Information Security Overview

Study Notes

The requirements for information security within an organization have significantly changed in recent decades.
Before the widespread use of computers, physical and administrative security measures were the primary methods of protecting valuable information.
The computer's introduction led to a need for automated tools to protect files and data stored on the computer, especially with shared systems like time-sharing ones and systems accessible through public networks like the internet.
Distributed systems and the use of networks to transmit data between users and computers further complicated security requirements.
Network security measures are crucial to protect data during transmission.
The term "internet security" is used to encompass security measures across interconnected networks.
There are no clear boundaries between network security and internet security, as threats can manifest in both.

Examples of security violations include unauthorized access to confidential files, manipulation of authorization files, unauthorized message construction and transmission, and the delay or interception of messages for fraudulent purposes.

Computer security is the protection of automated information systems to maintain data integrity, confidentiality, and availability.
Confidentiality safeguards sensitive or private information from unauthorized access.
Privacy focuses on individuals controlling information related to themselves.
Data integrity ensures changes to data are authorized and controlled.
System integrity protects the system's intended function from unauthorized manipulation.
Availability ensures timely and reliable access to information for authorized users.

The CIA triad encompasses the fundamental security objectives for data and information services.
Confidentiality protects information from unauthorized disclosure.
Integrity guards against unauthorized modification or destruction of information.
Availability ensures timely and reliable access to information.

Authenticity verifies the genuineness and trustworthiness of information sources and users.
Accountability ensures actions can be traced to a specific entity, supporting nonrepudiation, intrusion detection, and forensic analysis.

Low impact indicates a limited adverse effect on organizational operations, assets, or individuals.
Moderate impact denotes a serious effect on organizational operations, assets, or individuals.
High impact signifies a severe or catastrophic adverse effect on organizational operations, assets, or individuals.

Security measures can be complex and require sophisticated understanding.
Security mechanisms need to be designed considering potential attacks and unexpected weaknesses.
Security procedures are often counterintuitive and require thorough threat assessment.
Implementing security mechanisms needs careful consideration of physical and logical placement.
Security mechanisms rely on secret information, raising questions about its creation, distribution, and protection.
The attacker only needs to find one weakness, while the defender must eliminate all weaknesses for complete security.
Users often undervalue security investments until a breach occurs.
Security requires continuous monitoring, which can be difficult in a fast-paced environment.
Security is often an afterthought, integrated after system design rather than as an integral part.
Strong security can be perceived as an obstacle to efficient and user-friendly operation.