11 information security management
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (1.22 MB, 32 trang )
Lecture 11: Information Security
Management
/>
Study questions
Q1: What are the threats to information
security?
Q2: What is senior management’s security
role?
Q3 What technical safeguards are
available?
Q4 What data safeguards are available?
Q5 What human safeguards are available?
Q6 How should organizations respond to
security Incidents?
2
3
Q1: What are the threats
to information security?
Threats to information security
Sources of Threats?
human error and mistakes:
accidental problems caused by both employees and nonemployees
poorly written application programs and poorly designed
procedures
physical accidents
malicious
human activity
employees and former employees who intentionally destroy data
Hackers
natural
events and disasters
fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and
other acts of nature
4
Threats to information security
Types
5
of Security Problems?
Source: Textbook [1],
page 409
Threats to information security
6
Unauthorized Data Disclosure
Pretexting: when someone deceives by pretending to be
someone else
Phishing: uses pretexting via email.
Spoofing: another term for someone pretending to be someone
else
IP spoofing: occurs when an intruder uses another site’s IP address as
if it were that other site
Email spoofing: a synonym for phishing.
Sniffing:
intercepting computer communications
Drive-by
sniffers: take computers with wireless
connections through an area and search for unprotected
wireless networks.
Threats to information security
Incorrect Data Modification
Procedures incorrectly designed or not followed.
Increasing a customer’s discount or incorrectly
modifying employee’s salary.
Placing incorrect data on company the Web site.
Improper internal controls on systems.
System errors.
Faulty recovery actions after a disaster.
7
Threats to information security Faulty Service
• Incorrect
data
modification
errors
• Usurpation
• Systems
• Denial
• Procedural
• Denial-of-service
working
incorrectly
mistakes
• Programming
errors
• IT
installation
of service
(unintentional)
attacks (intentional)
8
Threats to information security - Loss of
Infrastructure
•
Human accidents.
•
Theft and terrorist events.
•
Disgruntled or terminated employee.
•
Natural disasters.
•
Advanced Persistent Threat (APT)
Sophisticated,
possibly long-running
computer hack perpetrated by large, wellfunded organizations.
9
What Are the Components of an
Organization’s Security Program?
3 components
senior-management
establish
involvement
the security policy
manage
risk by balancing the costs and benefits
of the security program
Safeguards:
protections against security
threats
organization’s
incidents.
planned response to security
10
Security Safeguards
Source: Textbook [1], page 411
11
12
Q2: What is senior
management’s security role?
Senior management’s security role
establish the security policy
What sensitive data the organization will store.
How it will process that data.
Whether data will be shared with other
organizations.
How employees and others can obtain copies of data
stored about them.
How employees and others can request changes to
inaccurate data.
What employees can do with their own mobile
devices at work
…
13
Senior management’s security role
Manage Risk
Risk is the likelihood of an adverse occurrence.
Risk Assessment:
assess what the threats are, how likely they are to
occur, and what the consequences are if they do occur
determine what safeguards
Risk Assessment Factors
Source: textbook [1], page 415
Risk-Management Decisions : decide what to do
14
15
Q3 What technical
safeguards are available?
Technical safeguards
Source: Textbook [1], page 418
16
Essence of https (SSL or TLS)
Source: Textbook [1], page 422
17
Digital Signatures
18
Source: Textbook [1], page 423
Malware Protection
A virus is a computer program that
replicates itself.
Trojan horses are viruses that masquerade
as useful programs or files.
A worm is a virus that propagates using
the Internet or other computer network.
Spyware programs are installed on the
user’s computer without the user’s
knowledge or permission.
Adware:
similar to spyware
watch user activity and produce pop-up ads
19
Malware Protection
1.
Antivirus and antispyware programs.
2.
Scan frequently.
3.
Update malware definitions.
4.
Open email attachments only from
known sources.
5.
Install software updates.
6.
Browse only reputable Internet
neighborhoods.
20
21
Q4 What data safeguards
are available?
Data safeguards
Source: Textbook [1], page 427
22
23
Q5 What human
safeguards are available?
24
Human safeguards
Source: Textbook [1], page 429
Account Administration
Account
➢
Management
Standards for new user accounts,
modification of account permissions, and
removal of accounts that are not needed.
Password
➢
Management
Users should change passwords
frequently.
Help
Desk Policies
25
