SlideShare a Scribd company logo

SECURING INFORMATION SYSTEM 1.pptx

Download as PPTX, PDF
C
CabdullhiY

jjjjjjjjjjjjjjjjjjjjjjj

Education
1 of 36
SECURING INFORMATION SYSTEM
WHAT IS INFORMATION SYSTEM ?  An Information system is a combination of hardware and software and telecommunication networks that people build to collect, create and distribute useful data, typically in an organization. It defines the flow of information within the system. The objective of an information system is to provide appropriate information to the user, to gather the data, process the data and communicate information to the user of the system.
COMPONENTS OF INFORMATION SYTEM
They are five components  1. Computer Hardware: Physical equipment used for input, output and processing. The hardware structure depends upon the type and size of the organization. It consists of an input and an output device, operating system, processor, and media devices. This also includes computer peripheral devices.  2. Computer Software: The programs/ application program used to control and coordinate the hardware components. It is used for analysing and processing of the data. These programs include a set of instruction used for processing information.
CONTINUE….  3. Databases: Data are the raw facts and figures that are unorganized that are later processed to generate information. Softwares are used for organizing and serving data to the user, managing physical storage of media and virtual resources. As the hardware can’t work without software the same as software needs data for processing. Data are managed using Database management system. Database software is used for efficient access for required data, and to manage knowledge bases.
Continue….  4. Network: • Networks resources refer to the telecommunication networks like the intranet, extranet and the internet. • These resources facilitate the flow of information in the organization. • Networks consists of both the physicals devices such as networks cards, routers, hubs and cables and software such as operating systems, web servers, data servers and application servers. • Telecommunications networks consist of computers, communications processors, and other devices interconnected by communications media and controlled by software. • Networks include communication media, and Network Support.
Continue…  5. Human Resources: It is associated with the manpower required to run and manage the system. People are the end user of the information system, end- user use information produced for their own purpose, the main purpose of the information system is to benefit the end user. The end user can be accountants, engineers, salespersons, customers, clerks, or managers etc. People are also responsible to develop and operate information systems. They include systems analysts, computer operators, programmers, and other clerical IS personnel, and managerial techniques.
Some common characteristics of information systems include following:  Data stored in electronic form  Processing of all types of inputs including visual, audio, and video  Capable of handling high volumes of data with minimal effort
Securing information systems  Information systems security, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.  Protection from harm, including :  Theft of information  Alteration of information.
Theft of information  Information theft or data theft is the act of stealing digital information stored on computers, servers, or electronic devices to obtain confidential information or compromise privacy.  The data stolen can be anything from bank account information, online passwords, passport numbers, driver's license numbers, social security numbers, medical records, online subscriptions, and so on.
CONTINUE..  Once an unauthorized person has access to personal or financial information, they can delete, alter, or prevent access to it without the owner’s permission.  If data thieves steal enough information, they can use it to gain access to secure accounts, set up credit cards using the victim’s name, or otherwise use the victim’s identity to benefit themselves.
How does data theft happen  Data theft or digital theft occurs through a variety of means. Some of the most common include:  Weak passwords: Using a password that is easy to guess, or using the same password for multiple accounts, can allow attackers to gain access to data. Poor password habits – such as writing passwords down on a piece of paper or sharing them with others – can also lead to data theft.
CONTINUE..  Database or server problems  If a company storing your information is attacked because of a database or server problem, the attacker could access customers' personal information.  Compromised downloads  An individual might download programs or data from compromised websites infected by viruses like worms or malware. This gives criminals unauthorized access to their devices, allowing them to steal data.
CONTINUE..  System vulnerabilities:  Poorly written software applications or network systems that are poorly designed or implemented create vulnerabilities that hackers can exploit and use to steal data. Antivirus software that is out of date can also create vulnerabilities.
CONTINUE..  Use secure passwords  Passwords can be easily cracked by hackers, particularly if you don't use a strong password. A strong password is at least 12 characters or longer and comprises a mix of upper- and lower-case letters plus symbols and numbers. The shorter and less complex your password is, the easier it is for cybercriminals to crack.
CONTINUE..  You should avoid choosing something obvious – such as sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or a pet’s name.
CONTINUE..  Avoid using the same password for multiple accounts If you use the same password for multiple accounts, if a hacker cracks your password on one website, they also have access to many more. Remember to change your passwords regularly – every six months or so.
CONTINUE..  Avoid writing down your passwords  Writing a password down anywhere leaves it susceptible to being found by hackers, whether it’s on a piece of paper, in an Excel spreadsheet, or in the Notes app on your phone. If you have too many passwords to remember, consider using a password manager to help you keep track.
Hacking  is the act of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals.
CONTINUE..  Hacking refers to the misuse of devices like computers, Smartphone's, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
Types of Hackers  Black Hat Hackers  Black hat hackers are the "bad guys" of the hacking scene.  They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign.
CONTINUE..  These individuals’ actions can inflict serious damage on both computer users and the organizations they work for.  They can steal sensitive personal information, compromise computer and financial systems, and alter or take down the functionality of websites and critical networks.
CONTINUE..  White Hat Hackers  White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their technical skills to break into systems to assess and test the level of network security, also known as ethical hacking
CONTINUE..  This helps expose vulnerabilities in systems before black hat hackers can detect and exploit them.  Grey Hat Hackers  Grey hat hackers sit somewhere between the good and the bad guys.
CONTINUE..  Unlike black hat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially.  Their actions are typically carried out for the common good. For example, they may exploit a vulnerability to raise awareness that it exists, but unlike white hat hackers, they do so publicly. This alerts malicious actors to the existence of the vulnerability.
Cyber attack  A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
Most Common Cyber attacks  Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
malware can do the following  Blocks access to key components of the network (ransom ware)  Installs malware or additional harmful software  Covertly obtains information by transmitting data from the hard drive (spyware)  Disrupts certain components and renders the system inoperable
Phishing  is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
Denial-of-service attack  A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of- service (DDoS) attack.
SQL injection  A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box. Learn how to defend against SQL injection attacks.
Zero-day exploit  A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
Principles of Information System Security What are the three information sytem security principles?  Confidentiality, integrity, and availability are the three core concepts of information security. More than one of these principles must be implemented in every aspect of the information security program. The CIA Triad is their collective name.
CONTINUE..  Confidentiality Confidentiality safeguards are in place to avoid unauthorized information dissemination. The confidentiality principle's goal is to keep personal information confidential and only make it public and available to those who possess it or need it to accomplish their organizational tasks.
CONTINUE…  Integrity Protection against unwanted data modifications (additions, deletions, revisions, and so on) is included in consistency. The integrity principle assures that data is correct and dependable, and that it is not tampered with in any way, whether mistakenly or deliberately.
CONTINUE…  Availability  The capacity of a system to create software systems and data completely accessible when a customer requires it is known as availability. The goal of availability is to develop technological infrastructure, applications, and data accessible when they're required for a business process or by a company's customers.

Recommended

Computer security
Computer securityComputer security
Computer securityEktaVaswani2
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docxTanushreeChakraborty27
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfsrtwgwfwwgw
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness courseAbdul Manaf Vellakodath
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 

Recommended

Computer security
Computer securityComputer security
Computer securityEktaVaswani2
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docxTanushreeChakraborty27
 
Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfsrtwgwfwwgw
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness courseAbdul Manaf Vellakodath
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdfAnupmaMunshi
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfssusera0b94b
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment systemGc university faisalabad
 
Internet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptxInternet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptxMoizAhmed398372
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdfManassahIjudigal
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityAdeel Younas
 
Ethical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptxEthical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptxNargis Parveen
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxArti Parab Academics
 
Types of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsTypes of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptxMuhammadRehan856177
 
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptxLEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptxAnnMarieTAquinoII
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptxMuhammadRehan856177
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0Adebisi Tolulope
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfjainutkarsh078
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 

More Related Content

Similar to SECURING INFORMATION SYSTEM 1.pptx

Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdfAnupmaMunshi
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfssusera0b94b
 
Internet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptxInternet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptxMoizAhmed398372
 
Ethical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptxEthical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptxNargis Parveen
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptxLEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptxAnnMarieTAquinoII
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfjainutkarsh078
 

Similar to SECURING INFORMATION SYSTEM 1.pptx (20)

Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
SAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdfSAMPLE ATTACKS PRESENTATION.pdf
SAMPLE ATTACKS PRESENTATION.pdf
 
Online security and payment system
Online security and payment systemOnline security and payment system
Online security and payment system
 
Internet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptxInternet fraud and Common modes of security threats .pptx
Internet fraud and Common modes of security threats .pptx
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptxEthical hacking Chapter 1 - Overview.pptx
Ethical hacking Chapter 1 - Overview.pptx
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptx
 
Types of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsTypes of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security Threats
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptxLEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
LEGAL AND ETHICAL USE OF TECHNOLOGY.pptx
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdfonlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
onlinesecurityandpaymentsystem-140116021418-phpapp01.pdf
 

Recently uploaded

ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseAnaAcapella
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 

Recently uploaded (20)

ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 

SECURING INFORMATION SYSTEM 1.pptx

  • 2. WHAT IS INFORMATION SYSTEM ?  An Information system is a combination of hardware and software and telecommunication networks that people build to collect, create and distribute useful data, typically in an organization. It defines the flow of information within the system. The objective of an information system is to provide appropriate information to the user, to gather the data, process the data and communicate information to the user of the system.
  • 4. They are five components  1. Computer Hardware: Physical equipment used for input, output and processing. The hardware structure depends upon the type and size of the organization. It consists of an input and an output device, operating system, processor, and media devices. This also includes computer peripheral devices.  2. Computer Software: The programs/ application program used to control and coordinate the hardware components. It is used for analysing and processing of the data. These programs include a set of instruction used for processing information.
  • 5. CONTINUE….  3. Databases: Data are the raw facts and figures that are unorganized that are later processed to generate information. Softwares are used for organizing and serving data to the user, managing physical storage of media and virtual resources. As the hardware can’t work without software the same as software needs data for processing. Data are managed using Database management system. Database software is used for efficient access for required data, and to manage knowledge bases.
  • 6. Continue….  4. Network: • Networks resources refer to the telecommunication networks like the intranet, extranet and the internet. • These resources facilitate the flow of information in the organization. • Networks consists of both the physicals devices such as networks cards, routers, hubs and cables and software such as operating systems, web servers, data servers and application servers. • Telecommunications networks consist of computers, communications processors, and other devices interconnected by communications media and controlled by software. • Networks include communication media, and Network Support.
  • 7. Continue…  5. Human Resources: It is associated with the manpower required to run and manage the system. People are the end user of the information system, end- user use information produced for their own purpose, the main purpose of the information system is to benefit the end user. The end user can be accountants, engineers, salespersons, customers, clerks, or managers etc. People are also responsible to develop and operate information systems. They include systems analysts, computer operators, programmers, and other clerical IS personnel, and managerial techniques.
  • 8. Some common characteristics of information systems include following:  Data stored in electronic form  Processing of all types of inputs including visual, audio, and video  Capable of handling high volumes of data with minimal effort
  • 9. Securing information systems  Information systems security, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.  Protection from harm, including :  Theft of information  Alteration of information.
  • 10. Theft of information  Information theft or data theft is the act of stealing digital information stored on computers, servers, or electronic devices to obtain confidential information or compromise privacy.  The data stolen can be anything from bank account information, online passwords, passport numbers, driver's license numbers, social security numbers, medical records, online subscriptions, and so on.
  • 11. CONTINUE..  Once an unauthorized person has access to personal or financial information, they can delete, alter, or prevent access to it without the owner’s permission.  If data thieves steal enough information, they can use it to gain access to secure accounts, set up credit cards using the victim’s name, or otherwise use the victim’s identity to benefit themselves.
  • 12. How does data theft happen  Data theft or digital theft occurs through a variety of means. Some of the most common include:  Weak passwords: Using a password that is easy to guess, or using the same password for multiple accounts, can allow attackers to gain access to data. Poor password habits – such as writing passwords down on a piece of paper or sharing them with others – can also lead to data theft.
  • 13. CONTINUE..  Database or server problems  If a company storing your information is attacked because of a database or server problem, the attacker could access customers' personal information.  Compromised downloads  An individual might download programs or data from compromised websites infected by viruses like worms or malware. This gives criminals unauthorized access to their devices, allowing them to steal data.
  • 14. CONTINUE..  System vulnerabilities:  Poorly written software applications or network systems that are poorly designed or implemented create vulnerabilities that hackers can exploit and use to steal data. Antivirus software that is out of date can also create vulnerabilities.
  • 15. CONTINUE..  Use secure passwords  Passwords can be easily cracked by hackers, particularly if you don't use a strong password. A strong password is at least 12 characters or longer and comprises a mix of upper- and lower-case letters plus symbols and numbers. The shorter and less complex your password is, the easier it is for cybercriminals to crack.
  • 16. CONTINUE..  You should avoid choosing something obvious – such as sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or a pet’s name.
  • 17. CONTINUE..  Avoid using the same password for multiple accounts If you use the same password for multiple accounts, if a hacker cracks your password on one website, they also have access to many more. Remember to change your passwords regularly – every six months or so.
  • 18. CONTINUE..  Avoid writing down your passwords  Writing a password down anywhere leaves it susceptible to being found by hackers, whether it’s on a piece of paper, in an Excel spreadsheet, or in the Notes app on your phone. If you have too many passwords to remember, consider using a password manager to help you keep track.
  • 19. Hacking  is the act of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals.
  • 20. CONTINUE..  Hacking refers to the misuse of devices like computers, Smartphone's, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
  • 21. Types of Hackers  Black Hat Hackers  Black hat hackers are the "bad guys" of the hacking scene.  They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign.
  • 22. CONTINUE..  These individuals’ actions can inflict serious damage on both computer users and the organizations they work for.  They can steal sensitive personal information, compromise computer and financial systems, and alter or take down the functionality of websites and critical networks.
  • 23. CONTINUE..  White Hat Hackers  White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their technical skills to break into systems to assess and test the level of network security, also known as ethical hacking
  • 24. CONTINUE..  This helps expose vulnerabilities in systems before black hat hackers can detect and exploit them.  Grey Hat Hackers  Grey hat hackers sit somewhere between the good and the bad guys.
  • 25. CONTINUE..  Unlike black hat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially.  Their actions are typically carried out for the common good. For example, they may exploit a vulnerability to raise awareness that it exists, but unlike white hat hackers, they do so publicly. This alerts malicious actors to the existence of the vulnerability.
  • 26. Cyber attack  A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
  • 27. Most Common Cyber attacks  Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
  • 28. malware can do the following  Blocks access to key components of the network (ransom ware)  Installs malware or additional harmful software  Covertly obtains information by transmitting data from the hard drive (spyware)  Disrupts certain components and renders the system inoperable
  • 29. Phishing  is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
  • 30. Denial-of-service attack  A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of- service (DDoS) attack.
  • 31. SQL injection  A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box. Learn how to defend against SQL injection attacks.
  • 32. Zero-day exploit  A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
  • 33. Principles of Information System Security What are the three information sytem security principles?  Confidentiality, integrity, and availability are the three core concepts of information security. More than one of these principles must be implemented in every aspect of the information security program. The CIA Triad is their collective name.
  • 34. CONTINUE..  Confidentiality Confidentiality safeguards are in place to avoid unauthorized information dissemination. The confidentiality principle's goal is to keep personal information confidential and only make it public and available to those who possess it or need it to accomplish their organizational tasks.
  • 35. CONTINUE…  Integrity Protection against unwanted data modifications (additions, deletions, revisions, and so on) is included in consistency. The integrity principle assures that data is correct and dependable, and that it is not tampered with in any way, whether mistakenly or deliberately.
  • 36. CONTINUE…  Availability  The capacity of a system to create software systems and data completely accessible when a customer requires it is known as availability. The goal of availability is to develop technological infrastructure, applications, and data accessible when they're required for a business process or by a company's customers.