SlideShare a Scribd company logo

Topic #17 IT Security ITSecurityIncidentsA.docx

Download as DOCX, PDF
J
juliennehar

Topic #17 IT Security IT Security Incidents: A Worsening Problem Security of informa:on technology is cri:cal §  protect confiden+al business data, including customer and employee data §  protect against malicious acts of the5 or disrup6on Security concerns must be balanced against other business needs (ethical decision regarding IT security): §  Pursue prosecu6on at all costs or maintain low profile : to avoid nega6ve publicity!! §  how much effort and money should be devoted to security? §  if firm produces SW with security flaws, what ac6ons should it take? §  what if security safeguards make life more difficult for customers and employees: will it result in lost sales and increased costs? 2 Number of IT Security Incidents Are Increasing Computer Emergency Response Team Coordina6on Center (CERT/CC) §  Established in 1988 at the So5ware Engineering Ins6tute (SEI) §  SEI: federally funded R&D center at CMU §  Charged with §  coordina6ng communica6on among experts during computer security emergencies §  helping to prevent future incidents §  study Internet security vulnerabili6es §  publish security alerts §  develop informa6on and training for organiza6ons 3 Increasing Complexity Increases Vulnerability Compu6ng environment is enormously complex Con6nues to increase in complexity: §  networks, computers, OSes §  apps, Web sites §  switches, routers, gateways §  all interconnected and driven by 100s of millions of LoC (Lines of Code). Number of possible entry points to a network expands con6nuously as more devices added, §  This increases possibility of security breaches 4 Increased Reliance on Commercial SoDware with Known Vulnerabili:es Exploit: An a\ack on an informa6on system that takes advantage of a par6cular system vulnerability. Typically due to poor system design or implementa6on SW developers quickly create and issue patch: §  a “fix” to eliminate the problem §  users are responsible for obtaining and installing patches -which they can download from the Web §  delays in installing patches expose users to security breaches Zero-day aIack: Takes place before a vulnerability is discovered or fixed U.S. companies rely on commercial so5ware with known vulnerabili6es. IT orgs con6nue to use installed So5ware “as is” (e.g. IE, RealPlayer, JRE) §  Since security fixes could make SW harder to use or eliminate “nice to have features.” 5 Number of Vulnerabili:es Reported to CERT/CC 6 Rate of discovering So5ware vulnerabili6es Exceeds 10/day AIack of the Giant Worm •  On November 2, 1988, a worm began to thread its way through the Internet. Once installed, it mul6plied, clogging available space, un6l computers ground to a halt. The worm exploited UNIX holes in sendmail and fingerd. Around 2500 computers were infected. Within 12 hours, the Computer Systems Research Group at Berkeley developed ...

Education
1 of 75
Topic #17 IT Security IT Security Incidents: A Worsening Problem Security of informa:on technology is cri:cal § protect confiden+al business data, including customer and employee data § protect against malicious acts of the5 or disrup6on Security concerns must be balanced against other business needs (ethical decision regarding IT security): § Pursue prosecu6on at all costsor maintain low profile : to avoid nega6ve publicity!! § how much effort and money should be devoted to security? § if firm produces SW with security flaws, what ac6ons should it take? § what if security safeguards make life more
difficult for customers and employees: will it result in lost sales and increased costs? 2 Number of IT Security Incidents Are Increasing Computer Emergency Response Team Coordina6on Center (CERT/CC) § Established in 1988 at the So5ware Engineering Ins6tute (SEI) § SEI: federally funded R&Dcenter at CMU § Charged with § coordina6ng communica6on among experts during computer security emergencies § helping to prevent future incidents § study Internet security vulnerabili6es § publish security alerts § developinforma6on and training for organiza6ons 3 Increasing Complexity Increases Vulnerability
Compu6ng environment is enormously complex Con6nues to increase in complexity: § networks, computers, OSes § apps, Web sites § switches, routers, gateways § allinterconnected and driven by 100s of millions of LoC (Lines of Code). Number of possible entrypoints to a network expands con6nuously as more devices added, § This increases possibility of security breaches 4 Increased Reliance on Commercial SoDware with Known Vulnerabili:es Exploit: An aack on an informa6on system that takesadvantage of a par6cular system vulnerability. Typically due to poor system design or implementa6on SW developers quickly create and issuepatch: § a “fix”to eliminate the problem § users are responsible for obtaining and installing patches
-which they can download from the Web § delays in installing patches expose usersto security breaches Zero-day aIack: Takes place before a vulnerability is discovered or fixed U.S. companies rely on commercial so5ware with known vulnerabili6es. IT orgs con6nue to use installed So5ware “as is” (e.g. IE, RealPlayer, JRE) § Since security fixes could make SW harder to use or eliminate “nice to have features.” 5 Number of Vulnerabili:es Reported to CERT/CC 6 Rate of discovering So5ware vulnerabili6es Exceeds 10/day AIack of the Giant Worm • On November2, 1988, a worm began to thread its way through the Internet. Onceinstalled, it mul6plied,
clogging available space, un6l computersground to a halt. The worm exploited UNIX holes in sendmail and fingerd. Around 2500 computerswere infected. Within 12 hours, the Computer Systems Research Group at Berkeley developed a way of stopping the spread of this worm. Total Cost? Although no data were destroyed, the 6me involved in fixing and tes6ng was es6mated to be between $1,000,000 and $100,000,000. 7 The Culprit? • Robert J. Morris, a Cornell graduate student in computer science, was convicted on May 4, 1990 to 3- year proba6on and a $10,000 fine. • “I'm at the MIT Computer Science and Ar6ficial Intelligence Laboratory (CSAIL) in the PDOS group.
8 First Na6onal Aack • For the first 6me, a na6onal aack on the Internet was exposed. • As a result, the Computer Emergency Response Team (CERT), at the So5ware Engineering Ins6tute of Carnegie Mellon University was developed. 9 Other Examples • HBO: In April of 1986, an HBO channel was taken over by an intruder known as Captain Midnight, who overpowered the HBO uplink transmier signal with a stronger signal, and sent out his own messages to eightmillion viewers. • Friday the 13th:A student at Hebrew University in Jerusalem discovered that thousands of university computerswere infected with a virus. The virusslowed down processing on certain Fridays the 13th and was scheduled to erase the hard
disksof many computerson May 13, 1988. 10 Computer Crime • According to the FBI, computer crime is the most expensive form of crime, at $450,000 per the5. The es6mated total volume of computer crime is $5,000,000,000per year. • Some reports es6mate that 90% of computer crime goes unreported. • (See h9p://www.usdoj.gov/criminal/cybercrime/cccases.html, the Computer Crime & Intellectual Property SecEon of the US Department of JusEce, Computer Crime Cases.) 11 Types of A9acks Mostfrequent aIack: on a networked computer from an outside source Types of aIacks are many:
Virus: § malicious piece of code; requires usersto spread infected files § Does not spread itselffrom computer to computer § must be passed on to otherusersthrough infected e-mail document aachments, programs on diskees or shared files Macro viruses: § most common and easily created viruses § created in an applica6on macro language (e.g. Visual Basic or VBScript) § infect documents: insert unwanted words, numbers or phrases § infect applica6on templates (embedding itselfin all future docs) 12 Types of A9acks (Cont.) Worm: harmful programs that reside in ac6ve memory § Duplicate themselves: can propagate without human interven6on § Send Copies of themselves to othercomputers via: § Email (e.g. Zip file aachment) § InternetRelay Chat (IRC) § Nega6ve Impact of virusor worm aack § Lost data and programs
§ Lost produc6vity (workers aemp6ng to recover data and programs) § Effort for IT workers (cleaning up mess) Trojan horse: a program a hacker secretly installs on a computer § Used to steal passwords, SSNs or spy on usersby recording keystrokes § Users are tricked into installing (e.g. disguised as iTunes file or malicious web site) 13 Types of A9acks (Cont.) Logic bomb – another type of Trojan Horse, executes under specific condi6ons, triggered e.g. by § change in a par6cular file § typing a specific series of keystrokes § specificdate/6me Denial of service: malicious hacker takesover computerson Internet and causes them to flood a target site with demands for data § the computersthat are taken over are called zombies Does not involve a break-in at the target computer
§ target machine is busy responding to a stream of automatedrequests § thus legi6mate userscannot get in Spoofing generates false return address on packets § therefore, sources of aack cannot be iden6fied and turned off 14 Denial-of-Service (DoS) A9acks Defense Ingress filtering § when Internet service providers (ISPs) prevent incoming packets with false IP addresses from being passed on Egress filtering § ensuring spoofed packets don’t leave a network Overhead: § may prevent legi6mate usersfrom geung in § companies need to deploy faster and more powerful routers and switches to check IP address on each packet 15
What is Computer (IT) Security? • Computer security is designed to protect your computer and everything associatedwith it --- the building, the worksta6ons and printers, cabling, and disksand otherstorage media. Mostimportantly, computer security protects the informa6on stored in your system. • Computer security is not only designed to protect against outside intruders who break into systems, but also dangers arising from sharing a password with a friend, failing to back up a disk, spilling a soda on a keyboard. There are threedis6nct aspects of security: secrecy, accuracy, and availability. • Having said this, we should emphasize that “Informa6on Security” or “Cybersecurity” is more up-to-dateterminology, since rarely are we concerned with the protec6on of a single computer system. • A secure computer system must not allow informa6on to be disclosed to anyone who is not authorized to access it. In highly secure government systems, secrecy ensures that usersaccess only informa6on they’re allowed to access.
• In business environments, confiden6ality ensures the protec6on of private informa6on such as payroll data. 16 17 What is IT Security? Security is the protec6on of assets. The threemain aspects are: • preven6on • detec6on • re-ac6on/response Preven:on Implement a layered security soluEon § Make computer break-ins harder: if hacker breaks through one layer, thereis another layerto overcome Firewall: any Internet traffic not explicitly permied into intranet denied entry; can also block access to certain Web sites, IM, etc. An:virus SoDware:
§ scans for a specific sequence of bytes known as virus signature, may clean, delete or quaran6neaffected files § Con6nually update with the latest virusdetec6on info called definiEons § Do not leave accounts ac:ve aDer employees leave company: promptly delete computer accounts, loginIDs, and passwords 18 Preven:on (Cont.) § Carefully define employee roles: e.g. do not allow a single employee to ini6ate a PO and approve invoice for its payment § Create roles and user accounts: so employees have authority to perform their responsibili6es and no more § Keep Track of Well-Known Vulnerabili6es and patch them: § SANS (System Administra6on,Networking and Security) Ins6tute § CERT/CC
§ Backup cri6cal applica6ons and data regularly § Perform a Security auditto ensure organiza6on has well- considered security policy in place and that is being followed: § e.g. usersmust change their password every 30 days 19 Detec:on Detec:on systems: § catch intruders in the act but preven6vemeasures are not fail-proof Intrusion detecEon system: § monitors system and network resources and ac6vi6es § no6fies the proper authority when it iden6fies -possible intrusions from outside the organiza6on -misuse from within the organiza6on 2 fundamental approaches: Knowledge-based and Behavior-based Knowledge-based approaches § U6lize informa6on about specific a:acks and system vulnerabili+es and watch for aempts to exploit these
§ examples include repeated failed loginaempts, aempts to download a program to a server, or other symptoms of possible mischief 20 Detec:on (Cont.) Behavior-based approaches: § model normal behavior of a system and its usersfrom reference source § compare current ac6vity to this model and generate alarm if devia6on § examples include unusual traffic at odd hours or a user in HR department who accesses accoun6ng program he never used before Intrusion PrevenEon Systems (IPSs): § Prevent aacks by blocking: viruses, malformed packets & otherthreats § Sits directly behind the firewall and examines all traffic passed by it § Firewall and network IPS are complementary: § firewallblocks everything except what you explicitly allow through; § IPS lets everything through except what it is told to block
Honeypot: provides would-be hackers with fake informa+on about the network § Decoy server: goal is to confuse hackers, trace/keepa record for prosecu6on § keeps hackers well-isolated from the rest of the network § can extensively log ac6vi6es of intruders § honeypot can iden6fy aacker reconnaissance probes -used by aackers to obtain info about network resources he wants to aack 21 Response Response plan: § prepare for the worst § developwell in advance of any incident § should be approved by legal department and senior management Primary goals: § regain control: technical and emo6onal § limit damage, restore data and informa6on systems to normal Incident no6fica6on defines: § who to no6fy: within company, customers, suppliers? § who not to no6fy
Security experts recommend against releasing specific info about a security compromise in public forums (news reports, conferences, online groups) 22 Response (Cont.) Document all details of a security incident § do for future prosecu6on and to help with incident eradica6on and follow-up § allsystem events § specificac6ons taken § allexternal conversa6ons Act quickly to contain an aack: may need to shut down or disconnect cri6cal system from network EradicaEon effort § collect and log all possible criminal evidence from the system § verify necessary backups are current and complete -create disk image of all compromised systems for later study and evidence § create new backups, a5er virushas been eradicated 23
Response (Cont.) Follow-up(the ‘a5ermath’) § determine how security was compromised -prevent it from happeningagain -was a so5ware fix not installed? Review § determine exactly what happened § evaluate how the organiza6on responded § write formal incident report Capture the perpetrator But consider the poten6al for nega6ve publicity § brokerage firm might lose customers who thinktheir money or records not secure Legal precedent § hold organiza6ons accountable for their own IT security weaknesses § par6cularly true for ISPs 24 Fundamental Goals for Computer Security • Data Confiden6ality • Data Integrity • System Availability
• Related issue– Privacy • A legal and ethic ques6on • Implemented by Confiden6ality goal 25 In Business Terms Asset Threat Cost Risk 26 27 Some differences between tradi6onal security and informa6on security • Informa6on can be stolen - but you s6ll have it • Confiden6al informa6on may be copied and sold - but the the5 might not be detected • The criminals may be on the otherside of the world
28 Confiden6ality • The preven6on of unauthorised disclosure of informa6on. • Confiden6ality is keeping informa6on secret or private. • Confiden6ality might be important for military, business or personal reasons. 29 Integrity • Integrity is the unauthorised wri6ng or modifica6on of informa6on. • Integrity means that thereis an external consistency in the system - everything is as it is expected to be. • Data integrity means that the data stored on a computer is the same as the source documents.
30 Availability • A secure computer system must keep informa6on available to its users. Availability means that the computer system’s hardware and so5ware keeps working efficiently and that the system is able to recover quickly and completely if a disaster occurs. • Informa6on should be accessible and useable upon appropriate demand by an authorized user. • Availability is the preven6on of unauthorized withholding of informa6on. • The opposite of availability is denial of service. Denial of service aacks are a common form of aack. Denial of service can be every bit as disrup6ve as actual informa6on the5. 31 Non-repudia6on
• Non-repudia6on is the preven6on of either the sender or the receiver denying a transmied message. • A system must be able to prove that certain messages were sent and received. • Non-repudia6on is o5en implemented by using digital signatures. 32 Authen6ca6on • Proving that you are who you say you are, where you say you are, at the 6me you say it is. • Authen6ca6on may be obtained by the provision of a password or a scan of your re6na. 33 Access Controls • The limita6on and control of access through iden6fica6on and authen6ca6on. • A system needs to be able to inden6fy and authen6cate usersfor access to data, applica6ons and hardware.
• In a largesystem theremay be a complex structure determining which usersand applica6ons have access to which objects. 34 Accountability • The system managers are accountable to scru6ny from outside. • Audit trailsmust be selec6vely kept and protected so that ac6ons affec6ng security can be traced back to the responsible party 35 Security systems • A security system is not just a computer package. It also requires security conscious personnel who respect the procedures and their role in the system. • Conversely, a good security system should not rely on personnel having security exper6se. 36
Risk Analysis • The disadvantages of a security system are that they are 6me-consuming, costly, o5en clumsy, and impede management and smooth running of the organisa6on. • Risk analysis is the study of the cost of a par6cular system against the benefits of the system. 37 Designing a Security System There are a number of design considera6ons: • Does the system focus on the data, opera6ons or the usersof the system? • What level should the security system operate from? Should it be at the level of hardware, opera6ng system or applica6ons package? • Should it be simple or sophis6cated? • In a distributed system, should the security be centralised
or spread? • How do you secure the levels below the level of the security system? 38 Security Models A security model is a means for formally expressing the rules of the security policy in an abstract detached way. The model should be: • easy to comprehend • without ambigui6es • possible to implement • a reflec6on of the policies of the organisa6on. Accuracy, Integrity, and AuthenEcity • A secure computer system must maintain the con6nuing integrity of the informa6on stored in it. Accuracy or integrity means that the system must not corrupt the informa6on or allow any unauthorized malicious or accidental
changes to it. • In network communica6ons, a related variant of accuracy known as authen6city provides a way to verify the origin of data by determining who entered or sent it, and by recording when it was sent and received. 39 Threats to Security • There are threekey words that come up in discussions of computer security: – vulnerabili6es, – threats, and – countermeasures. • A vulnerability is a pointwhere a system is suscep6ble to aack. • A threat is a possible danger to the system: e.g. a person, a thing(a faulty piece of equipment), or an event (a fire or a flood). • Techniques for protec6ng your system are called countermeasures.
40 VulnerabiliEes • Examples: physical vulnerabili6es natural vulnerabili6es hardware and so5ware vulnerabili6es media vulnerabili6es emana6on vulnerabili6es communica6ons vulnerabili6es human vulnerabili6es • There is a lot of varia6on in how easy it is to exploit different types of vulnerabili6es. For example, tapping a cordless telephone or a cellular mobile phone requires only a $199 scanner from Radio Shack. 41 Threats • Threats fall into threemain categories: natural threats uninten6onal threats inten6onal threats The inten6onal threats can come from insiders or outsiders. Outsiders can include:
foreign intelligence agents terrorists criminals corporate raiders crackers 42 Inside or Outside? • Although most security mechanisms protect best against outside intruders, survey a5er survey indicates that most aacks are by insiders. Es6mates are that as many as 80% of system penetra6ons are by fully authorized users. 43 The Insider • There are a number of different types of insiders: disgruntled employee,the coerced employee,and the greedy employee.One of the most dangerous types of insiders may simply be lazy or untrained. He or she doesn’t bother changing passwords, doesn’t learnhow to encrypt files,doesn’t get around to erasing old disks, and leaves sensi6ve printout in
piles on the floor. 44 Countermeasures • There are many different types of countermeasures ,methods of protec6ng informa6on. In the next several lectures, we will survey thesemethods: computer security communica6ons security physical security 45 InformaEon and Its Controls • Informa6on security is almost as old as informa6on itself. • innova6ons are inevitably followed by methods of harnessing the new technologies and protec6ng the informa6on they process. – within five years of the introduc6on of the telephone in 1881, a patent applica6ons was filed for a voice scrambler;
– in the 1920s, the use of telephone wiretaps by government and criminals resulted in a public outcry, leading to legisla6onbanning most wiretapping; – in the 1940s, concerns about controlling the prolifera6on of informa6on about atomic energy led to the Atomic Energy Act of 1946. This act created a Restricted Data category of informa6on requiring special protec6on. 46 Debates – One ongoing debate in the computer security world is over the government’s restric6on of technological informa6on. – The government needs to protect certain kinds of informa6on, such as na6onal defense data. – Par6cular security technologies, for example, cryptology, are very effec6ve at safeguarding such informa6on. Should the government be able to control who can and cannot buy such technologies?
– Another debate concerns the involvement of the government in manda6ng the protec6ng of nongovernmentinforma6on. 47 Computer Security: Then and Now • In the earlydays of compu6ng, computer systems were large, rare, and very expensive. Those organiza6ons lucky enough to have a computer tried their best to protect it. Computer security was just one aspect of general plant security. • Security concerns focused on physical break-ins, the5 of computer equipment, and the5 or destruc6on of disk packs, tape reels, and othermedia. • Insiders were also kept at bay. Few people knew how to use computers, and thus the userscould be carefully screened. 48 Later On • By the 1970s, technology was transformed, and
with it the ways in which usersrelated to computersand data. Mul6-programaming, 6me-sharing, and networking changed the rules. • Telecommunica6ons --- the ability to access computersfrom remote loca6ons --- radically changed computer usage. Businesses began to store informa6on online. Networks linked minicomputers together and with mainframes containing largeonline databases. Banking and the transfer of assets became an electronic business. 49 New Abuses • The increased availability of online systems and informa6on led to abuses. Instead of worrying only about intrusions by outsiders into computer facili6es and equipment, organiza6ons now had to worry about – computers that were vulnerable to sneak aacks over telephone lines, and – informa6on that could be stolen or changed by intruders who didn’t leave a trace.
• Individuals and government agencies expressed concerns about the invasion of privacy posed by the availability individual financial, legal, and medical records on shared online databases. 50 The PC World • The 1980s saw a new dawn in compu6ng. With the introduc6on of the PC, individuals of all ages and occupa6ons became computer users. This technology introduced new risks. Precious and irreplaceable corporate data were now stored on diskees, which could now be lost or stolen. • As PCs proliferated, so too did PC networks, electronic mail, chat rooms, and bulle6n boards, vastly raising the security stakes. The 1980s also saw systems under aack. 51
The Future • The challenge of the next decade will be to consolidate what we’ve learned --- to build computer security into our products and our daily rou6nes ,to protect data without unnecessarily impeding our access to it, and to make sure that both products and standards growto meet the ever- increasingscope of challenge of technology. 52 What is Cyberspace? Cyberspace is a worldwide network of computers and the equipment that connects them, which by its very design is free and open to the public (the Internet) As Stanley Konter, CEO of Savannah's Sabre Technologies, notes, "The problem has gotten more prevalent with always-on, high-speed internet access. Attackers are always out there looking for that type of computer."
54 Viruses Viruses infect computers through email attachments and file sharing. They delete files, attack other computers, and make your computer run slowly. One infected computer can cause problems for all computers on a network. Hackers Hackers are people who “trespass” into your computer from a remote location. They may use your computer to send spam or viruses, host a Web site, or do other activities that cause computer malfunctions. Identity Thieves People who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft. Spyware Spyware is software that “piggybacks” on
programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions. Cyber-safety is a common term used to describe a set of practices, measures and/or actions you can take to protect personal information and your computer from attacks. First, let’s talk about some common cyber-safety threats and the problems they can cause . . . Cyber-safety & Threats TOP SEVEN CYBER-SAFETY ACTIONS 55 1. Install OS/Software Updates 2. Run Anti-virus Software 3. Prevent Identity Theft 4. Turn on Personal Firewalls 5. Avoid Spyware/Adware
7. Back up Important Files Additional information about each of the actions below is provided on slides 8-14. Faculty and staff should work with their technical support coordinator before implementing these measures. 6. Protect Passwords § Updates-sometimes called patches-fix problems with your operating system (OS) (e.g., Windows XP, Windows Vista, Mac OS X) and software programs (e.g., Microsoft Office applications). § Most new operating systems are set to download updates by default. After updates are downloaded, you will be asked to install them. Click yes! § To download patches for your system and software, visit: § Windows Update: hp://windowsupdate.microso5.com to get or ensure you have all the latest opera6ng system updates only.Newer Windows systems are set to download theseupdates by default. § Microso5 Update: hp://www.update.microso5.com/microso5update/ to get or ensure you have all the latest OS and Microso5 Office so5ware updates. You must sign up for this service.
§ Apple: hp://www.apple.com/support § Unix: Consult documentation or online help for system update information and instructions. § Be sure to restart your computer after updates are installed so that the patches can be applied immediately. I N S TA L L O S / S O F T WA R E U P D AT E S 56 R U N A N T I - V I R U S S O F T WA R E 57 § To avoid computer problems caused by viruses, install and run an anti-virus program like Sophos. § Periodically, check to see if your anti-virus is up to date by opening your anti-virus program and checking the Last updated: date. § Anti-virus software removes viruses, quarantines and repairs
infected files, and can help prevent future viruses. P R E V E N T I D E N T I T Y T H E F T 58 § Don't give out financial account numbers, Social Security numbers, driver’s license numbers or other personal identity information unless you know exactly who's receiving it. Protect others people’s information as you would your own. § Never send personal or confidential information via email or instant messages as these can be easily intercepted. § Beware of phishing scams - a form of fraud that uses email messages that appear to be from a reputable business (often a financial institution) in an attempt to gain personal or account information. These often do not include a personal salutation. Never enter personal information into an online form you accessed via a link in an email you were not expecting. Legitimate businesses will not ask for personal information online. § Order a copy of your credit report from each of the three major credit bureaus-Equifax,
Experian, and Trans Union. Reports can be ordered online at each of the bureaus’ Web sites. Make sure reports are accurate and include only those activities you have authorized. T U R N O N P E R S O N A L F I R E WA L L S § Check your computer's security settings for a built-in personal firewall. If you have one, turn it on. Microsoft Vista and Mac OSX have built-in firewalls. For more information, see: • Mac Firewall (docs.info.apple.com/ar6cle.html?path=Mac/10.4/en/mh1042.ht ml) • Microsoft Firewall ( www.microso5.com/windowsxp/using/networking/security/winfi rewall.mspx) • Unix users should consult system documentation or online help for personal firewall instructions and/or recommendations. § Once your firewall is turned on, test your firewall for open ports that could allow in
viruses and hackers. Firewall scanners like the one on hp://www.auditmypc.com/firewall-test.asp simplify this process. § Firewalls act as protective barriers between computers and the internet. § Hackers search the Internet by sending out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these calls. 59 A V O I D S P Y WA R E / A D WA R E 60 § Spyware and adware take up memory and can slow down your computer or cause other problems. § Use Spybot and Ad-Aware to remove spyware/adware from your computer. § Watch for allusions to spyware and adware in user agreements before installing free software programs.
§ Be wary of invitations to download software from unknown internet sources. P R O T E C T P A S S W O R D S 61 § Do not share your passwords, and always make new passwords difficult to guess by avoiding dictionary words, and mixing letters, numbers and punctuation. § Do not use one of these common passwords or any variation of them: qwerty1, abc123, letmein, password1, iloveyou1, (yourname1), baseball1. § Change your passwords periodically. § When choosing a password: o Mix upper and lower case letters o Use a minimum of 8 characters o Use mnemonics to help you remember a difficult password § Store passwords in a safe place. Consider using KeePass Password Safe ( hp://keepass.info/), Keychain (Mac) or an encrypted USB drive to store passwords. Avoid keeping passwords on a Post-it under your keyboard, on your monitor or in a drawer near your computer!
B A C K U P I M P O R TA N T F I L E S § Reduce your risk of losing important files to a virus, computer crash, theft or disaster by creating back-up copies. § Keep your critical files in one place on your computer’s hard drive so you can easily create a back up copy. § Save copies of your important documents and files to a CD, online back up service, flash or USB drive, or a server. § Store your back-up media in a secure place away from your computer, in case of fire or theft. § Test your back up media periodically to make sure the files are accessible and readable. 62 CYBER-SAFETY AT HOME § Physically secure your computer by using security cables and locking doors and windows in the dorms and off-campus housing.
§ Avoid leaving your laptop unsupervised and in plain view in the library or coffee house, or in your car, dorm room or home. § Set up a user account and password to prevent unauthorized access to your computer files. § Do not install unnecessary programs on your computer. § Microsoft users can download the free Secunia Personal Software Inspector (hps://psi.secunia.com/), which lets you scan your computer for any missing operating system or software patches and provides instructions for getting all the latest updates. 63 CYBER-SAFETY AT WORK § Be sure to work with your technical support coordinator before implementing new cyber-safety measures. § Talk with your technical support coordinator about what
cyber-safety measures are in place in your department. § Report to your supervisor any cyber-safety policy violations, security flaws/ weaknesses you discover or any suspicious activity by unauthorized individuals in your work area. § Physically secure your computer by using security cables and locking building/office doors and windows. § Do not install unnecessary programs on your work computer. 64 CYBER-SAFETY BASICS QUICK QUIZ 1. True or False? Viruses can be transmitted via email, email attachments or IM. 2. People who seek out your personal information and then use it to commit crimes are called:_____________________ 3. Which of the following are ways to help prevent identity theft. (Check all that apply.) __A. Never send personal information via email or instant
messages. __B. Always send personal information via email or instant messages. __C. Lock my office door. __D. Don’t tell anybody my name. 4. True or False? Iloveyou2 is a good password. Why or why not? 5. Which anti-virus program is available to all UC Davis students, faculty and staff for free? ________________________ 6. I just downloaded a free program online and now my computer is running very, very slowly. Which of the following most likely happened? __A. I didn’t install the program properly. __B. I didn’t have enough space on my hard drive for the new program. __C. I downloaded spyware and/or adware, too. __D. Someone snuck in while the program was downloading and changed my password. 7. ___________________help prevent your computer from responding to pings (calls) from hackers. 8. To fix problems with my operating system and/or application software, I should install __________________. Answers on next slide . . . 65
QUICK QUIZ ANSWERS 1. True 2. Identity thieves 3. A and C are correct. D would probably help too, but seems a bit extreme! 4. False. Iloveyou2 is a very common password. 5. Sophos Anti-Virus is free to UC Davis students, faculty and staff. 6. C. It’s most likely that you downloaded spyware and/or adware. 7. Firewalls 8. OS and/or software updates (patches) 66 How did you do? 8-7 correct: Fantastic! You can help write the next quiz! 6-5 correct: Good. You can help write the next quiz, but we’ll check it for accuracy . . . just in case. 4-3 correct: You might want to review the material for the questions you missed. 67 Summary By now you should have someidea about • Why we need computer security
(preven6on, detec6on and re-ac6on) • What a computer security system does (confiden6ality, integrity, availability, non- repudia6on, authen6ca6on, access control, accountability) • What computer security exerts do (design, implement and evaluate security systems) 68 Summary (Cont.) Ethical decisions regarding IT security include determining which informa6on systems and data most need protec6on 65-fold increase in the number of reported IT security incidents from 1997 to 2003 Mostincidents involve a: • Virus • Worm • Trojan horse • Denial-of-service Key elements of a mul6layer process for managing security vulnerabili6es include: • Threat assessment: to organiza6on’s computersand network • User educa6on: of risks and preventa6ve ac6ons • Response plan
Resources • Network World Security Newsleer – hp://www.nwsubscribe.com – Prac6cal advice, not a virusalert newsleer. Especially good for the links to othersecurity resources at the boom of each ar6cle • CERT Coordina6on Center at CMU – hp://www.cert.org • News about system threats, including viruses and other problems. Source for OCTAVE papers and process • Norton An6Virus Site (Symantec) – hp://securityresponse.symantec.com/avcenter/ • McAfee Security (Network Associates) – hp://us.mcafee.com/virusinfo/ 69 Topic #12 Risk Management in a Project
Reference: Chapter 11, Information Technology Project Management • Understand risk and the importance of good project risk management • Discuss the elements of planning risk management and the contents of a risk management plan • List common sources of risks on informa8on technology (IT) projects • Describe the process of iden8fying risks and create a risk register • Discuss qualita8ve risk analysis and explain how to calculate risk factors, create probability/impact matrixes, and apply the Top Ten Risk Item Tracking technique to rank risks Learning Objec8ves 2 • Explain quan8ta8ve risk analysis and how to apply decision trees, simula8on, and sensi8vity analysis to quan8fy risks
• Provide examples of using different risk response planning strategies to address both nega8ve and posi8ve risks • Discuss how to control risks • Describe how soJware can assist in project risk management Learning Objec8ves (cont’d) 3 • Project risk management is the art and science of iden8fying, analyzing, and responding to risk throughout the life of a project and in the best interests of mee8ng project objec8ves • Risk management is oJen overlooked in projects, but it can help improve project success by helping select good projects, determining project scope, and developing realis8c es8mates The Importance of Project Risk Management 4
Benefits from SoJware Risk Management Prac8ces* 5 *Source: Kulik and Weber, KLCI Research Group • Many people around the world suffered from financial losses as various financial markets dropped in the fall of 2008, even aJer the $700 billion bailout bill was passed by the U.S. Congress • According to a global survey of 316 financial services execu8ves, over 70 percent of respondents believed that the losses stemming from the credit crisis were largely due to failures to address risk management issues • They iden8fied several challenges in implemen8ng risk management, including data and company culture issues Global Issues 6 • A dic8onary defini8on of risk is “the possibility
of loss or injury” • Nega8ve risk involves understanding poten8al problems that might occur in the project and how they might impede project success • Nega8ve risk management is like a form of insurance;it is an investment Nega8ve Risk 7 • Posi8ve risks are risks that result in good things happening; some8mescalled opportuni8es • A general defini8on of project risk is an uncertainty that can have a nega8ve or posi8ve effect on mee8ng project objec8ves • The goal of project risk management is to minimize poten8al nega8ve risks while maximizing poten8al posi8ve risks Risk Can Be Posi8ve 8 • Risk u'lity or risk tolerance is the amount of sa8sfac8on or pleasure received from a poten8al payoff
– U8lity rises at a decreasing rate for people who are risk-averse – Those who are risk-seeking have a higher tolerance for risk and their sa8sfac8on increases when more payoff is at stake – The risk-neutral approach achieves a balance between risk and payoff Risk U8lity 9 Risk U8lity Func8on and Risk Preference 10 • Planning risk management : Deciding how to approach and plan the risk management ac8vi8es for the project • Iden'fying risks: Determining which risks are likely to affect a project and documen8ng the characteris8cs of each • Performing qualita've risk analysis: Priori8zing risks based on their probability and impact of occurrence
Project Risk Management Processes 11 • Performing quan'ta've risk analysis: Numerically es8ma8ng the effects of risks on project objec8ves • Planning risk responses: Taking stepsto enhance opportuni8es and reduce threats to mee8ng project objec8ves • Controlling risk: Monitoring iden8fied and residual risks, iden8fying new risks, carrying out risk response plans, and evalua8ng the effec8veness of risk strategies throughout the life of the project Project Risk Management Processes (cont’d) 12 Project Risk Management Summary 13
• The main output of this process is a risk management plan—a plan that documents the procedures for managing risk throughout a project • The project team should review project documents and understand the organiza8on’s and the sponsor’s approaches to risk • The level of detail will vary with the needs of the project Planning Risk Management 14 • Methodology • Roles and responsibili8es • Budget and schedule • Risk categories • Risk probability and impact • Revised stakeholders’ tolerances • Tracking • Risk documenta8on Topics Addressed in a Risk Management Plan 15
• Con'ngency plans are predefined ac8ons that the project team will take if an iden8fied risk event occurs • Fallback plans are developed for risks that have a high impact on mee8ng project objec8ves, and are put into effect if afempts to reduce the risk are not effec8ve • Con'ngency reserves or allowances are provisions held by the project sponsor or organiza8on to reduce the risk of cost or schedule overruns to an acceptable level; management reserves are funds held for unknown risks Con8ngency and Fallback Plans, Con8ngency Reserves 16 • Several studies showthat IT projects share somecommon sources of risk • The Standish Group developed an IT success poten8al scoring sheetbased on poten8al risks • Other broad categories of risk help iden8fy poten8al risks
Common Sources of Risk in Informa8on Technology Projects 17 IT Success Poten8al Scoring Sheet 18 Success Criterion Relative Importance User Involvement 19 Executive Management support 16 Clear Statement of Requirements 15 Proper Planning 11 Realistic Expectations 10 Smaller Project Milestones 9 Competent Staff 8 Ownership 6 Clear Visions and Objectives 3 Hard-Working, Focused Staff 3 Total 100
• Market risk • Financial risk • Technology risk • People risk • Structure/process risk Broad Categories of Risk 19 • A risk breakdown structure is a hierarchy of poten8al risk categories for a project • Similar to a work breakdown structure but used to iden8fy and categorizerisks Risk Breakdown Structure 20 Sample Risk Breakdown Structure 21
Poten8al Nega8ve Risk Condi8ons Associated With Each Knowledge Area 22 • Iden8fying risks is the process of understanding what poten8al events might hurt or enhance a par8cular project • Anotherconsidera8on is the likelihood of advanced discovery • Risk iden8fica8on tools and techniques include: – Brainstorming – The Delphi Technique – Interviewing – SWOT analysis Iden8fying Risks 23 • Brainstorming is a technique by which a group afempts to generate ideasor find a solu8on for a specific problem by amassing ideasspontaneously and without judgment
• Anexperienced facilitator should run the brainstorming session • Be careful not to overuse or misuse brainstorming. – Psychology literature shows that individuals produce a greater number of ideasworking alone than they do through brainstorming in small, face-to-face groups – Group effects oJen inhibit idea genera8on Brainstorming 24 • The Delphi Technique is used to derive a consensus among a panel of experts who make predic8ons about future developments • Provides independent and anonymous input regarding future events • Uses repeated rounds of ques8oning and wrifen responses and avoids the biasing effects possible in oral methods, such as brainstorming Delphi Technique
25 • Interviewing is a fact-finding technique for collec8ng informa8on in face-to-face, phone, e-mail, or instant-messaging discussions • Interviewing people with similar project experience is an important tool for iden8fying poten8al risks Interviewing 26 • SWOT analysis (strengths, weaknesses, opportuni8es, and threats) can also be used during risk iden8fica8on • Helps iden8fy the broad nega8ve and posi8ve risks that apply to a project SWOT Analysis 27 • The main output of the risk iden8fica8on process is a list of iden8fied risks and otherinforma8on needed to begin
crea8ng a risk register • A risk register is: – A document that contains the results of various risk management processes and that is oJen displayed in a table or spreadsheet format – A tool for documen8ng poten8al risk events and related informa8on • Risk events refer to specific, uncertain events that may occur to the detriment or enhancement of the project Risk Register 28 • Aniden8fica8on number for each risk event • A rank for each risk event • The name of each risk event • A descrip8on of each risk event • The category under which each risk event falls • The root cause of each risk Risk Register Contents 29
• Triggers for each risk; triggers are indicators or symptoms of actual risk events • Poten8al responses to each risk • The risk owner or person who will own or take responsibility for each risk • The probability and impact of each risk occurring. • The status of each risk Risk Register Contents (cont’d) 30 Sample Risk Register 31 • No.: R44 • Rank: 1 • Risk: New customer • Description: We have never done a project for this organization before and don’t know too much about them. One of our company’s strengths is building good customer relationships, which often leads to further projects with that customer. We might have trouble working with this customer because they are new to us. • Category: People risk
• Etc. • Assess the likelihood and impact of iden8fied risks to determine their magnitude and priority • Risk quan8fica8on tools and techniques include: – Probability/impact matrixes – The Top Ten Risk Item Tracking – Expert judgment Performing Qualita8ve Risk Analysis 32 • A probability/impact matrix or chartlists the rela8ve probability of a risk occurring on one side of a matrix or axis on a chartand the rela8ve impact of the risk occurring on the other • List the risks and then label each one as high, medium, or low in terms of its probability of occurrence and its impact if it did occur • Can also calculate risk factors: – Numbers that represent the overall risk of specific events based on their probability of occurring
and the consequences to the project if they do occur Probability/Impact Matrix 33 Sample Probability/Impact Matrix 34 Chart Showing High-, Medium-, and Low-Risk Technologies 35 • Top Ten Risk Item Tracking is a qualita8ve risk analysis tool that helps to iden8fy risks and maintain an awareness of risks throughout the life of a project • Establish a periodic review of the top ten project risk items • List the current ranking, previous ranking, number of 8mesthe risk appears on the list over a period of 8me, and a summary of progress made in resolving the risk item
Top Ten Risk Item Tracking 36 Example of Top Ten Risk Item Tracking 37 • A watch list is a list of risks that are low priority, but are s8ll iden8fied as poten8al risks • Qualita8ve analysis can also iden8fy risks that should be evaluated on a quan8ta8ve basis Watch List 38 • OJen follows qualita8ve risk analysis, but both can be done together • Large, complex projects involving leading edge technologies oJen require extensive quan8ta8ve risk analysis • Main techniques include: – Decision tree analysis – Simula8on – Sensi8vity analysis
Performing Quan8ta8ve Risk Analysis 39 • A decision tree is a diagramming analysis technique used to help select the best course of ac8on in situa8ons in which future outcomes are uncertain • Es'mated monetary value (EMV) is the product of a risk event probability and the risk event’s monetary value • You can draw a decision tree to help find the EMV Decision Trees and Expected Monetary Value (EMV) 40 Expected Monetary Value (EMV) Example 41 • Simula8on uses a representa8on or model of a system to analyze the expected behavior or
performance of the system • Monte Carlo analysis simulates a model’s outcome many 8mesto provide a sta8s8cal distribu8on of the calculated results • To use a Monte Carlo simula8on, you must have threees8mates (most likely, pessimis8c, and op8mis8c) plus an es8mate of the likelihood of the es8mate being between the most likely and op8mis8c values Simula8on 42 1. Assess the range for the variables being considered 2. Determine the probability distribu8on of each variable 3. For each variable, select a random value based on the probability distribu8on 4. Run a determinis8c analysis or one pass through the model
5. Repeat steps3 and 4 many 8mesto obtain the probability distribu8on of the model’s results Steps of a Monte Carlo Analysis 43 Sample Monte Carlo Simula8on Results for Project Schedule 44 • Sensi'vity analysis is a technique used to show the effects of changing one or more variables on an outcome • For example, many people use it to determine what the monthly payments for a loan will be given different interest rates or periods of the loan, or for determining break-even points based on different assump8ons • Spreadsheet soJware, such as Excel, is a common tool for performing sensi8vity analysis Sensi8vity Analysis 45
Sample Sensi8vity Analysis for Determining Break-Even Point 46 • AJer iden8fying and quan8fying risks, you must decide how to respond to them • Four main response strategies for nega8ve risks: – Risk avoidance – Risk acceptance – Risk transference – Risk mi8ga8on Planning Risk Responses 47 General Risk Mi8ga8on Strategies for Technical, Cost, and Schedule Risks 48 • Risk exploita8on • Risk sharing • Risk enhancement
• Risk acceptance Response Strategies for Posi8ve Risks 49 • It’s also important to iden8fy residual and secondary risks • Residual risks are risks that remain aJer all of the response strategies have been implemented • Secondary risks are a direct result of implemen8ng a risk response Residual and Secondary Risks 50 • Involves execu8ng the risk management process to respond to risk events and ensuring that risk awareness is an ongoing ac8vity performedby the en8re project team throughout the en8re project • Workaroundsare unplannedresponses to risk events that must be done when thereare no con8ngency plans • Main outputs of risk control are:
– Work performance informa8on – change requests – updates to the project management plan, otherproject documents, and organiza8onal process assets Controlling Risks 51 • Risk registers can be created in a simple Word or Excel file or as part of a database • More sophis8cated risk management soJware, such as Monte Carlo simula8ontools, help in analyzing project risks • You can purchase add-ons for Excel and Project 2010 to perform simula8ons Using SoJware to Assist in Project Risk Management 52 • Unlike crisis management, good project risk management oJen goes unno8ced • Well-run projects appear to be almost effortless, but a lot of work goes into running a
project well • Project managers should strive to make their jobs look easy to reflect the results of well-run projects Results of Good Project Risk Management 53 • Project risk management is the art and science of iden8fying, analyzing, and responding to risk throughout the life of a project and in the best interests of mee8ng project objec8ves • Main processes include: – Plan risk management – Iden8fyrisks – Perform qualita8ve risk analysis – Perform quan8ta8ve risk analysis – Plan risk responses – Control risks Summary 54 Reference Details
55

Recommended

3 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 20173 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 2017Bret Piatt
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paperImaging Network Technology, LLC
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0Adebisi Tolulope
 
First Union Bank Report
First Union Bank ReportFirst Union Bank Report
First Union Bank ReportYogesh Kumar
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for StartupsSymosis Security (Previously C-Level Security)
 
Hamza
HamzaHamza
HamzaHamzaBaqee
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxprtabal_25
 

Recommended

3 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 20173 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 2017Bret Piatt
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paperImaging Network Technology, LLC
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0Adebisi Tolulope
 
First Union Bank Report
First Union Bank ReportFirst Union Bank Report
First Union Bank ReportYogesh Kumar
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for StartupsSymosis Security (Previously C-Level Security)
 
Hamza
HamzaHamza
HamzaHamzaBaqee
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxprtabal_25
 
Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessImran Khan
 
ransome_case solved.pptx
ransome_case solved.pptxransome_case solved.pptx
ransome_case solved.pptxradhika457461
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & SecurityNetstarterSL
 
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxkris harden
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTSimone Onofri
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.pptAsif Raza
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfinfosec train
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx56ushodayareddy
 
2.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-112.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-11mrmwood
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdfBelayet Hossain
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
One way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docxOne way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docxjuliennehar
 
One paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docxOne paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docxjuliennehar
 

More Related Content

Similar to Topic #17 IT Security ITSecurityIncidentsA.docx

Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessImran Khan
 
ransome_case solved.pptx
ransome_case solved.pptxransome_case solved.pptx
ransome_case solved.pptxradhika457461
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & SecurityNetstarterSL
 
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxkris harden
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTSimone Onofri
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.pptAsif Raza
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfinfosec train
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
2.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-112.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-11mrmwood
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdfBelayet Hossain
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 

Similar to Topic #17 IT Security ITSecurityIncidentsA.docx (20)

Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awareness
 
ransome_case solved.pptx
ransome_case solved.pptxransome_case solved.pptx
ransome_case solved.pptx
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
 
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptxCheck-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacy
 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdf
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
2.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-112.5 safety and security of data in ict systems 13 12-11
2.5 safety and security of data in ict systems 13 12-11
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 

More from juliennehar

One way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docxOne way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docxjuliennehar
 
One paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docxOne paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docxjuliennehar
 
one paragraph for each conceptoriginal workSocial Stratifica.docx
one paragraph for each conceptoriginal workSocial Stratifica.docxone paragraph for each conceptoriginal workSocial Stratifica.docx
one paragraph for each conceptoriginal workSocial Stratifica.docxjuliennehar
 
one pageExamine the importance of popular culture and technology.docx
one pageExamine the importance of popular culture and technology.docxone pageExamine the importance of popular culture and technology.docx
one pageExamine the importance of popular culture and technology.docxjuliennehar
 
One-half pageWhat accounts are included in the revenue cycleD.docx
One-half pageWhat accounts are included in the revenue cycleD.docxOne-half pageWhat accounts are included in the revenue cycleD.docx
One-half pageWhat accounts are included in the revenue cycleD.docxjuliennehar
 
One way chemists use to determine the molecular weight of large biom.docx
One way chemists use to determine the molecular weight of large biom.docxOne way chemists use to determine the molecular weight of large biom.docx
One way chemists use to determine the molecular weight of large biom.docxjuliennehar
 
One page paper answering following questions. Describe the charact.docx
One page paper answering following questions. Describe the charact.docxOne page paper answering following questions. Describe the charact.docx
One page paper answering following questions. Describe the charact.docxjuliennehar
 
One page on Applying Platos Allegory of the Cave in the light o.docx
One page on Applying Platos Allegory of the Cave in the light o.docxOne page on Applying Platos Allegory of the Cave in the light o.docx
One page on Applying Platos Allegory of the Cave in the light o.docxjuliennehar
 
one page in APA format.Using the Competing Values Framework, how w.docx
one page in APA format.Using the Competing Values Framework, how w.docxone page in APA format.Using the Competing Values Framework, how w.docx
one page in APA format.Using the Competing Values Framework, how w.docxjuliennehar
 
One more source needs to be added to the ppt. There is a 5-6 min spe.docx
One more source needs to be added to the ppt. There is a 5-6 min spe.docxOne more source needs to be added to the ppt. There is a 5-6 min spe.docx
One more source needs to be added to the ppt. There is a 5-6 min spe.docxjuliennehar
 
One of the recent developments facing the public administration of c.docx
One of the recent developments facing the public administration of c.docxOne of the recent developments facing the public administration of c.docx
One of the recent developments facing the public administration of c.docxjuliennehar
 
One of the most important functions (protocols) in a packet-switched.docx
One of the most important functions (protocols) in a packet-switched.docxOne of the most important functions (protocols) in a packet-switched.docx
One of the most important functions (protocols) in a packet-switched.docxjuliennehar
 
One of the main themes of this course has been culture as an on-goin.docx
One of the main themes of this course has been culture as an on-goin.docxOne of the main themes of this course has been culture as an on-goin.docx
One of the main themes of this course has been culture as an on-goin.docxjuliennehar
 
One of the main political separations that divide people today is Li.docx
One of the main political separations that divide people today is Li.docxOne of the main political separations that divide people today is Li.docx
One of the main political separations that divide people today is Li.docxjuliennehar
 
One of the very first cases that caught Freud’s attention when he wa.docx
One of the very first cases that caught Freud’s attention when he wa.docxOne of the very first cases that caught Freud’s attention when he wa.docx
One of the very first cases that caught Freud’s attention when he wa.docxjuliennehar
 
One of the great benefits of the Apache web server is its wide range.docx
One of the great benefits of the Apache web server is its wide range.docxOne of the great benefits of the Apache web server is its wide range.docx
One of the great benefits of the Apache web server is its wide range.docxjuliennehar
 
One of the most difficult components of effective .docx
One of the most difficult components of effective .docxOne of the most difficult components of effective .docx
One of the most difficult components of effective .docxjuliennehar
 
One of the high points of the campaign will be a look to the future .docx
One of the high points of the campaign will be a look to the future .docxOne of the high points of the campaign will be a look to the future .docx
One of the high points of the campaign will be a look to the future .docxjuliennehar
 
One of the most basic aims of human computer interaction has been sp.docx
One of the most basic aims of human computer interaction has been sp.docxOne of the most basic aims of human computer interaction has been sp.docx
One of the most basic aims of human computer interaction has been sp.docxjuliennehar
 
One of the most common workplace communication tools is a telephon.docx
One of the most common workplace communication tools is a telephon.docxOne of the most common workplace communication tools is a telephon.docx
One of the most common workplace communication tools is a telephon.docxjuliennehar
 

More from juliennehar (20)

One way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docxOne way to improve your verbal communication is to own your thoughts.docx
One way to improve your verbal communication is to own your thoughts.docx
 
One paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docxOne paragraphHas your family experienced significant upward or .docx
One paragraphHas your family experienced significant upward or .docx
 
one paragraph for each conceptoriginal workSocial Stratifica.docx
one paragraph for each conceptoriginal workSocial Stratifica.docxone paragraph for each conceptoriginal workSocial Stratifica.docx
one paragraph for each conceptoriginal workSocial Stratifica.docx
 
one pageExamine the importance of popular culture and technology.docx
one pageExamine the importance of popular culture and technology.docxone pageExamine the importance of popular culture and technology.docx
one pageExamine the importance of popular culture and technology.docx
 
One-half pageWhat accounts are included in the revenue cycleD.docx
One-half pageWhat accounts are included in the revenue cycleD.docxOne-half pageWhat accounts are included in the revenue cycleD.docx
One-half pageWhat accounts are included in the revenue cycleD.docx
 
One way chemists use to determine the molecular weight of large biom.docx
One way chemists use to determine the molecular weight of large biom.docxOne way chemists use to determine the molecular weight of large biom.docx
One way chemists use to determine the molecular weight of large biom.docx
 
One page paper answering following questions. Describe the charact.docx
One page paper answering following questions. Describe the charact.docxOne page paper answering following questions. Describe the charact.docx
One page paper answering following questions. Describe the charact.docx
 
One page on Applying Platos Allegory of the Cave in the light o.docx
One page on Applying Platos Allegory of the Cave in the light o.docxOne page on Applying Platos Allegory of the Cave in the light o.docx
One page on Applying Platos Allegory of the Cave in the light o.docx
 
one page in APA format.Using the Competing Values Framework, how w.docx
one page in APA format.Using the Competing Values Framework, how w.docxone page in APA format.Using the Competing Values Framework, how w.docx
one page in APA format.Using the Competing Values Framework, how w.docx
 
One more source needs to be added to the ppt. There is a 5-6 min spe.docx
One more source needs to be added to the ppt. There is a 5-6 min spe.docxOne more source needs to be added to the ppt. There is a 5-6 min spe.docx
One more source needs to be added to the ppt. There is a 5-6 min spe.docx
 
One of the recent developments facing the public administration of c.docx
One of the recent developments facing the public administration of c.docxOne of the recent developments facing the public administration of c.docx
One of the recent developments facing the public administration of c.docx
 
One of the most important functions (protocols) in a packet-switched.docx
One of the most important functions (protocols) in a packet-switched.docxOne of the most important functions (protocols) in a packet-switched.docx
One of the most important functions (protocols) in a packet-switched.docx
 
One of the main themes of this course has been culture as an on-goin.docx
One of the main themes of this course has been culture as an on-goin.docxOne of the main themes of this course has been culture as an on-goin.docx
One of the main themes of this course has been culture as an on-goin.docx
 
One of the main political separations that divide people today is Li.docx
One of the main political separations that divide people today is Li.docxOne of the main political separations that divide people today is Li.docx
One of the main political separations that divide people today is Li.docx
 
One of the very first cases that caught Freud’s attention when he wa.docx
One of the very first cases that caught Freud’s attention when he wa.docxOne of the very first cases that caught Freud’s attention when he wa.docx
One of the very first cases that caught Freud’s attention when he wa.docx
 
One of the great benefits of the Apache web server is its wide range.docx
One of the great benefits of the Apache web server is its wide range.docxOne of the great benefits of the Apache web server is its wide range.docx
One of the great benefits of the Apache web server is its wide range.docx
 
One of the most difficult components of effective .docx
One of the most difficult components of effective .docxOne of the most difficult components of effective .docx
One of the most difficult components of effective .docx
 
One of the high points of the campaign will be a look to the future .docx
One of the high points of the campaign will be a look to the future .docxOne of the high points of the campaign will be a look to the future .docx
One of the high points of the campaign will be a look to the future .docx
 
One of the most basic aims of human computer interaction has been sp.docx
One of the most basic aims of human computer interaction has been sp.docxOne of the most basic aims of human computer interaction has been sp.docx
One of the most basic aims of human computer interaction has been sp.docx
 
One of the most common workplace communication tools is a telephon.docx
One of the most common workplace communication tools is a telephon.docxOne of the most common workplace communication tools is a telephon.docx
One of the most common workplace communication tools is a telephon.docx
 

Recently uploaded

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 

Recently uploaded (20)

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 

Topic #17 IT Security ITSecurityIncidentsA.docx

  • 1. Topic #17 IT Security IT Security Incidents: A Worsening Problem Security of informa:on technology is cri:cal § protect confiden+al business data, including customer and employee data § protect against malicious acts of the5 or disrup6on Security concerns must be balanced against other business needs (ethical decision regarding IT security): § Pursue prosecu6on at all costsor maintain low profile : to avoid nega6ve publicity!! § how much effort and money should be devoted to security? § if firm produces SW with security flaws, what ac6ons should it take? § what if security safeguards make life more
  • 2. difficult for customers and employees: will it result in lost sales and increased costs? 2 Number of IT Security Incidents Are Increasing Computer Emergency Response Team Coordina6on Center (CERT/CC) § Established in 1988 at the So5ware Engineering Ins6tute (SEI) § SEI: federally funded R&Dcenter at CMU § Charged with § coordina6ng communica6on among experts during computer security emergencies § helping to prevent future incidents § study Internet security vulnerabili6es § publish security alerts § developinforma6on and training for organiza6ons 3 Increasing Complexity Increases Vulnerability
  • 3. Compu6ng environment is enormously complex Con6nues to increase in complexity: § networks, computers, OSes § apps, Web sites § switches, routers, gateways § allinterconnected and driven by 100s of millions of LoC (Lines of Code). Number of possible entrypoints to a network expands con6nuously as more devices added, § This increases possibility of security breaches 4 Increased Reliance on Commercial SoDware with Known Vulnerabili:es Exploit: An aack on an informa6on system that takesadvantage of a par6cular system vulnerability. Typically due to poor system design or implementa6on SW developers quickly create and issuepatch: § a “fix”to eliminate the problem § users are responsible for obtaining and installing patches
  • 4. -which they can download from the Web § delays in installing patches expose usersto security breaches Zero-day aIack: Takes place before a vulnerability is discovered or fixed U.S. companies rely on commercial so5ware with known vulnerabili6es. IT orgs con6nue to use installed So5ware “as is” (e.g. IE, RealPlayer, JRE) § Since security fixes could make SW harder to use or eliminate “nice to have features.” 5 Number of Vulnerabili:es Reported to CERT/CC 6 Rate of discovering So5ware vulnerabili6es Exceeds 10/day AIack of the Giant Worm • On November2, 1988, a worm began to thread its way through the Internet. Onceinstalled, it mul6plied,
  • 5. clogging available space, un6l computersground to a halt. The worm exploited UNIX holes in sendmail and fingerd. Around 2500 computerswere infected. Within 12 hours, the Computer Systems Research Group at Berkeley developed a way of stopping the spread of this worm. Total Cost? Although no data were destroyed, the 6me involved in fixing and tes6ng was es6mated to be between $1,000,000 and $100,000,000. 7 The Culprit? • Robert J. Morris, a Cornell graduate student in computer science, was convicted on May 4, 1990 to 3- year proba6on and a $10,000 fine. • “I'm at the MIT Computer Science and Ar6ficial Intelligence Laboratory (CSAIL) in the PDOS group.
  • 6. 8 First Na6onal Aack • For the first 6me, a na6onal aack on the Internet was exposed. • As a result, the Computer Emergency Response Team (CERT), at the So5ware Engineering Ins6tute of Carnegie Mellon University was developed. 9 Other Examples • HBO: In April of 1986, an HBO channel was taken over by an intruder known as Captain Midnight, who overpowered the HBO uplink transmier signal with a stronger signal, and sent out his own messages to eightmillion viewers. • Friday the 13th:A student at Hebrew University in Jerusalem discovered that thousands of university computerswere infected with a virus. The virusslowed down processing on certain Fridays the 13th and was scheduled to erase the hard
  • 7. disksof many computerson May 13, 1988. 10 Computer Crime • According to the FBI, computer crime is the most expensive form of crime, at $450,000 per the5. The es6mated total volume of computer crime is $5,000,000,000per year. • Some reports es6mate that 90% of computer crime goes unreported. • (See h9p://www.usdoj.gov/criminal/cybercrime/cccases.html, the Computer Crime & Intellectual Property SecEon of the US Department of JusEce, Computer Crime Cases.) 11 Types of A9acks Mostfrequent aIack: on a networked computer from an outside source Types of aIacks are many:
  • 8. Virus: § malicious piece of code; requires usersto spread infected files § Does not spread itselffrom computer to computer § must be passed on to otherusersthrough infected e-mail document aachments, programs on diskees or shared files Macro viruses: § most common and easily created viruses § created in an applica6on macro language (e.g. Visual Basic or VBScript) § infect documents: insert unwanted words, numbers or phrases § infect applica6on templates (embedding itselfin all future docs) 12 Types of A9acks (Cont.) Worm: harmful programs that reside in ac6ve memory § Duplicate themselves: can propagate without human interven6on § Send Copies of themselves to othercomputers via: § Email (e.g. Zip file aachment) § InternetRelay Chat (IRC) § Nega6ve Impact of virusor worm aack § Lost data and programs
  • 9. § Lost produc6vity (workers aemp6ng to recover data and programs) § Effort for IT workers (cleaning up mess) Trojan horse: a program a hacker secretly installs on a computer § Used to steal passwords, SSNs or spy on usersby recording keystrokes § Users are tricked into installing (e.g. disguised as iTunes file or malicious web site) 13 Types of A9acks (Cont.) Logic bomb – another type of Trojan Horse, executes under specific condi6ons, triggered e.g. by § change in a par6cular file § typing a specific series of keystrokes § specificdate/6me Denial of service: malicious hacker takesover computerson Internet and causes them to flood a target site with demands for data § the computersthat are taken over are called zombies Does not involve a break-in at the target computer
  • 10. § target machine is busy responding to a stream of automatedrequests § thus legi6mate userscannot get in Spoofing generates false return address on packets § therefore, sources of aack cannot be iden6fied and turned off 14 Denial-of-Service (DoS) A9acks Defense Ingress filtering § when Internet service providers (ISPs) prevent incoming packets with false IP addresses from being passed on Egress filtering § ensuring spoofed packets don’t leave a network Overhead: § may prevent legi6mate usersfrom geung in § companies need to deploy faster and more powerful routers and switches to check IP address on each packet 15
  • 11. What is Computer (IT) Security? • Computer security is designed to protect your computer and everything associatedwith it --- the building, the worksta6ons and printers, cabling, and disksand otherstorage media. Mostimportantly, computer security protects the informa6on stored in your system. • Computer security is not only designed to protect against outside intruders who break into systems, but also dangers arising from sharing a password with a friend, failing to back up a disk, spilling a soda on a keyboard. There are threedis6nct aspects of security: secrecy, accuracy, and availability. • Having said this, we should emphasize that “Informa6on Security” or “Cybersecurity” is more up-to-dateterminology, since rarely are we concerned with the protec6on of a single computer system. • A secure computer system must not allow informa6on to be disclosed to anyone who is not authorized to access it. In highly secure government systems, secrecy ensures that usersaccess only informa6on they’re allowed to access.
  • 12. • In business environments, confiden6ality ensures the protec6on of private informa6on such as payroll data. 16 17 What is IT Security? Security is the protec6on of assets. The threemain aspects are: • preven6on • detec6on • re-ac6on/response Preven:on Implement a layered security soluEon § Make computer break-ins harder: if hacker breaks through one layer, thereis another layerto overcome Firewall: any Internet traffic not explicitly permied into intranet denied entry; can also block access to certain Web sites, IM, etc. An:virus SoDware:
  • 13. § scans for a specific sequence of bytes known as virus signature, may clean, delete or quaran6neaffected files § Con6nually update with the latest virusdetec6on info called definiEons § Do not leave accounts ac:ve aDer employees leave company: promptly delete computer accounts, loginIDs, and passwords 18 Preven:on (Cont.) § Carefully define employee roles: e.g. do not allow a single employee to ini6ate a PO and approve invoice for its payment § Create roles and user accounts: so employees have authority to perform their responsibili6es and no more § Keep Track of Well-Known Vulnerabili6es and patch them: § SANS (System Administra6on,Networking and Security) Ins6tute § CERT/CC
  • 14. § Backup cri6cal applica6ons and data regularly § Perform a Security auditto ensure organiza6on has well- considered security policy in place and that is being followed: § e.g. usersmust change their password every 30 days 19 Detec:on Detec:on systems: § catch intruders in the act but preven6vemeasures are not fail-proof Intrusion detecEon system: § monitors system and network resources and ac6vi6es § no6fies the proper authority when it iden6fies -possible intrusions from outside the organiza6on -misuse from within the organiza6on 2 fundamental approaches: Knowledge-based and Behavior-based Knowledge-based approaches § U6lize informa6on about specific a:acks and system vulnerabili+es and watch for aempts to exploit these
  • 15. § examples include repeated failed loginaempts, aempts to download a program to a server, or other symptoms of possible mischief 20 Detec:on (Cont.) Behavior-based approaches: § model normal behavior of a system and its usersfrom reference source § compare current ac6vity to this model and generate alarm if devia6on § examples include unusual traffic at odd hours or a user in HR department who accesses accoun6ng program he never used before Intrusion PrevenEon Systems (IPSs): § Prevent aacks by blocking: viruses, malformed packets & otherthreats § Sits directly behind the firewall and examines all traffic passed by it § Firewall and network IPS are complementary: § firewallblocks everything except what you explicitly allow through; § IPS lets everything through except what it is told to block
  • 16. Honeypot: provides would-be hackers with fake informa+on about the network § Decoy server: goal is to confuse hackers, trace/keepa record for prosecu6on § keeps hackers well-isolated from the rest of the network § can extensively log ac6vi6es of intruders § honeypot can iden6fy aacker reconnaissance probes -used by aackers to obtain info about network resources he wants to aack 21 Response Response plan: § prepare for the worst § developwell in advance of any incident § should be approved by legal department and senior management Primary goals: § regain control: technical and emo6onal § limit damage, restore data and informa6on systems to normal Incident no6fica6on defines: § who to no6fy: within company, customers, suppliers? § who not to no6fy
  • 17. Security experts recommend against releasing specific info about a security compromise in public forums (news reports, conferences, online groups) 22 Response (Cont.) Document all details of a security incident § do for future prosecu6on and to help with incident eradica6on and follow-up § allsystem events § specificac6ons taken § allexternal conversa6ons Act quickly to contain an aack: may need to shut down or disconnect cri6cal system from network EradicaEon effort § collect and log all possible criminal evidence from the system § verify necessary backups are current and complete -create disk image of all compromised systems for later study and evidence § create new backups, a5er virushas been eradicated 23
  • 18. Response (Cont.) Follow-up(the ‘a5ermath’) § determine how security was compromised -prevent it from happeningagain -was a so5ware fix not installed? Review § determine exactly what happened § evaluate how the organiza6on responded § write formal incident report Capture the perpetrator But consider the poten6al for nega6ve publicity § brokerage firm might lose customers who thinktheir money or records not secure Legal precedent § hold organiza6ons accountable for their own IT security weaknesses § par6cularly true for ISPs 24 Fundamental Goals for Computer Security • Data Confiden6ality • Data Integrity • System Availability
  • 19. • Related issue– Privacy • A legal and ethic ques6on • Implemented by Confiden6ality goal 25 In Business Terms Asset Threat Cost Risk 26 27 Some differences between tradi6onal security and informa6on security • Informa6on can be stolen - but you s6ll have it • Confiden6al informa6on may be copied and sold - but the the5 might not be detected • The criminals may be on the otherside of the world
  • 20. 28 Confiden6ality • The preven6on of unauthorised disclosure of informa6on. • Confiden6ality is keeping informa6on secret or private. • Confiden6ality might be important for military, business or personal reasons. 29 Integrity • Integrity is the unauthorised wri6ng or modifica6on of informa6on. • Integrity means that thereis an external consistency in the system - everything is as it is expected to be. • Data integrity means that the data stored on a computer is the same as the source documents.
  • 21. 30 Availability • A secure computer system must keep informa6on available to its users. Availability means that the computer system’s hardware and so5ware keeps working efficiently and that the system is able to recover quickly and completely if a disaster occurs. • Informa6on should be accessible and useable upon appropriate demand by an authorized user. • Availability is the preven6on of unauthorized withholding of informa6on. • The opposite of availability is denial of service. Denial of service aacks are a common form of aack. Denial of service can be every bit as disrup6ve as actual informa6on the5. 31 Non-repudia6on
  • 22. • Non-repudia6on is the preven6on of either the sender or the receiver denying a transmied message. • A system must be able to prove that certain messages were sent and received. • Non-repudia6on is o5en implemented by using digital signatures. 32 Authen6ca6on • Proving that you are who you say you are, where you say you are, at the 6me you say it is. • Authen6ca6on may be obtained by the provision of a password or a scan of your re6na. 33 Access Controls • The limita6on and control of access through iden6fica6on and authen6ca6on. • A system needs to be able to inden6fy and authen6cate usersfor access to data, applica6ons and hardware.
  • 23. • In a largesystem theremay be a complex structure determining which usersand applica6ons have access to which objects. 34 Accountability • The system managers are accountable to scru6ny from outside. • Audit trailsmust be selec6vely kept and protected so that ac6ons affec6ng security can be traced back to the responsible party 35 Security systems • A security system is not just a computer package. It also requires security conscious personnel who respect the procedures and their role in the system. • Conversely, a good security system should not rely on personnel having security exper6se. 36
  • 24. Risk Analysis • The disadvantages of a security system are that they are 6me-consuming, costly, o5en clumsy, and impede management and smooth running of the organisa6on. • Risk analysis is the study of the cost of a par6cular system against the benefits of the system. 37 Designing a Security System There are a number of design considera6ons: • Does the system focus on the data, opera6ons or the usersof the system? • What level should the security system operate from? Should it be at the level of hardware, opera6ng system or applica6ons package? • Should it be simple or sophis6cated? • In a distributed system, should the security be centralised
  • 25. or spread? • How do you secure the levels below the level of the security system? 38 Security Models A security model is a means for formally expressing the rules of the security policy in an abstract detached way. The model should be: • easy to comprehend • without ambigui6es • possible to implement • a reflec6on of the policies of the organisa6on. Accuracy, Integrity, and AuthenEcity • A secure computer system must maintain the con6nuing integrity of the informa6on stored in it. Accuracy or integrity means that the system must not corrupt the informa6on or allow any unauthorized malicious or accidental
  • 26. changes to it. • In network communica6ons, a related variant of accuracy known as authen6city provides a way to verify the origin of data by determining who entered or sent it, and by recording when it was sent and received. 39 Threats to Security • There are threekey words that come up in discussions of computer security: – vulnerabili6es, – threats, and – countermeasures. • A vulnerability is a pointwhere a system is suscep6ble to aack. • A threat is a possible danger to the system: e.g. a person, a thing(a faulty piece of equipment), or an event (a fire or a flood). • Techniques for protec6ng your system are called countermeasures.
  • 27. 40 VulnerabiliEes • Examples: physical vulnerabili6es natural vulnerabili6es hardware and so5ware vulnerabili6es media vulnerabili6es emana6on vulnerabili6es communica6ons vulnerabili6es human vulnerabili6es • There is a lot of varia6on in how easy it is to exploit different types of vulnerabili6es. For example, tapping a cordless telephone or a cellular mobile phone requires only a $199 scanner from Radio Shack. 41 Threats • Threats fall into threemain categories: natural threats uninten6onal threats inten6onal threats The inten6onal threats can come from insiders or outsiders. Outsiders can include:
  • 28. foreign intelligence agents terrorists criminals corporate raiders crackers 42 Inside or Outside? • Although most security mechanisms protect best against outside intruders, survey a5er survey indicates that most aacks are by insiders. Es6mates are that as many as 80% of system penetra6ons are by fully authorized users. 43 The Insider • There are a number of different types of insiders: disgruntled employee,the coerced employee,and the greedy employee.One of the most dangerous types of insiders may simply be lazy or untrained. He or she doesn’t bother changing passwords, doesn’t learnhow to encrypt files,doesn’t get around to erasing old disks, and leaves sensi6ve printout in
  • 29. piles on the floor. 44 Countermeasures • There are many different types of countermeasures ,methods of protec6ng informa6on. In the next several lectures, we will survey thesemethods: computer security communica6ons security physical security 45 InformaEon and Its Controls • Informa6on security is almost as old as informa6on itself. • innova6ons are inevitably followed by methods of harnessing the new technologies and protec6ng the informa6on they process. – within five years of the introduc6on of the telephone in 1881, a patent applica6ons was filed for a voice scrambler;
  • 30. – in the 1920s, the use of telephone wiretaps by government and criminals resulted in a public outcry, leading to legisla6onbanning most wiretapping; – in the 1940s, concerns about controlling the prolifera6on of informa6on about atomic energy led to the Atomic Energy Act of 1946. This act created a Restricted Data category of informa6on requiring special protec6on. 46 Debates – One ongoing debate in the computer security world is over the government’s restric6on of technological informa6on. – The government needs to protect certain kinds of informa6on, such as na6onal defense data. – Par6cular security technologies, for example, cryptology, are very effec6ve at safeguarding such informa6on. Should the government be able to control who can and cannot buy such technologies?
  • 31. – Another debate concerns the involvement of the government in manda6ng the protec6ng of nongovernmentinforma6on. 47 Computer Security: Then and Now • In the earlydays of compu6ng, computer systems were large, rare, and very expensive. Those organiza6ons lucky enough to have a computer tried their best to protect it. Computer security was just one aspect of general plant security. • Security concerns focused on physical break-ins, the5 of computer equipment, and the5 or destruc6on of disk packs, tape reels, and othermedia. • Insiders were also kept at bay. Few people knew how to use computers, and thus the userscould be carefully screened. 48 Later On • By the 1970s, technology was transformed, and
  • 32. with it the ways in which usersrelated to computersand data. Mul6-programaming, 6me-sharing, and networking changed the rules. • Telecommunica6ons --- the ability to access computersfrom remote loca6ons --- radically changed computer usage. Businesses began to store informa6on online. Networks linked minicomputers together and with mainframes containing largeonline databases. Banking and the transfer of assets became an electronic business. 49 New Abuses • The increased availability of online systems and informa6on led to abuses. Instead of worrying only about intrusions by outsiders into computer facili6es and equipment, organiza6ons now had to worry about – computers that were vulnerable to sneak aacks over telephone lines, and – informa6on that could be stolen or changed by intruders who didn’t leave a trace.
  • 33. • Individuals and government agencies expressed concerns about the invasion of privacy posed by the availability individual financial, legal, and medical records on shared online databases. 50 The PC World • The 1980s saw a new dawn in compu6ng. With the introduc6on of the PC, individuals of all ages and occupa6ons became computer users. This technology introduced new risks. Precious and irreplaceable corporate data were now stored on diskees, which could now be lost or stolen. • As PCs proliferated, so too did PC networks, electronic mail, chat rooms, and bulle6n boards, vastly raising the security stakes. The 1980s also saw systems under aack. 51
  • 34. The Future • The challenge of the next decade will be to consolidate what we’ve learned --- to build computer security into our products and our daily rou6nes ,to protect data without unnecessarily impeding our access to it, and to make sure that both products and standards growto meet the ever- increasingscope of challenge of technology. 52 What is Cyberspace? Cyberspace is a worldwide network of computers and the equipment that connects them, which by its very design is free and open to the public (the Internet) As Stanley Konter, CEO of Savannah's Sabre Technologies, notes, "The problem has gotten more prevalent with always-on, high-speed internet access. Attackers are always out there looking for that type of computer."
  • 35. 54 Viruses Viruses infect computers through email attachments and file sharing. They delete files, attack other computers, and make your computer run slowly. One infected computer can cause problems for all computers on a network. Hackers Hackers are people who “trespass” into your computer from a remote location. They may use your computer to send spam or viruses, host a Web site, or do other activities that cause computer malfunctions. Identity Thieves People who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft. Spyware Spyware is software that “piggybacks” on
  • 36. programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions. Cyber-safety is a common term used to describe a set of practices, measures and/or actions you can take to protect personal information and your computer from attacks. First, let’s talk about some common cyber-safety threats and the problems they can cause . . . Cyber-safety & Threats TOP SEVEN CYBER-SAFETY ACTIONS 55 1. Install OS/Software Updates 2. Run Anti-virus Software 3. Prevent Identity Theft 4. Turn on Personal Firewalls 5. Avoid Spyware/Adware
  • 37. 7. Back up Important Files Additional information about each of the actions below is provided on slides 8-14. Faculty and staff should work with their technical support coordinator before implementing these measures. 6. Protect Passwords § Updates-sometimes called patches-fix problems with your operating system (OS) (e.g., Windows XP, Windows Vista, Mac OS X) and software programs (e.g., Microsoft Office applications). § Most new operating systems are set to download updates by default. After updates are downloaded, you will be asked to install them. Click yes! § To download patches for your system and software, visit: § Windows Update: hp://windowsupdate.microso5.com to get or ensure you have all the latest opera6ng system updates only.Newer Windows systems are set to download theseupdates by default. § Microso5 Update: hp://www.update.microso5.com/microso5update/ to get or ensure you have all the latest OS and Microso5 Office so5ware updates. You must sign up for this service.
  • 38. § Apple: hp://www.apple.com/support § Unix: Consult documentation or online help for system update information and instructions. § Be sure to restart your computer after updates are installed so that the patches can be applied immediately. I N S TA L L O S / S O F T WA R E U P D AT E S 56 R U N A N T I - V I R U S S O F T WA R E 57 § To avoid computer problems caused by viruses, install and run an anti-virus program like Sophos. § Periodically, check to see if your anti-virus is up to date by opening your anti-virus program and checking the Last updated: date. § Anti-virus software removes viruses, quarantines and repairs
  • 39. infected files, and can help prevent future viruses. P R E V E N T I D E N T I T Y T H E F T 58 § Don't give out financial account numbers, Social Security numbers, driver’s license numbers or other personal identity information unless you know exactly who's receiving it. Protect others people’s information as you would your own. § Never send personal or confidential information via email or instant messages as these can be easily intercepted. § Beware of phishing scams - a form of fraud that uses email messages that appear to be from a reputable business (often a financial institution) in an attempt to gain personal or account information. These often do not include a personal salutation. Never enter personal information into an online form you accessed via a link in an email you were not expecting. Legitimate businesses will not ask for personal information online. § Order a copy of your credit report from each of the three major credit bureaus-Equifax,
  • 40. Experian, and Trans Union. Reports can be ordered online at each of the bureaus’ Web sites. Make sure reports are accurate and include only those activities you have authorized. T U R N O N P E R S O N A L F I R E WA L L S § Check your computer's security settings for a built-in personal firewall. If you have one, turn it on. Microsoft Vista and Mac OSX have built-in firewalls. For more information, see: • Mac Firewall (docs.info.apple.com/ar6cle.html?path=Mac/10.4/en/mh1042.ht ml) • Microsoft Firewall ( www.microso5.com/windowsxp/using/networking/security/winfi rewall.mspx) • Unix users should consult system documentation or online help for personal firewall instructions and/or recommendations. § Once your firewall is turned on, test your firewall for open ports that could allow in
  • 41. viruses and hackers. Firewall scanners like the one on hp://www.auditmypc.com/firewall-test.asp simplify this process. § Firewalls act as protective barriers between computers and the internet. § Hackers search the Internet by sending out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these calls. 59 A V O I D S P Y WA R E / A D WA R E 60 § Spyware and adware take up memory and can slow down your computer or cause other problems. § Use Spybot and Ad-Aware to remove spyware/adware from your computer. § Watch for allusions to spyware and adware in user agreements before installing free software programs.
  • 42. § Be wary of invitations to download software from unknown internet sources. P R O T E C T P A S S W O R D S 61 § Do not share your passwords, and always make new passwords difficult to guess by avoiding dictionary words, and mixing letters, numbers and punctuation. § Do not use one of these common passwords or any variation of them: qwerty1, abc123, letmein, password1, iloveyou1, (yourname1), baseball1. § Change your passwords periodically. § When choosing a password: o Mix upper and lower case letters o Use a minimum of 8 characters o Use mnemonics to help you remember a difficult password § Store passwords in a safe place. Consider using KeePass Password Safe ( hp://keepass.info/), Keychain (Mac) or an encrypted USB drive to store passwords. Avoid keeping passwords on a Post-it under your keyboard, on your monitor or in a drawer near your computer!
  • 43. B A C K U P I M P O R TA N T F I L E S § Reduce your risk of losing important files to a virus, computer crash, theft or disaster by creating back-up copies. § Keep your critical files in one place on your computer’s hard drive so you can easily create a back up copy. § Save copies of your important documents and files to a CD, online back up service, flash or USB drive, or a server. § Store your back-up media in a secure place away from your computer, in case of fire or theft. § Test your back up media periodically to make sure the files are accessible and readable. 62 CYBER-SAFETY AT HOME § Physically secure your computer by using security cables and locking doors and windows in the dorms and off-campus housing.
  • 44. § Avoid leaving your laptop unsupervised and in plain view in the library or coffee house, or in your car, dorm room or home. § Set up a user account and password to prevent unauthorized access to your computer files. § Do not install unnecessary programs on your computer. § Microsoft users can download the free Secunia Personal Software Inspector (hps://psi.secunia.com/), which lets you scan your computer for any missing operating system or software patches and provides instructions for getting all the latest updates. 63 CYBER-SAFETY AT WORK § Be sure to work with your technical support coordinator before implementing new cyber-safety measures. § Talk with your technical support coordinator about what
  • 45. cyber-safety measures are in place in your department. § Report to your supervisor any cyber-safety policy violations, security flaws/ weaknesses you discover or any suspicious activity by unauthorized individuals in your work area. § Physically secure your computer by using security cables and locking building/office doors and windows. § Do not install unnecessary programs on your work computer. 64 CYBER-SAFETY BASICS QUICK QUIZ 1. True or False? Viruses can be transmitted via email, email attachments or IM. 2. People who seek out your personal information and then use it to commit crimes are called:_____________________ 3. Which of the following are ways to help prevent identity theft. (Check all that apply.) __A. Never send personal information via email or instant
  • 46. messages. __B. Always send personal information via email or instant messages. __C. Lock my office door. __D. Don’t tell anybody my name. 4. True or False? Iloveyou2 is a good password. Why or why not? 5. Which anti-virus program is available to all UC Davis students, faculty and staff for free? ________________________ 6. I just downloaded a free program online and now my computer is running very, very slowly. Which of the following most likely happened? __A. I didn’t install the program properly. __B. I didn’t have enough space on my hard drive for the new program. __C. I downloaded spyware and/or adware, too. __D. Someone snuck in while the program was downloading and changed my password. 7. ___________________help prevent your computer from responding to pings (calls) from hackers. 8. To fix problems with my operating system and/or application software, I should install __________________. Answers on next slide . . . 65
  • 47. QUICK QUIZ ANSWERS 1. True 2. Identity thieves 3. A and C are correct. D would probably help too, but seems a bit extreme! 4. False. Iloveyou2 is a very common password. 5. Sophos Anti-Virus is free to UC Davis students, faculty and staff. 6. C. It’s most likely that you downloaded spyware and/or adware. 7. Firewalls 8. OS and/or software updates (patches) 66 How did you do? 8-7 correct: Fantastic! You can help write the next quiz! 6-5 correct: Good. You can help write the next quiz, but we’ll check it for accuracy . . . just in case. 4-3 correct: You might want to review the material for the questions you missed. 67 Summary By now you should have someidea about • Why we need computer security
  • 48. (preven6on, detec6on and re-ac6on) • What a computer security system does (confiden6ality, integrity, availability, non- repudia6on, authen6ca6on, access control, accountability) • What computer security exerts do (design, implement and evaluate security systems) 68 Summary (Cont.) Ethical decisions regarding IT security include determining which informa6on systems and data most need protec6on 65-fold increase in the number of reported IT security incidents from 1997 to 2003 Mostincidents involve a: • Virus • Worm • Trojan horse • Denial-of-service Key elements of a mul6layer process for managing security vulnerabili6es include: • Threat assessment: to organiza6on’s computersand network • User educa6on: of risks and preventa6ve ac6ons • Response plan
  • 49. Resources • Network World Security Newsleer – hp://www.nwsubscribe.com – Prac6cal advice, not a virusalert newsleer. Especially good for the links to othersecurity resources at the boom of each ar6cle • CERT Coordina6on Center at CMU – hp://www.cert.org • News about system threats, including viruses and other problems. Source for OCTAVE papers and process • Norton An6Virus Site (Symantec) – hp://securityresponse.symantec.com/avcenter/ • McAfee Security (Network Associates) – hp://us.mcafee.com/virusinfo/ 69 Topic #12 Risk Management in a Project
  • 50. Reference: Chapter 11, Information Technology Project Management • Understand risk and the importance of good project risk management • Discuss the elements of planning risk management and the contents of a risk management plan • List common sources of risks on informa8on technology (IT) projects • Describe the process of iden8fying risks and create a risk register • Discuss qualita8ve risk analysis and explain how to calculate risk factors, create probability/impact matrixes, and apply the Top Ten Risk Item Tracking technique to rank risks Learning Objec8ves 2 • Explain quan8ta8ve risk analysis and how to apply decision trees, simula8on, and sensi8vity analysis to quan8fy risks
  • 51. • Provide examples of using different risk response planning strategies to address both nega8ve and posi8ve risks • Discuss how to control risks • Describe how soJware can assist in project risk management Learning Objec8ves (cont’d) 3 • Project risk management is the art and science of iden8fying, analyzing, and responding to risk throughout the life of a project and in the best interests of mee8ng project objec8ves • Risk management is oJen overlooked in projects, but it can help improve project success by helping select good projects, determining project scope, and developing realis8c es8mates The Importance of Project Risk Management 4
  • 52. Benefits from SoJware Risk Management Prac8ces* 5 *Source: Kulik and Weber, KLCI Research Group • Many people around the world suffered from financial losses as various financial markets dropped in the fall of 2008, even aJer the $700 billion bailout bill was passed by the U.S. Congress • According to a global survey of 316 financial services execu8ves, over 70 percent of respondents believed that the losses stemming from the credit crisis were largely due to failures to address risk management issues • They iden8fied several challenges in implemen8ng risk management, including data and company culture issues Global Issues 6 • A dic8onary defini8on of risk is “the possibility
  • 53. of loss or injury” • Nega8ve risk involves understanding poten8al problems that might occur in the project and how they might impede project success • Nega8ve risk management is like a form of insurance;it is an investment Nega8ve Risk 7 • Posi8ve risks are risks that result in good things happening; some8mescalled opportuni8es • A general defini8on of project risk is an uncertainty that can have a nega8ve or posi8ve effect on mee8ng project objec8ves • The goal of project risk management is to minimize poten8al nega8ve risks while maximizing poten8al posi8ve risks Risk Can Be Posi8ve 8 • Risk u'lity or risk tolerance is the amount of sa8sfac8on or pleasure received from a poten8al payoff
  • 54. – U8lity rises at a decreasing rate for people who are risk-averse – Those who are risk-seeking have a higher tolerance for risk and their sa8sfac8on increases when more payoff is at stake – The risk-neutral approach achieves a balance between risk and payoff Risk U8lity 9 Risk U8lity Func8on and Risk Preference 10 • Planning risk management : Deciding how to approach and plan the risk management ac8vi8es for the project • Iden'fying risks: Determining which risks are likely to affect a project and documen8ng the characteris8cs of each • Performing qualita've risk analysis: Priori8zing risks based on their probability and impact of occurrence
  • 55. Project Risk Management Processes 11 • Performing quan'ta've risk analysis: Numerically es8ma8ng the effects of risks on project objec8ves • Planning risk responses: Taking stepsto enhance opportuni8es and reduce threats to mee8ng project objec8ves • Controlling risk: Monitoring iden8fied and residual risks, iden8fying new risks, carrying out risk response plans, and evalua8ng the effec8veness of risk strategies throughout the life of the project Project Risk Management Processes (cont’d) 12 Project Risk Management Summary 13
  • 56. • The main output of this process is a risk management plan—a plan that documents the procedures for managing risk throughout a project • The project team should review project documents and understand the organiza8on’s and the sponsor’s approaches to risk • The level of detail will vary with the needs of the project Planning Risk Management 14 • Methodology • Roles and responsibili8es • Budget and schedule • Risk categories • Risk probability and impact • Revised stakeholders’ tolerances • Tracking • Risk documenta8on Topics Addressed in a Risk Management Plan 15
  • 57. • Con'ngency plans are predefined ac8ons that the project team will take if an iden8fied risk event occurs • Fallback plans are developed for risks that have a high impact on mee8ng project objec8ves, and are put into effect if afempts to reduce the risk are not effec8ve • Con'ngency reserves or allowances are provisions held by the project sponsor or organiza8on to reduce the risk of cost or schedule overruns to an acceptable level; management reserves are funds held for unknown risks Con8ngency and Fallback Plans, Con8ngency Reserves 16 • Several studies showthat IT projects share somecommon sources of risk • The Standish Group developed an IT success poten8al scoring sheetbased on poten8al risks • Other broad categories of risk help iden8fy poten8al risks
  • 58. Common Sources of Risk in Informa8on Technology Projects 17 IT Success Poten8al Scoring Sheet 18 Success Criterion Relative Importance User Involvement 19 Executive Management support 16 Clear Statement of Requirements 15 Proper Planning 11 Realistic Expectations 10 Smaller Project Milestones 9 Competent Staff 8 Ownership 6 Clear Visions and Objectives 3 Hard-Working, Focused Staff 3 Total 100
  • 59. • Market risk • Financial risk • Technology risk • People risk • Structure/process risk Broad Categories of Risk 19 • A risk breakdown structure is a hierarchy of poten8al risk categories for a project • Similar to a work breakdown structure but used to iden8fy and categorizerisks Risk Breakdown Structure 20 Sample Risk Breakdown Structure 21
  • 60. Poten8al Nega8ve Risk Condi8ons Associated With Each Knowledge Area 22 • Iden8fying risks is the process of understanding what poten8al events might hurt or enhance a par8cular project • Anotherconsidera8on is the likelihood of advanced discovery • Risk iden8fica8on tools and techniques include: – Brainstorming – The Delphi Technique – Interviewing – SWOT analysis Iden8fying Risks 23 • Brainstorming is a technique by which a group afempts to generate ideasor find a solu8on for a specific problem by amassing ideasspontaneously and without judgment
  • 61. • Anexperienced facilitator should run the brainstorming session • Be careful not to overuse or misuse brainstorming. – Psychology literature shows that individuals produce a greater number of ideasworking alone than they do through brainstorming in small, face-to-face groups – Group effects oJen inhibit idea genera8on Brainstorming 24 • The Delphi Technique is used to derive a consensus among a panel of experts who make predic8ons about future developments • Provides independent and anonymous input regarding future events • Uses repeated rounds of ques8oning and wrifen responses and avoids the biasing effects possible in oral methods, such as brainstorming Delphi Technique
  • 62. 25 • Interviewing is a fact-finding technique for collec8ng informa8on in face-to-face, phone, e-mail, or instant-messaging discussions • Interviewing people with similar project experience is an important tool for iden8fying poten8al risks Interviewing 26 • SWOT analysis (strengths, weaknesses, opportuni8es, and threats) can also be used during risk iden8fica8on • Helps iden8fy the broad nega8ve and posi8ve risks that apply to a project SWOT Analysis 27 • The main output of the risk iden8fica8on process is a list of iden8fied risks and otherinforma8on needed to begin
  • 63. crea8ng a risk register • A risk register is: – A document that contains the results of various risk management processes and that is oJen displayed in a table or spreadsheet format – A tool for documen8ng poten8al risk events and related informa8on • Risk events refer to specific, uncertain events that may occur to the detriment or enhancement of the project Risk Register 28 • Aniden8fica8on number for each risk event • A rank for each risk event • The name of each risk event • A descrip8on of each risk event • The category under which each risk event falls • The root cause of each risk Risk Register Contents 29
  • 64. • Triggers for each risk; triggers are indicators or symptoms of actual risk events • Poten8al responses to each risk • The risk owner or person who will own or take responsibility for each risk • The probability and impact of each risk occurring. • The status of each risk Risk Register Contents (cont’d) 30 Sample Risk Register 31 • No.: R44 • Rank: 1 • Risk: New customer • Description: We have never done a project for this organization before and don’t know too much about them. One of our company’s strengths is building good customer relationships, which often leads to further projects with that customer. We might have trouble working with this customer because they are new to us. • Category: People risk
  • 65. • Etc. • Assess the likelihood and impact of iden8fied risks to determine their magnitude and priority • Risk quan8fica8on tools and techniques include: – Probability/impact matrixes – The Top Ten Risk Item Tracking – Expert judgment Performing Qualita8ve Risk Analysis 32 • A probability/impact matrix or chartlists the rela8ve probability of a risk occurring on one side of a matrix or axis on a chartand the rela8ve impact of the risk occurring on the other • List the risks and then label each one as high, medium, or low in terms of its probability of occurrence and its impact if it did occur • Can also calculate risk factors: – Numbers that represent the overall risk of specific events based on their probability of occurring
  • 66. and the consequences to the project if they do occur Probability/Impact Matrix 33 Sample Probability/Impact Matrix 34 Chart Showing High-, Medium-, and Low-Risk Technologies 35 • Top Ten Risk Item Tracking is a qualita8ve risk analysis tool that helps to iden8fy risks and maintain an awareness of risks throughout the life of a project • Establish a periodic review of the top ten project risk items • List the current ranking, previous ranking, number of 8mesthe risk appears on the list over a period of 8me, and a summary of progress made in resolving the risk item
  • 67. Top Ten Risk Item Tracking 36 Example of Top Ten Risk Item Tracking 37 • A watch list is a list of risks that are low priority, but are s8ll iden8fied as poten8al risks • Qualita8ve analysis can also iden8fy risks that should be evaluated on a quan8ta8ve basis Watch List 38 • OJen follows qualita8ve risk analysis, but both can be done together • Large, complex projects involving leading edge technologies oJen require extensive quan8ta8ve risk analysis • Main techniques include: – Decision tree analysis – Simula8on – Sensi8vity analysis
  • 68. Performing Quan8ta8ve Risk Analysis 39 • A decision tree is a diagramming analysis technique used to help select the best course of ac8on in situa8ons in which future outcomes are uncertain • Es'mated monetary value (EMV) is the product of a risk event probability and the risk event’s monetary value • You can draw a decision tree to help find the EMV Decision Trees and Expected Monetary Value (EMV) 40 Expected Monetary Value (EMV) Example 41 • Simula8on uses a representa8on or model of a system to analyze the expected behavior or
  • 69. performance of the system • Monte Carlo analysis simulates a model’s outcome many 8mesto provide a sta8s8cal distribu8on of the calculated results • To use a Monte Carlo simula8on, you must have threees8mates (most likely, pessimis8c, and op8mis8c) plus an es8mate of the likelihood of the es8mate being between the most likely and op8mis8c values Simula8on 42 1. Assess the range for the variables being considered 2. Determine the probability distribu8on of each variable 3. For each variable, select a random value based on the probability distribu8on 4. Run a determinis8c analysis or one pass through the model
  • 70. 5. Repeat steps3 and 4 many 8mesto obtain the probability distribu8on of the model’s results Steps of a Monte Carlo Analysis 43 Sample Monte Carlo Simula8on Results for Project Schedule 44 • Sensi'vity analysis is a technique used to show the effects of changing one or more variables on an outcome • For example, many people use it to determine what the monthly payments for a loan will be given different interest rates or periods of the loan, or for determining break-even points based on different assump8ons • Spreadsheet soJware, such as Excel, is a common tool for performing sensi8vity analysis Sensi8vity Analysis 45
  • 71. Sample Sensi8vity Analysis for Determining Break-Even Point 46 • AJer iden8fying and quan8fying risks, you must decide how to respond to them • Four main response strategies for nega8ve risks: – Risk avoidance – Risk acceptance – Risk transference – Risk mi8ga8on Planning Risk Responses 47 General Risk Mi8ga8on Strategies for Technical, Cost, and Schedule Risks 48 • Risk exploita8on • Risk sharing • Risk enhancement
  • 72. • Risk acceptance Response Strategies for Posi8ve Risks 49 • It’s also important to iden8fy residual and secondary risks • Residual risks are risks that remain aJer all of the response strategies have been implemented • Secondary risks are a direct result of implemen8ng a risk response Residual and Secondary Risks 50 • Involves execu8ng the risk management process to respond to risk events and ensuring that risk awareness is an ongoing ac8vity performedby the en8re project team throughout the en8re project • Workaroundsare unplannedresponses to risk events that must be done when thereare no con8ngency plans • Main outputs of risk control are:
  • 73. – Work performance informa8on – change requests – updates to the project management plan, otherproject documents, and organiza8onal process assets Controlling Risks 51 • Risk registers can be created in a simple Word or Excel file or as part of a database • More sophis8cated risk management soJware, such as Monte Carlo simula8ontools, help in analyzing project risks • You can purchase add-ons for Excel and Project 2010 to perform simula8ons Using SoJware to Assist in Project Risk Management 52 • Unlike crisis management, good project risk management oJen goes unno8ced • Well-run projects appear to be almost effortless, but a lot of work goes into running a
  • 74. project well • Project managers should strive to make their jobs look easy to reflect the results of well-run projects Results of Good Project Risk Management 53 • Project risk management is the art and science of iden8fying, analyzing, and responding to risk throughout the life of a project and in the best interests of mee8ng project objec8ves • Main processes include: – Plan risk management – Iden8fyrisks – Perform qualita8ve risk analysis – Perform quan8ta8ve risk analysis – Plan risk responses – Control risks Summary 54 Reference Details
  • 75. 55