Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Systems Security. Introduction Sharon Garcia UNM Graduate Student Masters of Accountancy-Information Assurance Track Information Systems Security.

Published byAlexandra Clarke Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Systems Security. Introduction Sharon Garcia UNM Graduate Student Masters of Accountancy-Information Assurance Track Information Systems Security."— Presentation transcript:

1 Information Systems Security

2 Introduction Sharon Garcia UNM Graduate Student Masters of Accountancy-Information Assurance Track Information Systems Security Course Project

3 Why Does ISS Matter? To some extent everyone creates and uses technology. It matters because all information that is generated has economic potential. This information can be collected, organized, and turned into something more than it originally started as. http://www.wired.co.uk/news/archive/2013- 02/05/weakness-in-tsl-protocol/viewgallery/293669

4 Facebook… Signing up for Facebook does not “cost” you anything… or does it? Facebook makes money in different ways but mainly from advertising. Instead of charging you a fee for the service they offer they record your personal information, along with all the other information you generate and sell that information to external vendors.

5 So… Why do Facebook’s profits matter? If Facebook is compromised, their profits are directly affected. In other words, when it’s users’ accounts are compromised they lose money. Tons of money. http://money.cnn.com/2012/02/02/technology/thebuzz/

6 Facebook, other companies, and the United States government, all need employees who can detect vulnerabilities in their information systems. Programmers Data Analysts Web Designers Network Administrators Forensic Analysts

7 What Type Of Technologies and Techniques Do They Use in ISS? A Whole Ton. Cryptography, Steganography, Redundancy, Network Safety and Password Protections (Policies and Procedures), Data Analytics (Benford’s Law), and on and on.

8 Cryptography Heartbleed affects potentially two- thirds of systems on the Internet “The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.” – www.heartbleed.com What is SSL and OpenSSL?

9 Cryptography You’ve definitely heard of this… but not by this name. Encryption takes data and translates it into something that is undecipherable unless you have the “key” that will translate it back into the original data.

10 Cryptography Example http://en.wikipedia.org/wiki/Cryptography

11 Question for You What are some ways that Heartbleed can be stopped?

12 Steganography Steganography has been used for hundreds of years. ZeusVM Trojan – stole property from approximately “70 enterprises and agencies across 14 countries.” - http://www.crn.com.au/ http://www.crn.com.au/

13 Steganography Uses something to hide something in… Enables a user to hide a message, picture, or audio file, within a picture or audio file… What? http://www.giuseppe-arcimboldo.org/Winter-(L'Inverno).html

14 Steganography Example I want to send my best friend a message without anyone knowing that I sent it to her. I could write a message, hide it within a picture using steganography software, and then send her the picture with the message inside it. My best friend would then have to use the same program to extract the message from the picture.

15 Question For You What was the name of the Malware that attacked approximately 70 enterprises in 14 countries?

16 Redundancy (Backups) Dropped your laptop? Spilled soda on your computer? Dog chewed through the power cord while you were working on an assignment? Hopefully you saved your work somewhere else than on the device you were using!

17 Redundancy Dividing a computer’s disk drives in ways that allow for data to be spread across them. This lets the data exist in multiple places at once in the event that one disk crashes, gets hacked, catches fire, or worse.

18 Redundancy Example RAID 0, RAID 1, RAID 2… http://en.wikipedia.org/wiki/File:RAID_6.svg

19 Question For You What are some other ways you can protect your data?

20 Network Safety and Password Protections (Policies and Procedures) You are only as strong (or safe) as your weakest link. Policies and Procedures ensure that everyone on the network utilizes the same method to protect against vulnerabilities and threats. Policies and Procedures

21 Question For You What is considered a “strong” password?

22 Forensic Analytics Using the data generated to find inconsistencies that may expose unethical, fraudulent, or criminal activities. Benford’s Law Microsoft Excel, Microsoft Access, IDEA, Qlickview

23 Forensic Analytics Example Benford’s Law http://www.isaca.org/Journal/Past-Issues/2011/Volume-3/Pages/Understanding-and-Applying-Benfords-Law.aspx

24 Question For You What is the equation for Benford’s Law?

25 Conclusion There are many different types of ISS that exist. White Hats and Black Hats. Use technology safely.

26

Download ppt "Information Systems Security. Introduction Sharon Garcia UNM Graduate Student Masters of Accountancy-Information Assurance Track Information Systems Security."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Computer security Viruses Hacking Backups

Computer security Viruses Hacking Backups
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
e-safety and cyber bullying

e-safety and cyber bullying
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.

 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Video Following is a video of what can happen if you don’t update your security settings! security.

Video Following is a video of what can happen if you don’t update your security settings! security.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

Similar presentations

Ads by Google