Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

Published byBeryl Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate."— Presentation transcript:

1 CHAPTER 4 Information Security

2 CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate Threats to Information Security 4.4 What Organizations Are Doing to Protect Information Resources 4.5 Information Security Controls

3 LEARNING OBJECTIVES Identify the five factors that contribute to the increasing vulnerability of information resources, and provide a specific example of each one. Compare and contrast human mistakes and social engineering, and provide a specific example of each one. Discuss the nine types of deliberate attacks. Define the three risk mitigation strategies, and provide an example of each one in the context of you owning a home. Identify the three major types of controls that organizations can use to protect their information resources, and provide an example of each one.

4 4.1 Introduction to Information Security

5 Key Information Security Terms Information Security Threat Exposure Vulnerability

6 Five Factors Increasing the Vulnerability of Information Resources Today’s interconnected, interdependent, wirelessly- networked business environment Smaller, faster, cheaper computers and storage devices Decreasing skills necessary to be a hacker

7 Five Factors Increasing the Vulnerability of Information Resources continued Organized crime taking over cybercrime Lack of management support

8 4.2 Unintentional Threats to Information Security

9 Categories of Unintentional Threats Human Errors Social Engineering

10 Human Errors Carelessness with laptops and portable computing devices Opening questionable e-mails Careless Internet surfing Poor password selection and use

11 Social Engineering Tailgating Shoulder Surfing

12 4.3 Deliberate Threats to Information Security

13 Deliberate Threats Espionage or trespass Information extortion Sabotage or vandalism Theft of equipment or information

14 Deliberate Threats (continued) Identity Theft Compromised to Intellectual Property Software Attacks SCADA Attacks Cyberterrorism and Cyberwarfare

15 Virus Worm Trojan Horse Logic Bomb Phishing attacks Distributed denial-of-service attacks Software Attacks

16 4.4 What Organizations Are Doing to Protect Information Resources

17 Risk Management Risk Risk management Risk analysis Risk mitigation

18 Risk Mitigation Strategies Risk Acceptance Risk limitation Risk transference

19 4.5 Information Security Controls

20 Information Security Controls Physical controls Access controls Communications (network) controls

21 Access Controls Authentication Authorization

22 Communication or Network Controls Firewalls Anti-malware systems Whitelisting and Blacklisting Encryption

23 Communication or Network Controls (continued) Virtual private networking Secure Socket Layer Employee monitoring systems

24 Business Continuity Planning, Backup, and Recovery Hot Site Warm Site Cold Site

25 Information Systems Auditing Types of Auditors and Audits –Internal –External

26 IS Auditing Procedure Auditing around the computer Auditing through the computer Auditing with the computer

27 Closing Case The Problem The Solution The Results

Download ppt "CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate."

Similar presentations

4 Information Security.

4 Information Security.
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
CHAPTER 3 Ethics, Privacy and Information Security.

CHAPTER 3 Ethics, Privacy and Information Security.
CHAPTER 4 Information Security

CHAPTER 4 Information Security
Lecture 10 Security and Control.

Lecture 10 Security and Control.
CHAPTER 4 Information Security. Announcements Project 2 – due today before midnight Tuesday Class Quiz 1 – Access Basics Questions/Comments.

CHAPTER 4 Information Security. Announcements Project 2 – due today before midnight Tuesday Class Quiz 1 – Access Basics Questions/Comments.
CHAPTER 4 Information Security. Announcements Friday Class Quiz 1 Review Monday Class Quiz 1 – Access Basics Questions/Comments.

CHAPTER 4 Information Security. Announcements Friday Class Quiz 1 Review Monday Class Quiz 1 – Access Basics Questions/Comments.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
E-Commerce Security and Fraud Issues and Protections

E-Commerce Security and Fraud Issues and Protections
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google