Securing Your Computer After a Major Security Incident - PowerPoint PPT Presentation

About This Presentation
Title:

Securing Your Computer After a Major Security Incident

Description:

Securing Your Computer After a Major Security Incident – PowerPoint PPT presentation

Number of Views:6
Slides: 15
Provided by: pooja321
Category:

less

Transcript and Presenter's Notes

Title: Securing Your Computer After a Major Security Incident


1
Securing Your Computer After a Major Security
Incident
2
Introduction -
  • The business value of information has
    increased dramatically over the last few decades.
    Information systems have pervaded the business
    world in a rapid pace and have become critical
    assets in many organisations. Many organisations
    have become largely dependent on information and
    information systems to support their core
    business processes. Unfortunately, many threats
    to information and information systems exist
    today, which threaten the reliability of
    information (systems) and consequently business
    continuity.

3
Introduction -
4
Aspects of information security -
  • Reliability aspects of information security -
    Basically, information security deals with
    protecting three different reliability aspects
    of information confidentiality, integrity and
    availability, which can be remembered by the
    mnemonic CIA and are frequently referred to as
    the CIA triad PELT05. These three widely
    accepted attributes of information security are
    stated below.
  • Confidentiality - Confidentiality is the
    concealment of information or resources and is
    defined by ISO-17799 as ensuring that
    information is accessible only to those
    authorised to have access to it. So, to attain
    confidentiality, a business needs to keep secret
    information secret. This also means that only
    certain people should know about the existence of
    certain information in the first place, on a need
    to know basis.

5
Integrity - Integrity refers to the
trustworthiness of information or resources and
is defined by the ISO-17799 standard as the
action of safeguarding the accuracy and
completeness of information and processing
methods. When a user requests any type of
information from the system, the information will
be complete, correct and up to date.
Availability - ISO-17799 defines availability
as ensuring that authorised users have access to
information and associated assets when required.
Availability requires measures to ensure
timeliness and continuity of information, so that
business processes dont come to a halt.
  • Aspects of information security -

6
Security controls from threat to recovery -
7
Defining security incidents -
  • Without threats ever materialising and
    vulnerabilities ever being exploited, there would
    not be any security incident. However, this is
    clearly not the case security incidents occur
    frequently within organisations. Results from a
    survey by the ISF show that incidents erode
    companies profits, depress the value of the
    business and compromise future earnings

8
Information security incidents -
9
ISF information security incident management -
  • Recently, in April 2006, the ISF publicised a
    report containing the results of a study on
    information security incident management, which
    yielded a process for information security
    incident management. The first three stages of
    that process, namely Identification, Response and
    Recovery, consist of steps specific to minimising
    the impact of and resolving an information
    security incident. The final stage, Post-incident
    review, involves follow-up activities which
    relate to the information security incident. It
    must be noted that the stages of the information
    security incident management process, and the
    steps contained within those stages, are not
    necessarily fully sequential.

10
ISF information security incident management -
11
Cyberspace -
  • A global domain within the information
    environment consisting of the interdependent
    network of information technology
    infrastructures, including the internet,
    telecommunications networks, computer systems,
    and embedded processors and controllers.

12
Life in a Networked World -
  • Rapid development in information technology
  • Speed of microprocessor chips doubles every 12-18
    months
  • Storage density doubles every 12 months
  • Bandwidth is doubling every 12 months
  • Price keeps dropping making technology affordable
    pervasive

13
(No Transcript)
14
Thank you for watching this site
Click here to install Webroot setup
http//webroot-com-safes.com
Write a Comment
User Comments (0)
About PowerShow.com