Information Assurance and Security (2024) PDF
Document Details
Uploaded by Deleted User
University of Cabuyao
2024
Kier Panollera
Tags
Summary
This document provides an overview of information assurance and security, highlighting key concepts such as information sensitivity, compliance, risk reduction, and business operations. It also details various challenges and threats, including cyber threats and data breaches, in a lecture format.
Full Transcript
Information Assurance and Security Prof. Kier Panollera Business Necessity for IAS 1. Information Sensitivity sensitivity refers to the degree of confidentiality, importance, or potential harm associated with specific pieces of data. It indicates how critical it is to pro...
Information Assurance and Security Prof. Kier Panollera Business Necessity for IAS 1. Information Sensitivity sensitivity refers to the degree of confidentiality, importance, or potential harm associated with specific pieces of data. It indicates how critical it is to protect and control access to certain information to prevent unauthorized disclosure, misuse, or loss. 2. Compliance with Regulations Is a critical aspect of ensuring information assurance and security. Many industries and sectors are subject to specific laws, regulations, and standards that mandate how sensitive information should be handled, protected, and secured. Non-compliance can lead to legal penalties, reputational damage, and loss of trust 3. Risk Reduction Is a fundamental concept in the realm of information assurance and security. It involves taking proactive measures to minimize the potential negative impacts of threats and vulnerabilities on an organization's information assets. 4. Enhancement of Business Operations Operations is a crucial outcome of effective information assurance and security practices. When organizations prioritize information security, it positively impacts their overall operations, productivity, and competitiveness. 5. Gaining Competitive Advantage Businesses that implement strong IAS can gain a competitive advantage by protecting their information assets and demonstrating their commitment to security. 6. Protecting Against Cyber Threats Protection against cyber threats is a central objective of information assurance and security. In today's digital landscape, businesses and individuals face a wide range of cyber threats that can compromise sensitive information, disrupt operations, and lead to financial and reputational damage. 7. Preservation of Privacy Preserving privacy is not only a legal requirement in many jurisdictions but also an ethical responsibility. Organizations that prioritize privacy protection build trust with customers and demonstrate their commitment to responsible data handling practices. 8. Mitigation of Data Breaches Mitigating data breaches is a critical aspect of information assurance and security. Data breaches can lead to significant financial losses, reputational damage, legal liabilities, and loss of customer trust 9. Safeguarding Intellectual Property (IP) Safeguarding IP is a critical aspect of information assurance and security, particularly for organizations that rely on innovation, research, and proprietary knowledge for their competitive advantage 10. Ensuring Business Continuity Ensuring business continuity is a crucial goal of information assurance and security. 11. Legal Compliance Many industries are subject to regulations regarding data protection and privacy. Compliance with these regulations is not only necessary to avoid penalties but also to protect customers' rights. 12. Trust and Reputation Demonstrating strong information security practices builds trust and enhances an organization's reputation. Trust and reputation are invaluable assets that organizations can build and maintain through effective information assurance and security practices. 13. Global Connectivity Global connectivity refers to the interconnectedness of people, organizations, devices, and systems across the world through various communication networks and technologies. It enables the seamless exchange of information, data, and resources on a global scale. 14. Cloud Computing and Remote Work Cloud Computing - refers to the delivery of computing services, such as storage, processing power, and applications, over the internet. Remote Work - also known as telecommuting or teleworking, involves employees working outside the traditional office environment, often enabled by cloud technologies. 15. Preventing Financial Loses Preventing financial losses is a primary goal of information assurance and security for organizations. Effective security measures can help mitigate risks associated with cyber threats, data breaches, and other security incidents that can lead to significant financial damage. 16. Protecting National Security Governments and critical infrastructure rely on secure information systems to ensure national security and public safety Protecting national security requires a comprehensive approach that involves government agencies, law enforcement, intelligence organizations, military forces, and private sector partners. 17. Education and Awareness Education and awareness are foundational pillars of information assurance and security. By educating people about best practices, potential risks, and the importance of security measures, we can collectively enhance the overall cybersecurity posture. Identifying Risks and Threats Risks Threats Mitigation Natural disasters Earthquakes, floods, hurricanes, tornadoes, and other Implement physical security, natural disasters can damage information systems and disaster recovery and business infrastructure. continuity plans. Human error Human error is the most common cause of security Implement security awareness breaches. This can include mistakes made by employees, training for employees and naïve contractors, or customers. end users. Malicious Malicious attacks are intentional attempts to gain Implement security controls, such attacks unauthorized access to information systems or to disrupt as firewalls, intrusion detection operations. These attacks can be carried out by hackers, systems, and antivirus software. cybercriminals, or nation-state actors. Technical Technical vulnerabilities are weaknesses in software, Keep software up to date with the vulnerabilities hardware, or firmware that can be exploited by attackers. latest security patches. Business risks Business risks are threats that can impact the confidentiality, Implement data protection policies, integrity, or availability of information. These risks can be security controls and risk-reduction caused by a variety of factors, such as financial losses, plan to mitigate the risks. regulatory compliance issues, or reputational damage. National risks National risks impact national interests as well as Enact and implement laws and governmental hierarchy. policies, and cyber security measures governing national information and other related assets. Physical Security Vulnerabilities. Physical security vulnerabilities are weaknesses in the physical security of an organization that can be exploited by attackers to gain unauthorized access to sensitive information or systems Insider Threats. Insider threats are security risks that arise from malicious or unintentional actions by individuals who have authorized access to an organization's systems and data. Insider threats can be costly and disruptive, and they can damage an organization's resources. Malware The short term for malicious software, is any software that is designed to harm a computer system. Malware can be installed on a computer through a variety of means, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source. Phishing and Social Engineering Social engineering is a more general term that refers to any attempt to trick someone into giving up their personal information or taking an action that they would not normally do. Phishing is a type of social engineering attack that involves sending emails or text messages that appear to be from a legitimate source, such as a bank or credit card company Data Breaches A data breach is an incident in which sensitive, confidential, or protected data is exposed to an unauthorized individual or entity. Unauthorized access to sensitive data, either through cyberattacks or human error, can result in data leaks and financial losses. Advance Persistent Threats APTs are a type of cyber-attack that is characterized by its sophistication, stealth, and duration. APTs are typically launched by nation-state actors or well- funded criminal organizations, and they often target high-value targets, such as government agencies, financial institutions, and critical infrastructure organizations. Denial of Service (DoS) Attacks A denial-of-service (DoS) attack is an attempt to make a computer system or network unavailable to its intended users. Unpatched Software Unpatched software is software that has not been updated with the latest security patches Weak Authentication Weak authentication is a type of authentication that is easy for attackers to bypass. Weak authentication methods often rely on easily guessed passwords or other easily compromised factors, such as security questions Mobile Device Vulnerabilities These are weaknesses in the design or implementation of mobile devices that can be exploited by attackers to gain unauthorized access to the device or its data. IoT Vulnerabilities. IoT vulnerabilities are weaknesses in the design or implementation of IoT devices that can be exploited by attackers to gain unauthorized access to the device or its data. Supply Chain Risks Supply chain risks are the potential for disruptions in the flow of goods and services from suppliers to manufacturers to distributors to consumers. Vulnerabilities in third-party software, hardware, or services can affect an organization's security posture. Social Media Risks Social media risks are the potential for harm that can come from using social media platforms. Lack of Employee Training Lack of employee training is the absence of or inadequate training given to employees to perform their job duties effectively. Rogue Software Rogue software is a type of malware that misleads users into believing that their computer is infected with a virus or other security threat. Data Loss Data loss is when data is deleted, corrupted, or otherwise rendered inaccessible. Accidental or intentional deletion of data, hardware failures, or inadequate backup practices can result in data loss. Emerging Threats New and evolving threats, such as zero-day vulnerabilities, require continuous monitoring and adaptation of security measures. A zero-day vulnerability is a software vulnerability that is unknown to the software vendor and for which no patch or other mitigation is available. Legal and Regulatory Non- Compliance Legal and regulatory non-compliance occurs when an organization fails to comply with the laws and regulations that govern its activities. Challenges Faced by Software Developers and Admins Challenges Faced by Software Developers 1. Understanding the business 2. Staying up-to-date on the latest technologies 3. Meeting Compliance Requirements 4. Managing Risks Challenges Faced by Admins 1. Complexity 2. Security 3. Scalability 4. Compliance 5. Costs