Information security ensures the confidentiality, integrity and availability of data through technologies, protocols and administrative measures. It protects organizations from data breaches and account hijacking, which can damage reputation. Characteristics of information security include confidentiality, ensuring only authorized access; integrity, ensuring data has not been tampered with; and availability, ensuring authorized users have timely access. Security models provide frameworks for specifying and enforcing security policies through describing governed entities and stating rules. Potential risks include information theft, unauthorized disclosure, information warfare, accidental data loss, data disclosure, data modification and lack of data availability.
Information security ensures the confidentiality, integrity and availability of data through technologies, protocols and administrative measures. It protects organizations from data breaches and account hijacking, which can damage reputation. Characteristics of information security include confidentiality, ensuring only authorized access; integrity, ensuring data has not been tampered with; and availability, ensuring authorized users have timely access. Security models provide frameworks for specifying and enforcing security policies through describing governed entities and stating rules. Potential risks include information theft, unauthorized disclosure, information warfare, accidental data loss, data disclosure, data modification and lack of data availability.
Information security ensures the confidentiality, integrity and availability of data through technologies, protocols and administrative measures. It protects organizations from data breaches and account hijacking, which can damage reputation. Characteristics of information security include confidentiality, ensuring only authorized access; integrity, ensuring data has not been tampered with; and availability, ensuring authorized users have timely access. Security models provide frameworks for specifying and enforcing security policies through describing governed entities and stating rules. Potential risks include information theft, unauthorized disclosure, information warfare, accidental data loss, data disclosure, data modification and lack of data availability.
Information security ensures the confidentiality, integrity and availability of data through technologies, protocols and administrative measures. It protects organizations from data breaches and account hijacking, which can damage reputation. Characteristics of information security include confidentiality, ensuring only authorized access; integrity, ensuring data has not been tampered with; and availability, ensuring authorized users have timely access. Security models provide frameworks for specifying and enforcing security policies through describing governed entities and stating rules. Potential risks include information theft, unauthorized disclosure, information warfare, accidental data loss, data disclosure, data modification and lack of data availability.
INFORMATION SECURITY OVERVIEW INFORMATION SECURITY
Information security ensures good data management.
It involves the use of technologies, protocols, systems and administrative measures to protect the confidentiality, integrity and availability of information. Information is the most valuable asset of an organization, and any breach can destroy its reputation and continuity. Need for Information Security To check for compromised/stolen To prevent data breaches credentials and broken authentication
A data breach is the intentional or Broken authentication refers to the vulnerabilities or
unintentional release of secure or weaknesses inherent in an online platform or private/confidential information to an application that allows hackers to bypass the login untrusted environment. security and gain access to all the privileges owned by the hacked user. Need for Information Security To mitigate cyber threats from To avoid account hijacking malicious insiders
Phishing, fraud, and software An existing or former employee, a cunning business
exploitations are still very partner, a system administrator or an intruder can common.Companies relying on cloud destroy the whole information infrastructure or services are especially at risk because manipulate data for their own purpose. Therefore, it they are an easy target for is the responsibility of an organization to take cybercriminals, who can eavesdrop on effective measures to control the encryption process activities, modify data and manipulate and keys. Effective monitoring, logging, and auditing transactions. These third-party activities are extremely important to keep everything applications can be used by attackers to under control. launch other attacks as well. Characteristics of Information Security (CIA Triad) Confidentiality Ensuring that only those who are authorized have access to specific assets and that those who are unauthorized are actively prevented from obtaining access. Integrity Ensuring that data has not been tampered with and, therefore, can be trusted. It is correct, authentic, and reliable Availabilty Networks, systems, and applications are up and running. It ensures that authorized users have timely, reliable access to resources when they are needed. Security Models IS A FRAMEWORK FOR SPECIFYING AND ENFORCING SECURITY POLICIES.
It describes the entities governed by the policy
It states the rules that constitute the policy.
Types of Security Models Open Security Models
Closed Security Models
Restrictive Security Models
Open Security Models Open Security Models Closed Security Models Closed Security Models Restricted Security Models Potential Risks to Information Security The damage that a breach of, or attack on, an information technology (IT) system could cause. Information Theft What is?
Crime of obtaining the personal or
financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases. Unauthorized Disclosure What is?
To reveal information to an individual
who is not authorized to receive it. Information Warfare What is?
The manipulation of information trusted
by a target without the target's awareness so that the target will make decisions against their interest but in the interest of the one conducting information warfare. Accidental Data Loss What is?
Accidental data loss means the loss of
data or computer data due to some accidents.Generally, data or information from the computer system losts due to threats caused by the malicious intruders. Data Disclosure What is?
Voluntary sharing of any and all
information that is considered relevant to a given situation. Data Modification What is?
Occurs when a saved (or stored) value in
a computer is changed to a different value. Data Availability What is?