Scribd Logo
Upload

Welcome to Scribd!

  • 75 views

    Information Security

    Uploaded by

    Nadirah Jasmi
    Information security involves protecting information from unauthorized access, use, disclosure, disruption or destruction, regardless of the form the data takes. It is achieved through strategies like access controls, encryption, monitoring, and user authentication to ensure the confidentiality, integrity and availability of information. Threats to information security can come from employees, external parties, lack of security awareness or increasing hacking tools, and compromising security can lead to reputation, financial and data losses as well as legal issues. Risk management, compliance, employee awareness and credibility are important ways to overcome security threats.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Information Security

    Uploaded by

    Nadirah Jasmi
    75 views10 pages
    Information security involves protecting information from unauthorized access, use, disclosure, disruption or destruction, regardless of the form the data takes. It is achieved through strategies like access controls, encryption, monitoring, and user authentication to ensure the confidentiality, integrity and availability of information. Threats to information security can come from employees, external parties, lack of security awareness or increasing hacking tools, and compromising security can lead to reputation, financial and data losses as well as legal issues. Risk management, compliance, employee awareness and credibility are important ways to overcome security threats.

    Original Description:

    Original Title

    information security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Information security involves protecting information from unauthorized access, use, disclosure, disruption or destruction, regardless of the form the data takes. It is achieved through strategies like access controls, encryption, monitoring, and user authentication to ensure the confidentiality, integrity and availability of information. Threats to information security can come from employees, external parties, lack of security awareness or increasing hacking tools, and compromising security can lead to reputation, financial and data losses as well as legal issues. Risk management, compliance, employee awareness and credibility are important ways to overcome security threats.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    75 views10 pages

    Information Security

    Uploaded by

    Nadirah Jasmi
    Information security involves protecting information from unauthorized access, use, disclosure, disruption or destruction, regardless of the form the data takes. It is achieved through strategies like access controls, encryption, monitoring, and user authentication to ensure the confidentiality, integrity and availability of information. Threats to information security can come from employees, external parties, lack of security awareness or increasing hacking tools, and compromising security can lead to reputation, financial and data losses as well as legal issues. Risk management, compliance, employee awareness and credibility are important ways to overcome security threats.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 10

    WHAT IS

    INFORMATION
    SECURITY??

    IN F O R M AT I O N SE C U RI T Y
    Information security, sometimes shortened to
    InfoSec, is the practice of defending information
    from unauthorized access, use, disclosure,
    disruption, modification, perusal, inspection,
    recording or destruction. It is a general term that
    can be used regardless of the form the data may take
    (e.g. electronic, physical).

    WHAT IS
    INFORMATION
    The quality or state of being secure to be free from
    danger.
    Security is achieved using several strategies
    Security is achieved using several strategies
    simultaneously or used in combination with one
    another
    Security is recognized as essential to protect vital
    processes and the systems that provide those
    processes

    INFORMATION CAN BE

    Created
    Stored
    Destroy
    Process
    Transmitted
    Corrupt
    Loss

    SECURITY BREACHES LEADS TO


    Reputation loss
    Financial loss
    Intellectual property loss
    Legislative Breaches leading to legal actions
    (Cyber Law)
    Loss of customer confidence
    Business interruption costs

    T HR E AT ID E N T IF IC AT IO N
    Elements of threats
    Agent : The catalyst that performs the threat.
    Human
    Machine
    Nature

    Elements of threats
    Results : The outcome of the applied threat. The
    results normally lead to the loss of CIA
    Confidentiality
    Integrity
    Availability

    THREATS
    Employees
    External Parties
    Low awareness of security issues
    Growth in networking and distributed computing
    Growth in complexity and effectiveness of hacking
    tools and viruses
    Natural Disasters eg. fire, flood, earthquake

    HOW TO OVERCOME?
    At the organizational level Commitment
    At the legal level Compliance
    At the operating level - Risk management
    At the commercial level - Credibility and
    confidence
    At the financial level - Reduced costs
    At the human level - Improved employee awareness


    Ensure your Desktops are having latest antivirus updates

    Ensure your system is locked when you are away

    Always store laptops/ media in a lockable place

    Be alert while working on laptops during travel

    Ensure sensitive business information is under lock and key


    when unattended

    Ensure back-up of sensitive and critical information assets

    Verify credentials, if the message is received from unknown


    sender

    Always switch off your computer before leaving for the day

    Keep your self updated on information security aspects

    You might also like