against such attacks involves limiting the number of failed access attempts.

DICTIONARY Dictionary attacks narrow down the field by using a list of common passwords instead of random variations, targeting specific accounts. Regulations mandating complex passwords help mitigate the effectiveness of dictionary attacks.

THANK YOU Report by Kyle Dennis Dalida Babylyn Mendoza

The Demand For Security: information security program

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

The Demand For Security: information security program

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......