Professional Documents
Culture Documents
(3) the Need for Security
(3) the Need for Security
Overview
This chapter examines the business drivers behind the information security
analysis design process.
It examines current organizational and technological security needs, and
emphasizes and builds on the concepts presented in the previous chapter.
This chapter also examines the various threats facing organizations and present
methods for ranking these threats that organizations can use when they begin
their security planning process.
Learning Objectives
There are four (4) important functions of an organization that the information security
performs:
1. Protecting the organization’s ability to function
Shared responsibility between general management and IT management.
Address information security in terms of Business impact, Cost of business interruption
2. Enabling the safe operation of applications running on the organization’s IT systems
Operation requires integrated, efficient, and capable applications
A modern organization needs to create an environment that protect critical applications such as, Operating
system platforms, Electronic mail, Instant messaging
These can be acquired by outsourcing to a service provider or can be developed internally.
Protection of the infrastructure must be overseen by management.
Business Needs First
There are four (4) important functions of an organization that the information security
performs:
3. Protecting the data the organization collects and uses
Data provides : Record of transactions (e.g. banking), Ability to deliver value to customers, Enable
creation and movement of goods and services
4. Safeguarding the organization’s technology asset
Organizations must have secure infrastructure services based on the size and scope of the enterprise.
Threats to Information Security
Information Security threats can be many like Software
attacks, theft of intellectual property, identity theft, theft
of equipment or information, sabotage, and information
extortion.
Vulnerability: Weaknesses or gaps in a security
program that can be exploited by threats to gain
unauthorized access to an asset.
Threat: can be anything that can take advantage of a
vulnerability to breach security and negatively alter,
erase, harm object or objects of interest.
Anything that can exploit a vulnerability, intentionally or
accidentally, and obtain, damage, or destroy an asset.
Threats to Information Security
Threat: Any circumstance or event with the
potential to adversely impact organizational
operations (including mission, functions,
image, or reputation), organizational assets,
or individuals through an information system
via unauthorized access, destruction,
disclosure, modification of information,
and/or denial of service. Also, the potential
for a threat-source to successfully exploit a
particular information system vulnerability.
Threats to Information Security
Attack: An intentional or unintentional act
that can cause damage to or otherwise
compromise information and/or the systems
that support it.
Attacks can be active or passive, intentional or
unintentional, and direct or indirect. A direct
attack is a hacker using a personal computer to
break into a system. An indirect attack is a
hacker compromising a system and using it to
attack other systems
14 Categories of Threat
Removable Media
Flash drive or memory stick, external hard drives, CDs and
DVDs can contain malware if they have been connected to an
infected computer.
How the malware infect our computer
Spam emails
Malware authors often use tricks to try to convince you to download
malicious files. This can be an email with a file attached that tells you it
is a receipt for a delivery, a tax refund, or an invoice for a ticket.
Sometimes a malicious email will be easy to spot—it could have bad
spelling and grammar, or come from an email address you've never seen
before.
How the malware infect our computer
Install Anti-virus
software
How to prevent your device from malware?
Regularly update
software
How to prevent your device from malware?
Don’t click on
suspicious links or
download any
attachments from
unknown sources
How to prevent your device from malware?
Back up data
regularly
Case Exercises
The next day at SLS found everyone in technical support busy restoring computer systems
to their former state and installing new virus and worm control software. Amy found herself
learning how to install desktop computer operating systems and applications as SLS made a
heroic effort to recover from the attack of the previous day.
Questions:
1. Do you think this event was caused by an insider or outsider? Why do you think of this?
2. Other than installing virus and worm control software, what can SLS do to prepare for
the next incident?
3. Do you think this attack was the result of a virus or a worm? Why do you think of this?
• Reference
• https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html
• https://www.kaspersky.com/resource-center/threats/spyware
• https://www.malwarebytes.com/backdoor/
• https://us.norton.com/internetsecurity-malware-malware-101-how-do-i-get-mal
ware-simple-attacks.html
• https://www.metacompliance.com/blog/what-is-malware-and-how-to-prevent-a
gainst-it/