Information Security Management - Lecture 1

Questions and Answers

What is the aim of the Information Security Management course?

To facilitate learners to develop a deeper understanding of information security management and the associated threats to that security.

What are three key principles of information security management?

Confidentiality, integrity, and availability (correct)

Authentication, authorization, and accounting

Security, privacy, and accountability

Availability, reliability, and scalability

What is the main function of the CERT Division?

Improving the security and resilience of computer systems and networks.

What is meant by "bringing your own device" (BYOD) in the context of information security?

Using personal devices, such as laptops or smartphones, for work-related activities.

What are the key elements of a simplified view of information security?

Threats, vulnerabilities, risk, mitigation, controls, and reduced risk.

Which of the following are considered threats to information systems?

All of the above

What is the difference between a virus and a worm?

A virus needs to be attached to a program or file to replicate, while a worm can spread independently over a network.

What is the main purpose of a keylogger?

To record keystrokes on a computer to steal passwords, PINs, and other sensitive information.

What is the difference between a DDoS and a DOS attack?

A DDoS attack uses multiple computers or devices infected with malware to overwhelm a target system, while a DOS attack typically originates from a single source.

What is spear-phishing, and why is it more effective than regular phishing?

Spear-phishing is a targeted form of phishing that uses personalized information to convince victims to click on malicious links or attachments.

What are "patches" in the context of software security, and why are they crucial?

Patches are small pieces of code released by software vendors to fix vulnerabilities and security flaws in existing software.

What are some of the risks associated with using personal devices for work-related activities?

Security risks associated with using personal devices for work-related activities include a greater chance of data breaches, the potential for loss or theft of sensitive information, and increased difficulty in controlling and securing these devices.

Is perfect security a realistic goal?

False

What are two common types of threats to information systems, considering the source of the threat?

External threats, such as hackers and malware, and internal threats, originating from within an organization, such as disgruntled employees or negligence.

Why are large amounts of data stored digitally a vulnerability?

Because it is more susceptible to theft, hardware failure, and power outages.

What are some important factors that should influence the level of information security controls implemented by an organisation?

Important factors include the sensitivity of the information, the potential impact of a breach, the size and nature of the organisation, and the budget allocated for security.

What is the primary role of management policy in relation to information security?

It establishes the foundation for information security planning and provides a framework for implementing security measures.

What are the various specialised areas of information security?

Specialised areas of information security include physical security, operations security, communications security, cyber (or computer) security, and network security.

Provide two examples of how hackers can perform legitimate functions.

Ethical hackers, also known as penetration testers, are often hired to test the security of systems by attempting to hack them in a controlled and ethical manner. Additionally, security researchers who work for cybersecurity firms or universities may engage in hacking to study vulnerabilities and develop mitigation strategies.

Study Notes

Information Security Management - Lecture 1

• Course aim: To facilitate learners to develop a deeper understanding of information security management and associated threats.
• Learning outcomes (LO1): Identify and evaluate information security threats, attack methodologies and mitigation strategies.
• Learning outcomes (LO2): Recommend tools and standardize processes to combat security threats and breaches.
• Learning outcomes (LO3): Develop and manage security policies and procedures.
• Learning outcomes (LO4): Critique the security of a network and services with respect to confidentiality, integrity, and availability.
• Learning outcomes (LO5): Appraise current legal issues surrounding information security management to ensure organizational compliance and best practice.
• Textbooks and sources: Include various resources like books, e-books, and online materials from organizations like Wiley, SANS and others. Specific titles and authors are listed.
• Other sources of information: Include links to external websites like CERT, ENISA and security software vendors, such as Symantec and McAfee.
• High-level module contents:
  • Security Management Concepts and Principles
  • Intrusion Detection and Prevention
  • Ethical Hacking and Penetration Testing
  • Risk Management
  • Information Security Management System
  • Compliance
• Security Management Concepts and Principles details:
  • Ethics
  • Principles of IS security management - Confidentiality, integrity, and availability
  • Information Systems (IS) security participants - Roles of IS security personnel
  • Current cryptographic schemes for data and network security - Use of and services provided by these cryptographic schemes
  • Due Care & Due Diligence
  • Disaster recovery and business continuity planning
• Overview of Information Security
• HSE Conti Cyber attack: Questions to be researched regarding vulnerabilities, mitigation strategies, and reasons for HSE's preparedness. (Specific link provided).
• UK Government Cyber Security breaches survey 2023/2024: Graphs and data demonstrating cyber security breaches across different organizations and sectors over time.
• What is at risk from security breaches?
  • Trust
  • Reputation, brand, image
  • Competitive advantage, market & investor confidence
  • Ethics and duty of care
  • Relationships with business partners
  • Customer retention & growth
  • Business continuity & resilience
  • Ability to offer and fulfil transactions
  • Others
• Global Impact: Economic cost of cybercrime, sectors most targeted by web application attacks and average cost of a data breach in the U.S. (graphs and statistics provided)
• Vulnerabilities and Threats to Information Systems: Diagram outlining vulnerabilities in different areas and threats that exploit these vulnerabilities. Types of malware discussed include viruses, worms, Trojan horses, spyware and keyloggers.
• Why Systems are Vulnerable and Potential Threats: Factors that contribute to system vulnerabilities (e.g. large amounts of digital data, network accessibility, hardware and software vulnerabilities, system disasters, use of external networks, loss of devices, telecommunication problems).
• Businesses' Reliance on Online Services: Statistical chart showing the reliance of businesses on online services.
• Accidental Threats to Information Security: Types of accidental threats including human error, natural disasters, hardware/software failures, network problems, supplier issues, obsolescence.
• Malware (malicious software): Explanation of viruses, worms, Trojan horses, spyware, and keyloggers, as well as SQL injection attacks.
• Hackers and Denial of Service Attack: Definition and description of hackers and denial-of-service attacks.
• Identity Theft and Phishing: Explanation of identity theft and phishing methods.
• An example of an attack: Description of an email attack.
• Threats from Employee & Software Vulnerability: Vulnerability issues related to employees and software.
• The Threat Posed by Personal Devices: Details on BYOD and its effects on organizational security.
• % of types of breaches or attacks as the most disruptive to organizations. Statistics and charts on different types of breaches and attacks disrupting organizations
• Information Security breaches: Component involved, displaying which components of organization systems were most involved in security breaches.
• Summary: Overview of information security, security methodology, vulnerability of information systems, overview of threats to information systems.
• Security Related Questions: List of questions for the course, such as main threats, features that make systems vulnerable, impact on business, influencing factors in security controls, costs for security, implemented controls and realistic security levels.

Description

Explore the fundamental concepts of information security management in this first lecture. Learn to identify threats, evaluate attack methodologies, and recommend strategies to mitigate risks. This course helps learners develop policies, manage security procedures, and understand legal compliance for organizations.