2. System vulnerability and abuse
Security
Policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical
damage to information systems
Security refers to the policies, procedures, and technical measures used to prevent unauthorized access, alteration,
theft, or physical damage to information systems.
Controls
Methods, policies, and organizational procedures that ensure safety of organization’ s assets; accuracy and reliability
of its accounting records; and operational loyalty to management standards
Controls are methods, policies, and organizational procedures that ensure the safety of the organization’s assets, the
accuracy and reliability of its records, and operational adherence to management standards.
3. Vulnerability
Vulnerability is a weakness which allows an attacker to reduce a system’s information assurance.
Vulnerability is the intersection of three elements:
◦ A system susceptibility or flaw
◦ Attacker access to the flaw
◦ Attacker capability to exploit the flaw
4. Why systems are vulnerable
– Accessibility of networks
– Hardware problems (breakdowns, configuration errors, damage from improper use or crime)
– Software problems (programming errors, installation errors, unauthorized changes)
– Disasters
– Use of networks/computers outside of firm’s control
– Loss and theft of portable devices
6. Computer crime
It is any crime that involves a computer and a network
Computer may have been used in the commission of a crime, or it may be the target
8. Cyber Security And Ethics
Cyber security is the protection of computer systems from theft of or damage to their hardware, software or
electronic data, as well as from disruption or misdirection of the services they provide.
It includes controlling physical access to system hardware as well as protecting against harm that may be done via
network access, malicious data and code injection.
Due to malpractice by operators, whether intentional or accidental, IT security personnel are susceptible to being
tricked into deviating from secure procedures through various methods of social engineering.
9. Consequences of a cyber attack
Cyber attacks can disrupt and cause considerable financial and reputational damage to even the most resilient
organization.
If you suffer a cyber attack, you stand to lose assets, reputation and business, and potentially face regulatory
fines and litigation- as well as the costs of remediation.
10. Cyber Ethics
•Cyber-ethics is the discipline of using appropriate and ethical behaviors and acknowledging moral duties and
obligations pertaining to online environments and digital media.
•Cyber ethics is the ethics applied to the online environment.
•Cyber ethics is a code of behavior for using the Internet.
11. DO DON’T
schoolwork Use the internet to help you do the
homework. You can find many information
inside the internet
Don’t copy other people works and call it your
own. Do credits to the author or website.
Music, videos and copyright Use the internet to learn about music,
video and games.
Don’t use the internet to download or share
copyrighted material.
12. DO DON’T
E-mail and instant messaging (IM) Use the internet to communicate with
friends and family. But make sure you know
to whom you exchange your e-mail and IM
Don’t use the internet to communicate with
strangers. Don’t pretend to be someone else
and don’t be rude or use bad language.
For Parents Encourage your children to use the Internet.
The Internet has a lot good things to offer
children.
Don't leave your children unsupervised. Make
sure you know what sites your children visit
when they're on the internet, and with whom
they're communicating. Look over their
shoulder.
13. Rules of Cyber
•Do not use rude or offensive language.
•Don’t be a bully on the Internet. Do not call people names, lie about them, send embarrassing pictures of them, or
do anything else to try to hurt them.
•Do not copy information from the Internet and claim it as yours. That is called plagiarism.
•Adhere to copyright restrictions when downloading material including software, games, movies, or music from the
Internet.
•Do not break into someone else’s computer.
•Do not use someone else’s password.
•Do not attempt to infect or in any way try to make someone else’s computer unusable.
14. Technologies and tools for protecting information
resources
Firewall
Intrusion Detection Systems
Antivirus and anti-spyware software
Securing Wireless Networks
Encryption