Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Crime and Information Technology Security

Published byLora Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Crime and Information Technology Security"— Presentation transcript:

1 Computer Crime and Information Technology Security
Chapter 15 Computer Crime and Information Technology Security McGraw-Hill/Irwin Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.

2 Outline Objectives Carter’s taxonomy
Risks and threats to information systems Computer criminals Prevention and detection techniques COBIT framework 15-2

3 Objectives When you finish this chapter, you should be able to:
Explain Carter’s taxonomy of computer crime Identify and describe business risks and threats to information systems Name and describe common types of computer criminals Discuss ways to prevent and detect computer crime Explain COBIT’s information criteria and accountability framework Explain how COBIT can be used to strengthen internal controls against computer crime 15-3

4 Carter’s taxonomy Target: targets the system or its data
Instrumentality: computer furthers a criminal end Incidental: computer is not required for the crime but is related to the criminal act Associated: new versions of traditional crimes 15-4

5 Risks and threats to information systems
Fraud Any illegal act for which knowledge of computer technology is used to commit the offense Service interruptions and delays Delay in processing information Intrusions Bypassing security controls or exploiting a lack of adequate controls Information manipulation Can occur at virtually any stage of information processing from input to output 15-5

6 Risks and threats to information systems
Denial of service attacks Prevent computer systems and networks from functioning in accordance with their intended purpose Error Can vary widely Disclosure of confidential information Can have major impacts on an organization's financial health Information theft Targets the organization's most precious asset: information 15-6

7 Risks and threats to information systems
Malicious software Virus, Trojan horse, worms, logic bombs Web site defacements Digital graffiti where intruders modify pages Extortion Threat to either reveal information to the public or to launch a prolonged denial of service if demands are not met 15-7

8 Computer criminals Script kiddies Hacker Cyber-criminals
Young inexperienced hacker who uses tools and scripts written by others for the purpose of attacking systems Hacker Someone who invades an information system for malicious purposes Cyber-criminals Hackers driven by financial gain Organized crime Spamming, phishing, extortion and all other profitable branches of computer crime Corporate spies Computer intrusion techniques to gather information 15-8

9 Computer criminals Terrorists Insiders
Target the underlying computers and networks of a nation’s critical infrastructure Insiders May be the largest threat to a company’s information systems and underlying computer infrastructure 15-9

10 Prevention and detection techniques
CIA triad Confidentiality Data integrity Availability Internal controls Physical: locks, security guards, badges, alarms Technical: firewalls, intrusion detection, access controls, cryptography Administrative: security policy, training, reviews 15-10

11 COBIT framework Control Objectives for Information and Related Technology Published by Information Systems Audit and Control Association ( Three points of view Business objectives IT resources IT processes 15-11

12 COBIT framework Four domains of knowledge Seven information criteria
Plan and organize Acquire and implement Deliver and support Monitor and evaluate Seven information criteria Effectiveness Efficiency Confidentiality Integrity Availability Compliance Reliability of information 15-12

13 Accountability framework (Figure 15.3)
COBIT framework Accountability framework (Figure 15.3) 15-13

14 15-14

Download ppt "Computer Crime and Information Technology Security"

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Introducing Computer and Network Security

Introducing Computer and Network Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter.

Similar presentations

Ads by Google