Professional Documents
Culture Documents
Information Security
Information Security
Information Security
INFORMATION
SECURITY??
IN F O R M AT I O N SE C U RI T Y
Information security, sometimes shortened to
InfoSec, is the practice of defending information
from unauthorized access, use, disclosure,
disruption, modification, perusal, inspection,
recording or destruction. It is a general term that
can be used regardless of the form the data may take
(e.g. electronic, physical).
WHAT IS
INFORMATION
The quality or state of being secure to be free from
danger.
Security is achieved using several strategies
Security is achieved using several strategies
simultaneously or used in combination with one
another
Security is recognized as essential to protect vital
processes and the systems that provide those
processes
INFORMATION CAN BE
Created
Stored
Destroy
Process
Transmitted
Corrupt
Loss
T HR E AT ID E N T IF IC AT IO N
Elements of threats
Agent : The catalyst that performs the threat.
Human
Machine
Nature
Elements of threats
Results : The outcome of the applied threat. The
results normally lead to the loss of CIA
Confidentiality
Integrity
Availability
THREATS
Employees
External Parties
Low awareness of security issues
Growth in networking and distributed computing
Growth in complexity and effectiveness of hacking
tools and viruses
Natural Disasters eg. fire, flood, earthquake
HOW TO OVERCOME?
At the organizational level Commitment
At the legal level Compliance
At the operating level - Risk management
At the commercial level - Credibility and
confidence
At the financial level - Reduced costs
At the human level - Improved employee awareness
Ensure your Desktops are having latest antivirus updates
Always switch off your computer before leaving for the day