INSIDER THREATS BY: DENZEL GAY COSC 356. ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent.

Slides:



Advertisements
Similar presentations
Crime and Security in the Networked Economy Part 4.
Advertisements

Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.
THE INSIDER THREAT AND DATA LOSS PREVENTION CSCE 727.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
1 Outsourcing Contract and Service Level Issues Sharon O’Bryan Week 5 November 2, 2004.
Overview of Joe B. Taylor CS 591 Fall Introduction  Thriving defense manufacturing firm  System administrator angered  His role diminished with.
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Computer Security: Principles and Practice
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
© Pearson Education Limited, Chapter 5 Database Administration and Security Transparencies.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
What does “secure” mean? Protecting Valuables
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 14 – Human Factors.
Security Architecture
Information Systems Security Operational Control for Information Security.
Logic Bomb Virus.  The first use of a time bomb in software may have been with the scribe markup language and word processing system, developed by Brian.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Scott Charney Cybercrime and Risk Management PwC.
Computer System and Internet Misuse at the Work Place By: Kris Dimon.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
CONTROLLING INFORMATION SYSTEMS
Introduction to Security Dr. John P. Abraham Professor UTPA.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Why Cryptosystems Fail R. Anderson, Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993 Reviewed by Yunkyu Sung
Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Overview of Joe B. Taylor CS 591 Fall Introduction  Thriving defense manufacturing firm  System administrator angered  His role diminished with.
Information Systems Security
Security Issues in Information Technology
CS457 Introduction to Information Security Systems
Threat Modeling for Cloud Computing
Issues and Protections
Insiders are Today’s Biggest Security Threat
CHAPTER FOUR OVERVIEW SECTION ETHICS
IS4680 Security Auditing for Compliance
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Security Engineering.
Understand Core Security Principles
Forensics Week 11.
Information Security based on International Standard ISO 27001
Audit Findings: SQL Database
IT Vocab IT = information technology Server Client or host
IS4550 Security Policies and Implementation Unit 5 User Policies
Unit 1.6 Systems security Lesson 2
Intrusion detection Lewis Knight.
INFORMATION SYSTEMS SECURITY and CONTROL
Cyber security Policy development and implementation
Security of Data  
DATABASE SECURITY For CSCL (BIM).
CHAPTER FOUR OVERVIEW SECTION ETHICS
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
Implementation of security elements in database
Chapter # 3 COMPUTER AND INTERNET CRIME
Engineering Secure Software
Example Exercise 1 Elements of Internal Control
Anuj Dube Jimmy Lambert Michael McClendon
Accounting Information Systems & Computer Fraud
Presentation transcript:

INSIDER THREATS BY: DENZEL GAY COSC 356

ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent

WHAT IS AN INSIDER THREAT? An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems.

WHAT IS AN INSIDER THREAT? The threat may involve Fraud The theft of confidential or commercially valuable information The theft of intellectual property The sabotage of computer systems

WHAT IS AN INSIDER THREAT? An insider may attempt to steal property or information for personal gain, or to benefit another organization or country. The threat to the organization could also be through malicious software left running on its computer systems by former employees, a so- called Logic bomb.

TYPES OF ATTACKS An attack can be active or passive. An "active attack" attempts to alter system resources or affect their operation. A "passive attack" attempts to learn or make use of information from the system but does not affect system resources.

LOGIC BOMBS A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.

WAYS TO PREVENT INSIDER THREATS Institute periodic enterprise-wide risk assessments. The organization must take an enterprise-wide view of information security, first determining its critical assets, then defining a risk management strategy for protecting those assets from both insiders and outsiders.

WAYS TO PREVENT INSIDER THREATS Institute periodic security awareness training for all employees. All employees in an organization must understand that security policies and procedures exist, that there is a good reason why they exist, that they must be enforced, and that there can be serious consequences for infractions.

WAYS TO PREVENT INSIDER THREATS Enforce separation of duties and least privilege. Effective separation of duties requires the implementation of least privilege; that is, authorizing people only for the resources they need to do their jobs.

WAYS TO PREVENT INSIDER THREATS Use extra caution with system administrators and privileged users. Typically, logging and monitoring is performed by a combination of system administrators and privileged users. Therefore, additional vigilance must be devoted to those users.

WAYS TO PREVENT INSIDER THREATS

SOURCES threat threat

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.