SlideShare ist ein Scribd-Unternehmen logo

Managing and securing the enterprise

Als PPTX, PDF herunterladen
Abha Damani
Abha Damani
BildungTechnologieBusiness
1 von 26
Managing and Securing the Enterprise
Securing the Enterprise Information resources are distributed throughout the organization and beyond as Internet and wireless technologies extend organizational boundaries. Time-to-exploitation of sophisticated spyware and worms has shrunk from months to days.
Time-to-exploitation It is the elapsed time between when a vulnerability is discovered and the time it is exploited.
Regulations Industry Self-Regulations: Payment Card Industry (PCI) Data Security Standard. • Visa • Master Card • American Express • Discover • It is required for all members, merchants, or service providers that store, process, or transmit cardholder data.
Small Business Regulations • Visa The Council USA • Equifax of Better • IBM Business • Verizon Bureaus. • eBay
Cyber-Blackmail Trojan encrypts the data on user’s computer, then the attacker offers to decrypt it for $300 or more.
Why IT Security??
Mistakes Information • Human error Security Forum • System malfunctioning discovered that • Failure to understand the effect of the mistakes adding a new piece of software to caused due to: the rest of the system Led to threats for IT
IT Security & Internal Control Model Senior Security management procedures commitment & & support enforcement Security Security policies & tools : training Hardware & software
IS Vulnerabilities & Threats Un- international Threats Computer International Crimes Threats
Un-International Threats Human errors Environmental hazards Computer system failures
International Threats Intentional threat Theft of data Inappropriate use of data Theft of computers Theft of equipments or programs
International Threats Deliberate manipulation in handling, entering, processing, transferring or programming data Strikes, riots Malicious damage to computer resources Destruction from viruses and other attacks Miscellaneous computer abuses Internet fraud
Computer Crimes Crime done on the Internet, call cybercrimes. • Hacker • White-hat hackers • Black-hat hackers • Cracker
Methods of attack on computing Data tampering Programming attacks Viruses Worms Zombies Phishing DoS Botnets
Frauds and Computer Crimes Fraud is a serious financial crime involving: Deception Confidence Trickery
Types of Frauds  Occupational Fraud  Operating management fraud  Conflict of interest  Bribery  Misappropriation  Senior management financial reporting fraud  Accounting cycle fraud
Fraud prevention and Detection Adelphia Global crossing Tyco
Other crimes Crimes by Flash MP3/MP4 Computer drives players
Computer Crimes  Identity theft: worst and most prevalent crimes.  Thefts where individuals’ social security and credit card numbers are stolen and used by thieves.  Obtaining information about other people  By stealing wallets  E-sharing and databases
Types of identity crimes  Stolen desktop  Online, by an ex-employee  Computer tapes lost in transit  Malicious users  Missing backup tapes
Internal control  Is the work atmosphere that a company sets for its employees.  It is a process designed to achieve:  Reliability of financial reporting  Operational efficiency  Compliance with laws  Regulations and policies  Safeguarding of assets
Frauds to be controlled by ICS  Fraud committed against a company  Fraud committed for a company
Symptoms  Missing documents  Delayed bank deposits  Holes in accounting records  Numerous outstanding checks or bills  Disparity between accounts payable and receivable  Employees who do not take vacations etc.
-cont..  A large drop in profits  Major increase in business with other particular customers.  Customers complaining about double billing  Repeated duplicate payments  Employees with the same address or phone numbers as a vendor
IC procedures and activities  Segregation of duties and dual custody  Independent checks  Proper system of authorization  Physical safeguard  Documents and records

Empfohlen

Beekman5 std ppt_12
Beekman5 std ppt_12Beekman5 std ppt_12
Beekman5 std ppt_12Department of Education - Philippines
 
System vulnerability and abuse
System vulnerability and abuseSystem vulnerability and abuse
System vulnerability and abusePrakash Raval
 
Session#7; securing information systems
Session#7; securing information systemsSession#7; securing information systems
Session#7; securing information systemsOmid Aminzadeh Gohari
 
8 - Securing Info Systems
8 - Securing Info Systems8 - Securing Info Systems
8 - Securing Info SystemsHemant Nagwekar
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
System Vulnerability and Abuse
System Vulnerability and AbuseSystem Vulnerability and Abuse
System Vulnerability and AbuseAlbrecht Jones
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 

Empfohlen

Beekman5 std ppt_12
Beekman5 std ppt_12Beekman5 std ppt_12
Beekman5 std ppt_12Department of Education - Philippines
 
System vulnerability and abuse
System vulnerability and abuseSystem vulnerability and abuse
System vulnerability and abusePrakash Raval
 
Session#7; securing information systems
Session#7; securing information systemsSession#7; securing information systems
Session#7; securing information systemsOmid Aminzadeh Gohari
 
8 - Securing Info Systems
8 - Securing Info Systems8 - Securing Info Systems
8 - Securing Info SystemsHemant Nagwekar
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
System Vulnerability and Abuse
System Vulnerability and AbuseSystem Vulnerability and Abuse
System Vulnerability and AbuseAlbrecht Jones
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 
security and ethical challenges
security and ethical challengessecurity and ethical challenges
security and ethical challengesVineet Dubey
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Information security threats
Information security threatsInformation security threats
Information security threatscomplianceonline123
 
Security and ethical challenges in mis
Security and ethical challenges in misSecurity and ethical challenges in mis
Security and ethical challenges in misI P Abir
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacymalik1972
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Chap13 Security and Ethical Challenges
Chap13 Security and Ethical ChallengesChap13 Security and Ethical Challenges
Chap13 Security and Ethical ChallengesAqib Syed
 
cyber_security
cyber_securitycyber_security
cyber_securityJana Baxter
 
Chapter11
Chapter11Chapter11
Chapter11Izaham
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYSahil Vashishtha
 
Computer security and
Computer security andComputer security and
Computer security andRana Usman Sattar
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsSukanya Ben
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical ChallengesRam Dutt Shukla
 
Mis security system threads
Mis security system threadsMis security system threads
Mis security system threadsLeena Reddy
 
Threats and Security Tips of Computer System
Threats and Security Tips of Computer SystemThreats and Security Tips of Computer System
Threats and Security Tips of Computer SystemFaruk_Hossen
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaChinnu Shimna
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securityAdvAbdulMueedAhmad
 
Objective performance appraisal
Objective performance appraisalObjective performance appraisal
Objective performance appraisalbushmiller440
 
What could politics learn from brands?
What could politics learn from brands?What could politics learn from brands?
What could politics learn from brands?TNS
 

Weitere ähnliche Inhalte

Was ist angesagt?

security and ethical challenges
security and ethical challengessecurity and ethical challenges
security and ethical challengesVineet Dubey
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Security and ethical challenges in mis
Security and ethical challenges in misSecurity and ethical challenges in mis
Security and ethical challenges in misI P Abir
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityswapneel07
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacymalik1972
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Chap13 Security and Ethical Challenges
Chap13 Security and Ethical ChallengesChap13 Security and Ethical Challenges
Chap13 Security and Ethical ChallengesAqib Syed
 
Chapter11
Chapter11Chapter11
Chapter11Izaham
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsSukanya Ben
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical ChallengesRam Dutt Shukla
 
Mis security system threads
Mis security system threadsMis security system threads
Mis security system threadsLeena Reddy
 
Threats and Security Tips of Computer System
Threats and Security Tips of Computer SystemThreats and Security Tips of Computer System
Threats and Security Tips of Computer SystemFaruk_Hossen
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaChinnu Shimna
 

Was ist angesagt? (20)

security and ethical challenges
security and ethical challengessecurity and ethical challenges
security and ethical challenges
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Information security threats
Information security threatsInformation security threats
Information security threats
 
Security and ethical challenges in mis
Security and ethical challenges in misSecurity and ethical challenges in mis
Security and ethical challenges in mis
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacy
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
Chap13 Security and Ethical Challenges
Chap13 Security and Ethical ChallengesChap13 Security and Ethical Challenges
Chap13 Security and Ethical Challenges
 
cyber_security
cyber_securitycyber_security
cyber_security
 
Chapter11
Chapter11Chapter11
Chapter11
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Computer security and
Computer security andComputer security and
Computer security and
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information Systems
 
Security And Ethical Challenges
Security And Ethical ChallengesSecurity And Ethical Challenges
Security And Ethical Challenges
 
Mis security system threads
Mis security system threadsMis security system threads
Mis security system threads
 
Threats and Security Tips of Computer System
Threats and Security Tips of Computer SystemThreats and Security Tips of Computer System
Threats and Security Tips of Computer System
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - Shimna
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 

Andere mochten auch

Objective performance appraisal
Objective performance appraisalObjective performance appraisal
Objective performance appraisalbushmiller440
 
What could politics learn from brands?
What could politics learn from brands?What could politics learn from brands?
What could politics learn from brands?TNS
 
The Chinese New Year ads delivering double prosperity
The Chinese New Year ads delivering double prosperityThe Chinese New Year ads delivering double prosperity
The Chinese New Year ads delivering double prosperityTNS
 
Performance reviews development plan
Performance reviews development planPerformance reviews development plan
Performance reviews development planIndia Stephens
 
A Systematic Approach Towards The Reorientation of Nigerian Values
A Systematic Approach Towards The Reorientation of Nigerian ValuesA Systematic Approach Towards The Reorientation of Nigerian Values
A Systematic Approach Towards The Reorientation of Nigerian ValuesBankole Oluwafemi
 
Perfomnce appraisal
Perfomnce appraisalPerfomnce appraisal
Perfomnce appraisalShreya Gupta
 
Performance Appraisal Objective & methods
Performance Appraisal Objective & methodsPerformance Appraisal Objective & methods
Performance Appraisal Objective & methodsPriya Verma
 
Concept of Promotion and Demotion
Concept of Promotion and DemotionConcept of Promotion and Demotion
Concept of Promotion and DemotionBusiness Management
 
Stages of career development by saba abbas
Stages of career development by saba abbasStages of career development by saba abbas
Stages of career development by saba abbasSaba Abbas
 
Career stages in HRM
Career stages in HRMCareer stages in HRM
Career stages in HRMShilpa Koul
 
The difference between centralized and decentralized education
The difference between centralized and decentralized educationThe difference between centralized and decentralized education
The difference between centralized and decentralized educationAnnieforever Oralloalways
 
Chapter 3C - CENTRALIZATION AND DECENTRALIZATION
Chapter 3C - CENTRALIZATION AND DECENTRALIZATIONChapter 3C - CENTRALIZATION AND DECENTRALIZATION
Chapter 3C - CENTRALIZATION AND DECENTRALIZATIONAizell Bernal
 
Modern methods of performance appraisal
Modern methods of performance appraisalModern methods of performance appraisal
Modern methods of performance appraisalKumar Gourav
 
Centralization and decentralization of authority
Centralization and decentralization of authorityCentralization and decentralization of authority
Centralization and decentralization of authorityvivek shah
 
HRM Induction Process
HRM Induction ProcessHRM Induction Process
HRM Induction Processharmar
 

Andere mochten auch (20)

Objective performance appraisal
Objective performance appraisalObjective performance appraisal
Objective performance appraisal
 
What could politics learn from brands?
What could politics learn from brands?What could politics learn from brands?
What could politics learn from brands?
 
The Chinese New Year ads delivering double prosperity
The Chinese New Year ads delivering double prosperityThe Chinese New Year ads delivering double prosperity
The Chinese New Year ads delivering double prosperity
 
Performance reviews development plan
Performance reviews development planPerformance reviews development plan
Performance reviews development plan
 
A Systematic Approach Towards The Reorientation of Nigerian Values
A Systematic Approach Towards The Reorientation of Nigerian ValuesA Systematic Approach Towards The Reorientation of Nigerian Values
A Systematic Approach Towards The Reorientation of Nigerian Values
 
Performance Appraisal
Performance AppraisalPerformance Appraisal
Performance Appraisal
 
Perfomnce appraisal
Perfomnce appraisalPerfomnce appraisal
Perfomnce appraisal
 
Performance Appraisal Objective & methods
Performance Appraisal Objective & methodsPerformance Appraisal Objective & methods
Performance Appraisal Objective & methods
 
Concept of Promotion and Demotion
Concept of Promotion and DemotionConcept of Promotion and Demotion
Concept of Promotion and Demotion
 
Stages of career development by saba abbas
Stages of career development by saba abbasStages of career development by saba abbas
Stages of career development by saba abbas
 
Induction
InductionInduction
Induction
 
Career stages in HRM
Career stages in HRMCareer stages in HRM
Career stages in HRM
 
The difference between centralized and decentralized education
The difference between centralized and decentralized educationThe difference between centralized and decentralized education
The difference between centralized and decentralized education
 
Chapter 3C - CENTRALIZATION AND DECENTRALIZATION
Chapter 3C - CENTRALIZATION AND DECENTRALIZATIONChapter 3C - CENTRALIZATION AND DECENTRALIZATION
Chapter 3C - CENTRALIZATION AND DECENTRALIZATION
 
Modern methods of performance appraisal
Modern methods of performance appraisalModern methods of performance appraisal
Modern methods of performance appraisal
 
Employee development
Employee developmentEmployee development
Employee development
 
Workers Participation In Management
Workers Participation In ManagementWorkers Participation In Management
Workers Participation In Management
 
Understanding Employee Attrition
Understanding Employee AttritionUnderstanding Employee Attrition
Understanding Employee Attrition
 
Centralization and decentralization of authority
Centralization and decentralization of authorityCentralization and decentralization of authority
Centralization and decentralization of authority
 
HRM Induction Process
HRM Induction ProcessHRM Induction Process
HRM Induction Process
 

Ähnlich wie Managing and securing the enterprise

Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Vicky Shah
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYChaya Sorir
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy controlSifat Hossain
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Mohammad Ahmed
 
2.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-112.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-11mrmwood
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt finalSanishShrestha2
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Managing System Security
Managing System SecurityManaging System Security
Managing System SecurityPIREH
 
Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapanTapan Khilar
 
MISO L007 managing system security
MISO L007 managing system securityMISO L007 managing system security
MISO L007 managing system securityJan Wong
 

Ähnlich wie Managing and securing the enterprise (20)

9 ethics in it space
9 ethics in it space9 ethics in it space
9 ethics in it space
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
CS 1.ppt
CS 1.pptCS 1.ppt
CS 1.ppt
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
ppt pdf ajay.pdf
ppt pdf ajay.pdfppt pdf ajay.pdf
ppt pdf ajay.pdf
 
Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
2.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-112.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-11
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt final
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 
Managing System Security
Managing System SecurityManaging System Security
Managing System Security
 
Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapan
 
MISO L007 managing system security
MISO L007 managing system securityMISO L007 managing system security
MISO L007 managing system security
 

Mehr von Abha Damani

Unit 1 introduction to visual basic programming
Unit 1 introduction to visual basic programmingUnit 1 introduction to visual basic programming
Unit 1 introduction to visual basic programmingAbha Damani
 
1 org.perf it supp_appl
1 org.perf it supp_appl1 org.perf it supp_appl
1 org.perf it supp_applAbha Damani
 

Mehr von Abha Damani (20)

Unit2
Unit2Unit2
Unit2
 
Unit6
Unit6Unit6
Unit6
 
Unit5
Unit5Unit5
Unit5
 
Unit4
Unit4Unit4
Unit4
 
Unit3
Unit3Unit3
Unit3
 
Unit 1 introduction to visual basic programming
Unit 1 introduction to visual basic programmingUnit 1 introduction to visual basic programming
Unit 1 introduction to visual basic programming
 
Ch14
Ch14Ch14
Ch14
 
Ch12
Ch12Ch12
Ch12
 
Ch11
Ch11Ch11
Ch11
 
Ch10
Ch10Ch10
Ch10
 
Ch08
Ch08Ch08
Ch08
 
Ch01 enterprise
Ch01 enterpriseCh01 enterprise
Ch01 enterprise
 
3 data mgmt
3 data mgmt3 data mgmt
3 data mgmt
 
2 it supp_sys
2 it supp_sys2 it supp_sys
2 it supp_sys
 
1 org.perf it supp_appl
1 org.perf it supp_appl1 org.perf it supp_appl
1 org.perf it supp_appl
 
Ch6
Ch6Ch6
Ch6
 
Unit2
Unit2Unit2
Unit2
 
Unit 3
Unit 3Unit 3
Unit 3
 
Unit 4
Unit 4Unit 4
Unit 4
 
Unit 5
Unit 5Unit 5
Unit 5
 

Kürzlich hochgeladen

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 

Kürzlich hochgeladen (20)

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 

Managing and securing the enterprise

  • 1. Managing and Securing the Enterprise
  • 2. Securing the Enterprise Information resources are distributed throughout the organization and beyond as Internet and wireless technologies extend organizational boundaries. Time-to-exploitation of sophisticated spyware and worms has shrunk from months to days.
  • 3. Time-to-exploitation It is the elapsed time between when a vulnerability is discovered and the time it is exploited.
  • 4. Regulations Industry Self-Regulations: Payment Card Industry (PCI) Data Security Standard. • Visa • Master Card • American Express • Discover • It is required for all members, merchants, or service providers that store, process, or transmit cardholder data.
  • 5. Small Business Regulations • Visa The Council USA • Equifax of Better • IBM Business • Verizon Bureaus. • eBay
  • 6. Cyber-Blackmail Trojan encrypts the data on user’s computer, then the attacker offers to decrypt it for $300 or more.
  • 8. Mistakes Information • Human error Security Forum • System malfunctioning discovered that • Failure to understand the effect of the mistakes adding a new piece of software to caused due to: the rest of the system Led to threats for IT
  • 9. IT Security & Internal Control Model Senior Security management procedures commitment & & support enforcement Security Security policies & tools : training Hardware & software
  • 10. IS Vulnerabilities & Threats Un- international Threats Computer International Crimes Threats
  • 11. Un-International Threats Human errors Environmental hazards Computer system failures
  • 12. International Threats Intentional threat Theft of data Inappropriate use of data Theft of computers Theft of equipments or programs
  • 13. International Threats Deliberate manipulation in handling, entering, processing, transferring or programming data Strikes, riots Malicious damage to computer resources Destruction from viruses and other attacks Miscellaneous computer abuses Internet fraud
  • 14. Computer Crimes Crime done on the Internet, call cybercrimes. • Hacker • White-hat hackers • Black-hat hackers • Cracker
  • 15. Methods of attack on computing Data tampering Programming attacks Viruses Worms Zombies Phishing DoS Botnets
  • 16. Frauds and Computer Crimes Fraud is a serious financial crime involving: Deception Confidence Trickery
  • 17. Types of Frauds  Occupational Fraud  Operating management fraud  Conflict of interest  Bribery  Misappropriation  Senior management financial reporting fraud  Accounting cycle fraud
  • 18. Fraud prevention and Detection Adelphia Global crossing Tyco
  • 19. Other crimes Crimes by Flash MP3/MP4 Computer drives players
  • 20. Computer Crimes  Identity theft: worst and most prevalent crimes.  Thefts where individuals’ social security and credit card numbers are stolen and used by thieves.  Obtaining information about other people  By stealing wallets  E-sharing and databases
  • 21. Types of identity crimes  Stolen desktop  Online, by an ex-employee  Computer tapes lost in transit  Malicious users  Missing backup tapes
  • 22. Internal control  Is the work atmosphere that a company sets for its employees.  It is a process designed to achieve:  Reliability of financial reporting  Operational efficiency  Compliance with laws  Regulations and policies  Safeguarding of assets
  • 23. Frauds to be controlled by ICS  Fraud committed against a company  Fraud committed for a company
  • 24. Symptoms  Missing documents  Delayed bank deposits  Holes in accounting records  Numerous outstanding checks or bills  Disparity between accounts payable and receivable  Employees who do not take vacations etc.
  • 25. -cont..  A large drop in profits  Major increase in business with other particular customers.  Customers complaining about double billing  Repeated duplicate payments  Employees with the same address or phone numbers as a vendor
  • 26. IC procedures and activities  Segregation of duties and dual custody  Independent checks  Proper system of authorization  Physical safeguard  Documents and records