Lecture 11: Information Security Management Nga.lethiquynh@ueh.edu.vn http://mis.ueh.edu.vn/blog/ Study questions Q1: What are the threats to information security? Q2: What is senior management’s security role? Q3 What technical safeguards are available? Q4 What data safeguards are available? Q5 What human safeguards are available? Q6 How should organizations respond to security Incidents? Q1: What are the threats to information security? Threats to information security  Sources of Threats?  human error and mistakes:  accidental problems caused by both employees and nonemployees  poorly written application programs and poorly designed procedures  physical accidents  malicious human activity  employees and former employees who intentionally destroy data  Hackers  natural  events and disasters fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and other acts of nature Threats to information security  Types of Security Problems? Source: Textbook [1], page 409 Threats to information security  Unauthorized Data Disclosure Pretexting: when someone deceives by pretending to be someone else  Phishing: uses pretexting via email  Spoofing: another term for someone pretending to be someone else  IP spoofing: occurs when an intruder uses another site’s IP address as if it were that other site  Email spoofing: a synonym for phishing  Sniffing: intercepting computer communications  Drive-by sniffers: take computers with wireless connections through an area and search for unprotected wireless networks Threats to information security  Incorrect Data Modification  Procedures incorrectly designed or not followed  Increasing a customer’s discount or incorrectly modifying employee’s salary  Placing incorrect data on company the Web site  Improper internal controls on systems  System errors  Faulty recovery actions after a disaster Threats to information security Faulty Service • Incorrect data modification errors • Usurpation • Systems • Denial • Procedural • Denial-of-service working incorrectly mistakes • Programming errors • IT installation of service (unintentional) attacks (intentional) Threats to information security - Loss of Infrastructure • Human accidents • Theft and terrorist events • Disgruntled or terminated employee • Natural disasters • Advanced Persistent Threat (APT)  Sophisticated, possibly long-running computer hack perpetrated by large, wellfunded organizations What Are the Components of an Organization’s Security Program?  components  senior-management  establish involvement the security policy  manage risk by balancing the costs and benefits of the security program  Safeguards: protections against security threats  organization’s incidents planned response to security 10 Digital Signatures 18 Source: Textbook [1], page 423 Malware Protection      A virus is a computer program that replicates itself Trojan horses are viruses that masquerade as useful programs or files A worm is a virus that propagates using the Internet or other computer network Spyware programs are installed on the user’s computer without the user’s knowledge or permission Adware: similar to spyware  watch user activity and produce pop-up ads  19 Malware Protection Antivirus and antispyware programs Scan frequently Update malware definitions Open email attachments only from known sources Install software updates Browse only reputable Internet neighborhoods 20 21 Q4 What data safeguards are available? Data safeguards Source: Textbook [1], page 427 22 23 Q5 What human safeguards are available? 24 Human safeguards Source: Textbook [1], page 429 Account Administration  Account ➢ Management Standards for new user accounts, modification of account permissions, and removal of accounts that are not needed  Password ➢ Management Users should change passwords frequently Help Desk Policies 25 Sample Account Acknowledgment Form Source: Textbook [1], page 431 26 Systems Procedures Source: Textbook [1], page 432 27 28 Q6 How should organizations respond to security Incidents? How should organizations respond to security Incidents? Source: Textbook [1], page 435 29 Summary Q1: What are the threats to information security? Q2: What is senior management’s security role? Q3 What technical safeguards are available? Q4 What data safeguards are available? Q5 What human safeguards are available? Q6 How should organizations respond to security Incidents? 30 Additional Resources  2017-Ransomeware ‘WannaCry’ attack explained  2017-Impact of WannaCry 31