3. Cyberterrorism: An attempt to cause fear or major disruptions in
a society through computer hacking
Attacks to government computers, major companies, or key
areas of the economy
Nation-states: Sovereign countries
Attacks can come from terrorist groups, individuals, or nation-
states
Cyberterrorism often sponsored by nation-states
Government Drivers for Regulations
Three main drivers
Consumer protection
Stable economy
Tax revenue
Drivers are linked
Concerned with economic
benefits
Page ‹#›
Security Policies and Implementation Issues
15. All rights reserved.
1/15/2017
23
User
Workstation
LAN
WAN
Remote Access
How end users access information resources
Management and security of computing devices used by end
users
Management and security of local area network infrastructure
Management and security of Infrastructure controlling LAN to
WAN communication
16. Security of data in the wide area network
LAN-to-WAN
How end users connect to the LAN
System/Application
Collecting, processing, and storing information
Authorization and Access Control
Determines who has access to what
“Who” can be a user, a device, or a service
Example: Role-Based Access Control (RBAC)
Assign permissions to roles
Assign individuals to roles
Benefit:
Reduces administrative overhead
Improves compliance through reduced complexity
Example: Attribute-Based Access Control (ABAC)
Dynamic rather than static roles
Roles expressed in business terms making them more