Information Security – Basics

Resource: Fundamentals of Information Security Systems: David Kim and Michael Solomom

What is Information Security? 

A collection of activities to protect IT systems and the data it.

 

Definitions:

  • Internet: Over 2 billion users worldwide, connected via the world wide web.
  • Cybersecurity: Role of a government to ensure national security.
  • Data / Information Security: Role of an organisation or individual to protect their data / assets.

 

Risks, Threats and Vulnerabilities:

  • Risk: Likelihood of something bad occurring & affecting a system or asset (Examples: Loosing data, Non-Compliance with laws, Loosing business).
  • Threat: Any action which could damage an asset, both synthetic and natural (Ie malicious exploits, flood damage, etc) Organisations should have a business continuity plan (BCP) and disaster recovery plan (DRP) in place in the event of a threat taking hold.
  • Vulnerabilities: A weakness in a system, allowing a threat to be realised. Often vulnerabilities result in legal action, hence software developers covering themselves with end-user agreements (EULA’s).

 

What is being protected?

  • Privacy Data of Individuals, (i.e. DoB, Address, Banking Details, Social Security, Utilities)
  • Corporate Intellectual Property (Trade secrets, product development, copyright/patents, reputation)
  • Online Transactions
  • Government (Security, Trade, Military Strategy)

 

What forms a ‘Network’?

  • Cabling
  • Physical Networks
  • Operating Systems
  • Specific Applications
  • Users / Staff
Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *