SlideShare a Scribd company logo

Threats to information security

Download as PPTX, PDF
arun alfie
arun alfie

This document discusses various threats to information security. It defines information and information security. It explains that information security involves protecting information systems from physical, personal, operational, communications, and network security threats. The main threats discussed are inadvertent acts, deliberate acts, natural disasters, technical failures, management failure, malware like viruses, worms, Trojans, and spyware, and hacking and cracking. It provides examples and definitions for each type of threat.

Technology
1 of 20
Arun Kumar MCA 4th Sem
What is information ? • Information is a complete set of data. • It can be called as processed data.
What is Information Security ? • It is protection of information systems and hardware that use, store and transit the information. • Security is the quality or state of information • Security is always multilayered : Physical Security Personal Security Operations Security Communications Security Network Security
Threats to Information Security • A threat is an object, person, or other entity that represents a constant danger to an asset. • The Management should ensure that information is given sufficient protection through policies, proper training and proper equipment. • Consistent reviews andBetter information security can be provided by recognizing and ranking the threats to the information. • Checks also help and Surveys also help in keeping information safe
Types of Threats to Information • Inadvertent Acts • Deliberate Acts • Natural Disaster (Natural Forces) • Technical Failures • Management Failure
Inadvertent Acts • These are the acts that happen by mistake. They are not deliberate • The attacker does not have any ill will or malicious intent or his attack is not proven in categories of theft. • Acts of Human error and failure, Deviation from service quality, communication error, are examples of inadvertent acts
Deliberate Acts • These acts are done by people of organizations to harm the information. • The attackers have a malicious intent and wish to steal or destroy the data. • Acts of espionage, Hacking, Cracking, come under deliberate acts.
Natural Disasters • Forces of nature are dangerous because they are unexpected and come without very little warning. • They disrupt lives of individuals but also causes damage to information that is stored within computers. • These threats can be avoided but the management must have the necessary precautions.
Technical Failures • Technical failures are classified into two types : – Technical Hardware Failure – Technical Software Failure • Technical Hardware Failure: It occurs when manufacturer distributes equipment with flaws that may be known or unknown to the manufacturer • Technical Software Failure: These can cause the system to perform in an undesirable or unexpected way. Some of these are unrecoverable while some occur periodically
Management failure • Management must always be updated about recent developments and technology. • Proper planning must be done by the management for good protection of the information. • IT professionals must help the management in protecting the information, by helping the management upgrade to the latest technology.
Malware • It is any malicious software designed to harm a computer without the user’s consent. • Eg. VIRUS, Worm, Trojan, Spyware
VIRUS (Vital Information Resource Under Siege ) • It is a computer program designed to copy itself and attach itself to other files stored on a computer. • It moves from computer to computer through by attaching itself to files or boot records of disks. • It can be sent through a network or a removable storage device.
Worm • Worm is a self replicating computer program that uses a network to send copies of itself to other computers on the network. • It replicates ad eats up the computer storage. • An example is Voyager Worm
Trojan horse • They appear to be harmless but secretly gather information about the user. • They upload hidden and malicious programs on the computer without the user’s knowledge. • It does not attempt to inject itself into other files unlike computer virus.
Spyware • It secretly monitors internet surfing habits without user’s knowledge. • They perform actions like advertising vague products and changing computer configurations. These actions are very troublesome. • They usually do not replicate themselves.
Protection against Malware • Make sure that you have updated operating system and antivirus software. Eg. McAfee • Do not use pirated software, or download files from unreliable sources. • Perform regular hard drive scans. • Use licensed software
Hacking • Hacking means finding out weaknesses in a computer or a network and exploiting them. • Hackers are usually motivated by profit, protest or challenge.
Hacker • He/She is a person who enjoys the challenge of breaking into computers without the knowledge of the user. • Their main aim might be to know the detail of a programmable system and how it works. • Hackers are experts who see new ways to use computers.
Cracker • These people crack or remove the protection mechanism of a computer system. • Their main aim is to steal or destroy information without the users consent • They are much more dangerous than hackers.
Threats to information security

Recommended

Information security threats
Information security threatsInformation security threats
Information security threats
complianceonline123
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
jayashri kolekar
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
Dhani Ahmad
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
maha797959
 
Information security
Information securityInformation security
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 

Recommended

Information security threats
Information security threatsInformation security threats
Information security threats
complianceonline123
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
jayashri kolekar
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
Dhani Ahmad
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
maha797959
 
Information security
Information securityInformation security
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Kumawat Dharmpal
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Dheeraj Kataria
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
swapneel07
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
Quick Heal Technologies Ltd.
 
Security risk management
Security risk managementSecurity risk management
Security risk management
G Prachi
 
Cyber security for an organization
Cyber security for an organizationCyber security for an organization
Cyber security for an organization
Tejas Wasule
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
John Gilligan
 
Cyber security
Cyber securityCyber security
Cyber security
Rishav Sadhu
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
divyanshigarg4
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
imtnoida112
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
Constantine Karbaliotis
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
mmubashirkhan
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber security
Brian Matteson, CISSP CISA
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
Venkatesh Iyer
 
Packages and inbuilt classes of java
Packages and inbuilt classes of javaPackages and inbuilt classes of java
Packages and inbuilt classes of java
kamal kotecha
 

More Related Content

What's hot

Threats to information security
Threats to information securityThreats to information security
Threats to information security
swapneel07
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
mmubashirkhan
 

What's hot (20)

Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Cyber security for an organization
Cyber security for an organizationCyber security for an organization
Cyber security for an organization
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
Cyber security
Cyber securityCyber security
Cyber security
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cia security model
Cia security modelCia security model
Cia security model
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber security
 

Viewers also liked

Email and web security
Email and web securityEmail and web security
Email and web security
shahhardik27
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
charlesgarrett
 

Viewers also liked (16)

Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
 
Packages and inbuilt classes of java
Packages and inbuilt classes of javaPackages and inbuilt classes of java
Packages and inbuilt classes of java
 
Email Security
Email SecurityEmail Security
Email Security
 
Microsoft Hololens
Microsoft Hololens Microsoft Hololens
Microsoft Hololens
 
Java packages
Java packagesJava packages
Java packages
 
Graphics programming in Java
Graphics programming in JavaGraphics programming in Java
Graphics programming in Java
 
pgp s mime
pgp s mimepgp s mime
pgp s mime
 
Email and web security
Email and web securityEmail and web security
Email and web security
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
 
Threats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - ShimnaThreats to Information Resources - MIS - Shimna
Threats to Information Resources - MIS - Shimna
 
Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Digital signature
Digital signatureDigital signature
Digital signature
 

Similar to Threats to information security

BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
limsh
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
bodo-con
 
Lecture 3 Security terminologies.pdf
Lecture 3 Security terminologies.pdfLecture 3 Security terminologies.pdf
Lecture 3 Security terminologies.pdf
AsmaaLafi1
 

Similar to Threats to information security (20)

BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
 
internet securityand cyber law Unit2
internet securityand cyber law Unit2internet securityand cyber law Unit2
internet securityand cyber law Unit2
 
Security.pdf
Security.pdfSecurity.pdf
Security.pdf
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Information security / Cyber Security ppt
Information security / Cyber Security pptInformation security / Cyber Security ppt
Information security / Cyber Security ppt
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
 
Lecture 3 Security terminologies.pdf
Lecture 3 Security terminologies.pdfLecture 3 Security terminologies.pdf
Lecture 3 Security terminologies.pdf
 
Network and Information security_new2.pdf
Network and Information security_new2.pdfNetwork and Information security_new2.pdf
Network and Information security_new2.pdf
 
Securing information system (Management Information System)
Securing information system (Management Information System)Securing information system (Management Information System)
Securing information system (Management Information System)
 
Ch1 cse
Ch1 cseCh1 cse
Ch1 cse
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
 

Recently uploaded

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Threats to information security

  • 2. What is information ? • Information is a complete set of data. • It can be called as processed data.
  • 3. What is Information Security ? • It is protection of information systems and hardware that use, store and transit the information. • Security is the quality or state of information • Security is always multilayered : Physical Security Personal Security Operations Security Communications Security Network Security
  • 4. Threats to Information Security • A threat is an object, person, or other entity that represents a constant danger to an asset. • The Management should ensure that information is given sufficient protection through policies, proper training and proper equipment. • Consistent reviews andBetter information security can be provided by recognizing and ranking the threats to the information. • Checks also help and Surveys also help in keeping information safe
  • 5. Types of Threats to Information • Inadvertent Acts • Deliberate Acts • Natural Disaster (Natural Forces) • Technical Failures • Management Failure
  • 6. Inadvertent Acts • These are the acts that happen by mistake. They are not deliberate • The attacker does not have any ill will or malicious intent or his attack is not proven in categories of theft. • Acts of Human error and failure, Deviation from service quality, communication error, are examples of inadvertent acts
  • 7. Deliberate Acts • These acts are done by people of organizations to harm the information. • The attackers have a malicious intent and wish to steal or destroy the data. • Acts of espionage, Hacking, Cracking, come under deliberate acts.
  • 8. Natural Disasters • Forces of nature are dangerous because they are unexpected and come without very little warning. • They disrupt lives of individuals but also causes damage to information that is stored within computers. • These threats can be avoided but the management must have the necessary precautions.
  • 9. Technical Failures • Technical failures are classified into two types : – Technical Hardware Failure – Technical Software Failure • Technical Hardware Failure: It occurs when manufacturer distributes equipment with flaws that may be known or unknown to the manufacturer • Technical Software Failure: These can cause the system to perform in an undesirable or unexpected way. Some of these are unrecoverable while some occur periodically
  • 10. Management failure • Management must always be updated about recent developments and technology. • Proper planning must be done by the management for good protection of the information. • IT professionals must help the management in protecting the information, by helping the management upgrade to the latest technology.
  • 11. Malware • It is any malicious software designed to harm a computer without the user’s consent. • Eg. VIRUS, Worm, Trojan, Spyware
  • 12. VIRUS (Vital Information Resource Under Siege ) • It is a computer program designed to copy itself and attach itself to other files stored on a computer. • It moves from computer to computer through by attaching itself to files or boot records of disks. • It can be sent through a network or a removable storage device.
  • 13. Worm • Worm is a self replicating computer program that uses a network to send copies of itself to other computers on the network. • It replicates ad eats up the computer storage. • An example is Voyager Worm
  • 14. Trojan horse • They appear to be harmless but secretly gather information about the user. • They upload hidden and malicious programs on the computer without the user’s knowledge. • It does not attempt to inject itself into other files unlike computer virus.
  • 15. Spyware • It secretly monitors internet surfing habits without user’s knowledge. • They perform actions like advertising vague products and changing computer configurations. These actions are very troublesome. • They usually do not replicate themselves.
  • 16. Protection against Malware • Make sure that you have updated operating system and antivirus software. Eg. McAfee • Do not use pirated software, or download files from unreliable sources. • Perform regular hard drive scans. • Use licensed software
  • 17. Hacking • Hacking means finding out weaknesses in a computer or a network and exploiting them. • Hackers are usually motivated by profit, protest or challenge.
  • 18. Hacker • He/She is a person who enjoys the challenge of breaking into computers without the knowledge of the user. • Their main aim might be to know the detail of a programmable system and how it works. • Hackers are experts who see new ways to use computers.
  • 19. Cracker • These people crack or remove the protection mechanism of a computer system. • Their main aim is to steal or destroy information without the users consent • They are much more dangerous than hackers.