IAS 102 Unit 1 Security & Risk Management PDF

Summary

This document provides an overview of security and risk management, including discussions about objectives, CIA triad, security governance, and common cyberattacks like malware, ransomware, and phishing. It's an educational resource on information security.

Full Transcript

IAS 102 UNIT 1 SECURITY & RISK MANAGEMENT Objectives After the discussion the students will able to: Identify the elements of CIA Understand the Security Governance Principles Distinguish the Control Frameworks...

IAS 102 UNIT 1 SECURITY & RISK MANAGEMENT Objectives After the discussion the students will able to: Identify the elements of CIA Understand the Security Governance Principles Distinguish the Control Frameworks Analyze Control Frameworks Determine the due care vs due diligence Know the CISSP for legal & investigation Regulatory Compliance Aware about Information Security Legal Issues and security policies, standards, procedures & Guidelines Determine the security personnel, vendor, consultant and contractor security. Understand the Risk Management Concepts WHAT IS SECURITY AND RISK MANAGEMENT? Security and risk management involve identifying, assessing, and controlling risks to an organization’s capital, earnings, and critical assets. These risks can arise from various sources, including financial uncertainty, legal liabilities, strategic management errors, accidents, and natural disasters. Specifically, cyber risk management focuses on information systems, aiming to reduce the impact and likelihood of threats such as cyberattacks, employee mistakes, and natural disasters. It’s an essential part of broader enterprise risk management efforts, allowing companies to safeguard their profits, data, and reputation WHAT IS CIA TRIAD? The CIA Triad or Confidentiality, Integrity, and Availability is a guiding model in information security. A comprehensive information security strategy includes policies and security controls that minimize threats to these three crucial components. WHAT IS CIA TRIAD? Confidentiality refers to protecting information from unauthorized access. Integrity means data are trustworthy, complete, and have not been accidentally altered or modified by an unauthorized user. Availability means data are accessible when you need them. SECURITY GOVERNANCE PRINCIPLES Security governance principles play a crucial role in maintaining an organization’s cybersecurity posture. There are six key principles: Responsibility Strategy Acquisition Performance Conformance Human Behavior SECURITY GOVERNANCE PRINCIPLES Responsibility- Clearly define roles and responsibilities for security across the organization. Strategy- Align security efforts with the overall business strategy Acquisition- When acquiring new technologies or services, evaluate their security implications. Performance- Continuously monitor and assess security performance. Conformance- Ensure compliance with relevant regulations, standards, and policies. Human Behavior- Promote secure behaviors among employees. CYBERATTACK- Is an attempt by cybercriminals, hackers or other digital adversaries to access a computer network or system, usually for the purpose of altering, stealing, destroying or exposing information. Common types cyberattacks Malware- or malicious software — is any program or code that is created with the intent to do harm to a computer, network or server. Ransomware- an adversary encrypts a victim’s data and offers to provide a decryption key in exchange for a payment. Fileless Malware- Fileless malware is a type of malicious activity that uses native, legitimate tools built into a system to execute a cyber attack. Spyware- type of unwanted, malicious software that infects a computer or other device and collects information about a user’s web activity without their knowledge or consent. Adware- type of spyware that watches a user’s online activity in order to determine which ads to show them. While adware is not inherently malicious, it has an impact on the performance of a user’s device and degrades the user experience. Common types cyberattacks Trojan- malware that appears to be legitimate software disguised as native operating system programs or harmless files like free downloads. Trojans are installed through social engineering techniques such as phishing or bait websites. Worm- a self-contained program that replicates itself and spreads its copies to other computers. Rootkits- a collection of software designed to give malicious actors control of a computer network or application. Once activated, the malicious program sets up a backdoor exploit and may deliver additional malware. Keylogger- are tools that record what a person types on a device. Common types cyberattacks Denial -of-Service (DoS) attacks- is a malicious, targeted attack that floods a network with false requests in order to disrupt business operations. Phishing- type of cyberattack that uses email, SMS, phone, social media, and social engineering techniques to entice a victim to share sensitive information — such as passwords or account numbers. Spear Phishing- type of phishing attack that targets specific individuals or organizations typically through malicious emails. Whaling- is a type of social engineering attack specifically targeting senior or C-level executive employees with the purpose of stealing money or information, or gaining access to the person’s computer in order to execute further cyberattacks. Common types cyberattacks Denial -of-Service (DoS) attacks- is a malicious, targeted attack that floods a network with false requests in order to disrupt business operations. Phishing- type of cyberattack that uses email, SMS, phone, social media, and social engineering techniques to entice a victim to share sensitive information — such as passwords or account numbers. Spear Phishing- type of phishing attack that targets specific individuals or organizations typically through malicious emails. Whaling- is a type of social engineering attack specifically targeting senior or C-level executive employees with the purpose of stealing money or information, or gaining access to the person’s computer in order to execute further cyberattacks. Common types cyberattacks Smishing- is the act of sending fraudulent text messages designed to trick individuals into sharing sensitive data such as passwords, usernames and credit card numbers. Vishing- a voice phishing attack, is the fraudulent use of phone calls and voice messages pretending to be from a reputable organization to convince individuals to reveal private information such as bank details and passwords. Spoofing- is a technique through which a cybercriminal disguises themselves as a known or trusted source. Man-in-the-middle attack- is a type of cyberattack in which an attacker eavesdrops on a conversation between two targets with the goal of collecting personal data, (passwords or banking details). Social engineering- is a technique where attackers use psychological tactics to manipulate people into taking a desired action. Tailgating/piggybacking- is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises.

Use Quizgecko on...
Browser
Browser