Lesson Information security management

Lesson Information security management present the content: threats to information security; senior management’s security role; data safeguards are available; should organizations respond to security incidents.

Lecture 11: Information Security

Management

Nga.lethiquynh@ueh.edu.vn

Q4  What data safeguards are available?

Q5 What human safeguards are available?

Q6 How should organizations respond to

Q1: What are the threats

to information security?

Threats to information security

► Sources of Threats?

► human error and mistakes:

► accidental problems caused by both employees and nonemployees

► poorly written application programs and poorly designed procedures

► physical accidents

► malicious human activity

► employees and former employees who intentionally destroy data

► Hackers

► natural events and disasters

► fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and

Threats to information security

Source: Textbook [1], page 409

► Unauthorized Data Disclosure

► Pretexting: when someone deceives by pretending to be

someone else

► Phishing: uses pretexting via email

► Spoofing: another term for someone pretending to be

someone else

► IP spoofing: occurs when an intruder uses another site’s IP address as if

it were that other site

► Email spoofing: a synonym for phishing

► Sniffing: intercepting computer communications

► Drive-by sniffers: take computers with wireless connections through an area and search for unprotected wireless networks

Threats to information security

► Incorrect Data Modification

► Procedures incorrectly designed or not followed

► Increasing a customer’s discount or incorrectly modifying employee’s salary

► Placing incorrect data on company the Web site

► Improper internal controls on systems

► System errors

► Faulty recovery actions after a disaster

Threats to information security

Threats to information security -

Faulty Service

•Incorrect data modification

•Systems working incorrectly

•Procedural mistakes

•Programming errors

•IT installation errors

•Usurpation

•Denial of service (unintentional)

•Denial-of-service attacks (intentional)

Threats to information security - Loss of

Infrastructure

• Human accidents.

• Theft and terrorist events.

• Disgruntled or terminated employee.

• Natural disasters.

• Advanced Persistent Threat (APT)

► Sophisticated, possibly long-running

computer hack perpetrated by large,

well-funded organizations

What Are the Components of an

Organization’s Security Program?

► 3 components

► senior-management involvement

► establish the security policy

► manage risk by balancing the costs and benefits

of the security program

► Safeguards: protections against security

threats

► organization’s planned response to security

incidents

Security Safeguards

Source: Textbook [1], page 411

Q2: What is senior

management’s security role?

Senior management’s security role

► establish the security policy

► What sensitive data the organization will store.

► How it will process that data.

► Whether data will be shared with other

organizations.

► How employees and others can obtain copies of

data stored about them.

► How employees and others can request changes to

inaccurate data.

► What employees can do with their own mobile

devices at work

► …

► Manage Risk

► Risk is the likelihood of an adverse occurrence

► Risk Assessment:

occur, and what the consequences are if they do occur

► Risk-Management Decisions : decide what to do

Risk Assessment Factors Source: textbook [1], page 415

Senior management’s security role

Q3  What technical

safeguards are available?

Technical safeguards

Source: Textbook [1], page 418

Essence of https (SSL or TLS)

Source: Textbook [1], page 422

Digital Signatures

Source: Textbook [1], page 423

Malware Protection

► A virus is a computer program that

replicates itself

► Trojan horses are viruses that masquerade

as useful programs or files

► A worm is a virus that propagates using

the Internet or other computer network

► Spyware programs are installed on the

user’s computer without the user’s

Malware Protection

1. Antivirus and antispyware programs.

2. Scan frequently.

3. Update malware definitions.

4. Open email attachments only from

known sources.

5. Install software updates.

6. Browse only reputable Internet

neighborhoods.

Q4  What data safeguards

are available?

Data safeguards

Source: Textbook [1], page 427

Q5 What human

safeguards are available?

Human safeguards

Account Administration

► Account Management

Standards for new user accounts, modification of account permissions, and removal of accounts that are not needed

Sample Account Acknowledgment

Form

Source: Textbook [1], page 431

Systems Procedures

Source: Textbook [1], page 432

Q6 How should organizations

respond to security Incidents?

How should organizations respond to

security Incidents?

Source: Textbook [1], page 435

Q4  What data safeguards are available?

Q5 What human safeguards are available?

Q6 How should organizations respond to

Additional Resources

► 2017-Ransomeware ‘WannaCry’ attack

explained

► 2017-Impact of WannaCry