Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Published byProsper Lewis Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties."— Presentation transcript:

1 Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties in defending against these attacks 1

2 Today’s Security Attacks Typical monthly security newsletter –Malicious programs –E-mail attachments –‘‘Booby-trapped’’ Web pages are growing at an increasing rate –Mac computers can be the victim of attackers 2

3 Today’s Security Attacks (cont’d.) Security statistics –Millions of credit and debit card numbers stolen –Number of security breaches continues to rise 3

4 Difficulties in Defending Against Attacks Speed of attacks Greater sophistication of attacks Simplicity of attack tools Quicker vulnerabilities detected Delays in patching products Distributed attacks User confusion 4

5 Who Are the Attackers? Divided into several categories –Hackers –Script kiddies –Spies –Employees –Cybercriminals –Cyberterrorists 5

6 Hackers Debated definition of hacker –Identify anyone who illegally breaks into or attempts to break into a computer system –Person who uses advanced computer skills to attack computers only to expose security flaws ‘‘White Hats’ 6

7 Script Kiddies Unskilled users Use automated hacking software Do not understand the technology behind what they are doing Often indiscriminately target a wide range of computers 7

8 Spies Person who has been hired to break into a computer and steal information Do not randomly search for unsecured computers Hired to attack a specific computer or system Goal –Break into computer or system –Take the information without drawing any attention to their actions 8

9 Employees Reasons for attacks by employees –Show company weakness in security –Retaliation –Money –Blackmail –Carelessness 9

10 Cybercriminals Loose-knit network of attackers, identity thieves, and financial fraudsters Motivated by money Financial cybercrime categories –Stolen financial data –Spam email to sell counterfeits, etc. 10

11 Cyberterrorists Motivated by ideology 11

12 Attacks and Defences Same basic steps are used in most attacks Protecting computers against these steps –Calls for five fundamental security principles 12

13 Steps of an Attack Probe for information Penetrate any defences Modify security settings Circulate to other systems Paralyse networks and devices 13

14 Defences Against Attacks Layering –If one layer is penetrated, several more layers must still be breached –Each layer is often more difficult or complicated than the previous –Useful in resisting a variety of attacks Limiting –Limiting access to information reduces the threat against it –Technology-based and procedural methods 14

15 Defences Against Attacks (cont’d.) Diversity –Important that security layers are diverse –Breaching one security layer does not compromise the whole system Obscurity –Avoiding clear patterns of behavior make attacks from the outside much more difficult Simplicity –Complex security systems can be hard to understand, troubleshoot, and feel secure about 15

16 Building a Comprehensive Security Strategy Block attacks –Strong security perimeter Part of the computer network to which a personal computer is attached –Local security important too Update defences –Continually update defenses to protect information against new types of attacks 16

17 Building a Comprehensive Security Strategy (cont’d.) Minimise losses –Realise that some attacks will get through security perimeters and local defenses –Make backup copies of important data –Business recovery policy Send secure information –‘‘Scramble’’ data so that unauthorized eyes cannot read it –Establish a secure electronic link between the sender and receiver 17

18 Summary Attacks against information security have grown exponentially in recent years Difficult to defend against today’s attacks Information security definition –That which protects the integrity, confidentiality, and availability of information Main goals of information security –Prevent data theft, thwart identity theft, avoid the legal consequences of not securing information, maintain productivity, and foil cyberterrorism 18

19 Summary (cont’d.) Several types of people are typically behind computer attacks Five general steps that make up an attack Practical, comprehensive security strategy involves four key elements 19

Download ppt "Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties."

Similar presentations

Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.

Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 1 Introduction to Security

Chapter 1 Introduction to Security
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Computer Hacking Cybercrime (1).

Computer Hacking Cybercrime (1).
Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.

Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.

Similar presentations

Ads by Google