Introduction To Information Assurance PDF

Summary

This presentation provides an introduction to information assurance. It covers the key concepts of information assurance and cybersecurity, including protecting information systems from unauthorized access, misuse and disruption. Finally, it details the 5 pillars of information assurance.

Full Transcript

INTRODUCTION TO
INFORMATION
ASSURANCE
Information assurance

Information assurance, which focuses on
ensuring the availability, integrity,
authentication, confidentiality and
nonrepudiation of information and systems.
These measures may include auditing and
assessing risks to different systems and
incorporating protection, detection and
reaction capabilities.
Information cybersecurity

Information cybersecurity, which centers
on the protection of information and
information systems from unauthorized
access, use, disclosure, disruption,
modification or destruction. This could
include security applications and
infrastructure like firewalls, intrusion
prevention and other countermeasures.
Information assurance

Information Assurance (IA) is the
practice of managing information-
related risks and the steps involved to
protect information systems such as
computer and network systems.

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

Information Assurance (IA) is essentially protecting
information systems, and is often associated with the
following five pillars:
Integrity
Availability
Authentication
Confidentiality
Nonrepudiation

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

1. Integrity
Integrity involves assurance that all information
systems are protected and not tampered with. IA
aims to maintain integrity through anti-virus
software on all computer systems and ensuring
all staff with access know how to appropriately
use their systems to minimize malware, or
viruses entering information systems.

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

2. Availability
Availability means those who need access to
information, are allowed to access it.
Information should be available to only those
who are aware of the risks associated with
information systems.

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

3. Authentication
Authentication involves ensuring those who have access to
information are who they say they are. Ways of improving
authentication include methods such as two-factor
authentication, strong passwords, biometrics, and other
devices. Authentication may also be used to itentify not only
users, but also other devices.

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

4. Confidentiality
IA involves the confidentiality of information, meaning
only those with authorization may view certain data.
This step is closely mirrored by the six data
processing principles of the General Data Protection
Regulation (GDPR), whereby personal data must be
processed in a secure manner "using appropriate
technical and oganizational measures" ("integrity and
confidentiality").

Source: https://www.itgovernanceusa.com/information/information-assuranc
The 5 pillars of Information Assurance

5. Nonrepudiation
The final pillar means someone with access to
your organization’s information system
cannot deny having completed an action
within the system, as there should be
methods in place to prove that they did make
said action.

Source: https://www.itgovernanceusa.com/information/information-assuranc
END OF PRESENTATION