Beruflich Dokumente
Kultur Dokumente
What is Information
'Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected
Information can be
Created Stored Destroyed Processed Transmitted Used (For proper & improper purposes) Corrupted Lost Stolen
Whatever form the information takes, or means by which it is shared or stored, it should always be appropriately protected.
3 Lines of Defense
People Process Technology
PEOPLE
PROCESSES
TECHNOLOGY
Pe
le re T e First Li e f efe se
M st security breac es are results f e le fr m wit i t e rga izati misusi g i f rmati accide tally r ur sely. S cial e gi eeri g is a t er way i f rmati is breac ed. um ster divi g is a way t at acker get i f rmati .
What
ee f r the Pe s ccessf l?
le t
The first li e f efe se a rga izati shoul follow to hel com at i si er issues is to evelop i formation security policies and an information security plan. Information security policies identify the rules required to maintain information security. An information security plan details how an organization will implement the information security policies.
plan:
1. Develop the information security policies 2. Communicate the information security policies. 3. Identify critical information assets and risks 4. Test and reevaluate risks 5. Obtain stakeholder support
Confidentiality
Integrity
Availability
Ensuring that authorized users have access to information and associated assets when required
LOSS OF GOODWILL
Agent
Motive
Results
Threat Sources
Source Motivation Challenge Ego Game Playing Deadline Financial problems Disenchantment Threat System hacking Social engineering Dumpster diving Backdoors Fraud Poor documentation System attacks Social engineering Letter bombs Viruses Denial of service Corruption of data Malicious code introduction System bugs Unauthorized access
External Hackers
Internal Hackers
Terrorist
Worm Denial-of-service attack (DoS) Distributed denial-of-service attack (DDoS) Trojan-horse virus Backdoor program Polymorphic virus and worm
WORM Worms more commonly affect computer networks than individual machines. Networks are the big complicated groups of technology consisting of servers, routers and client machines. The internet is basically a large network of computer networks, it is very much susceptible to worm attacks.
BOTNETThe term bot is short for robot. Criminals distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie). When this occurs, your computer can perform automated tasks over the Internet, without you knowing it.
TROJAN :
The classic definition of a Trojan is a program that poses as legitimate software but when launched will do something harmful. Trojans can't spread by themselves, which is what distinguishes them from viruses and worms. Today, Trojans are typically installed secretly and deliver their malicious payload without your knowledge. Much of today s crimeware is comprised of different types of Trojans.
Software Bombs
Time Bomb - As the name suggests, a piece of hidden program code designed to run at some time in the future, causing damage to, or loss of, the computer system. Time bombs are less sophisticated than Logic Bombs, being concerned only with the system date, rather than some specific event. Unless the date is changed, or the code removed, the Bomb will go off on a specific date, come what may. Logic Bomb - A logic bomb is a portion of a computer program intended to execute a malicious function when certain conditions are met.
PHISHING
There may be no fish or rod in sight, but there is often a catch of the day for criminals. Using this technique, they steal by tricking internet and email users into disclosing their personal details. Phishing is a very specific type of cybercrime designed to trick you into disclosing personal financial details. Cybercriminals create a fake website that looks just like a bank s website (or any other web site where online financial transactions are conducted e.g. eBay). They then try to trick you into visiting this site and typing in your confidential data, such as your login, password or PIN. Typically, cybercriminals send out a large numbers of e-mails containing a hyperlink to the fake site.
SPAM
Spam is anonymous, unsolicited bulk email it is effectively the email equivalent of physical junk mail delivered through the post. It is sent out in mass quantities by spammers who make money from the small percentage of recipients that actually respond. Spam is also used for phishing and to spread malicious code.
RESPONSE TIME
Content Filtering
Organizations can use content filtering technologies to filter e-mail and prevent e-mails containing sensitive information from transmitting and stop spam and viruses from spreading Content filtering occurs when organizations use software that filters content to prevent the transmission of unauthorized information . Spam a form of unsolicited e-mail
ENCRYPTION
If there is an information security breach and the information was encrypted, the person stealing the information would be unable to read it Encryption scrambles information into an alternative form that requires a key or password to decrypt the information Public key encryption uses two keys: a public key that everyone can have and a private key for only the recipient
FIREWALLS
One of the most common defenses for preventing a security breach is a firewall Firewall hardware and/or software that guards a private network by analyzing the information leaving and entering the network
Thank You
SEC_RITY is incomplete without U.
TROJAN
TROJAN - The classic definition of a Trojan is a program that poses as legitimate software but when launched will do something harmful. Trojans can't spread by themselves, which is what distinguishes them from viruses and worms. Today, Trojans are typically installed secretly and deliver their malicious payload without your knowledge. Much of today s crimeware is comprised of different types of Trojans.
5 steps to create an information security plan: Step 1 Develop Create an information security policy Step 2 - Communicate Set up a training plan for employees to learn the plan. Define guidelines for punishment if policy is not followed. Step 3 Identify What information is an asset What information is at risk What are the risks Set guidelines for accessing information such as passwords. Step 4 Test system Periodically test system for security Reevaluate risks Conduct background checks periodically Audit system regularly Step 5 Support Periodically test system for security Reevaluate risks Conduct background checks periodically Audit system regularly
characteristics it possesses:
y Availability y Accuracy y Authenticity y Confidentiality y Integrity y Utility y Possession