SlideShare a Scribd company logo

Information Assurance Presentation

Download as PPT, PDF
Rebecca Patient
Rebecca Patient
1 of 7
INFORMATION ASSURANCE Threats, Attacks & Controls Rebecca Patient Cyber Security
KEY THREATS – HUMAN FACTORS • THE GET OUT CLAUSE: “NOT MY FAULT”. 12/11/2014CMPRPATI 2 • ISSUES OCCUR AROUND: 80-90% INTERNALLY & ONLY 20% EXTERNALLY.
LIKELIHOOD OF ATTACKS IT Students – cracking passwords using Hash Kracker to gain access to lecturer's partition on the drive: •Risk Calculation: Risk = Threat x Likelihood x Cost. •Less than 1% chance of an attack occurring. Other breaches: •Inability to hide grades permitting confidential information to be misused. 12/11/2014CMPRPATI 3
MAIN CONTROL'S:    Misuse of Privileges – Sanction.  Protocol Penetration – Consent Form.  Check firewalls & anti-virus software.  Non-Authorisation – Passwords with authentication, smart cards and biometrics.  Create a vulnerability list - maintain procedures.  Hacker Profiling. 12/11/2014CMPRPATI 4 • Risk Assessment / Auditing processes !!
PAUSE FOR THOUGHT - FUTURE ISSUES? 12/11/2014CMPRPATI 5 • A Possible 9/11 of the University Cyber World? • No, an attack would be unseen until those person(s) would want you to know. • Or is it reality? Blackboard brought to a stand still. SECURITY IS ONGOING PROCESS !
12/11/2014CMPRPATI 6 For More Information – check out these Links: HTTPS://WWW.CYBERSTREETWISE.COM HTTP://WWW.BBC.CO.UK/PROGRAMMES/B04P23 MV : CYBER CRIMES WITH BEN HAMMERSLEY Next: Risk Assessment to be produced.
12/11/2014CMPRPATI 7 THANKS FOR LISTENING ANY QUESTIONS?

Recommended

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
Nguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISONguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISOSecurity Bootcamp
 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochureKnowledgehut
 
Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical HackerKnowledgehut
 
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunk
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskSurfWatch Labs
 
Threat Modeling Web Applications
Threat Modeling Web ApplicationsThreat Modeling Web Applications
Threat Modeling Web ApplicationsNadia BENCHIKHA
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 

Recommended

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
Nguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISONguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISOSecurity Bootcamp
 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochureKnowledgehut
 
Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical HackerKnowledgehut
 
SplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunkLive! London - Scoping Infections and Disrupting Breaches breakout
SplunkLive! London - Scoping Infections and Disrupting Breaches breakoutSplunk
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskSurfWatch Labs
 
Threat Modeling Web Applications
Threat Modeling Web ApplicationsThreat Modeling Web Applications
Threat Modeling Web ApplicationsNadia BENCHIKHA
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking ClassLaney Dale
 
Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksAPNIC
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Exclusive Networks ME
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Joel Aleburu
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingChetanmalviya8
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma begmohsin
 
CV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UKCV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UKThiago Cunha
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
Introduction to ceh
Introduction to cehIntroduction to ceh
Introduction to cehHemant Mittal
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghOWASP Delhi
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingRochester Security Summit
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For CybersecurityNathan Anderson
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 

More Related Content

What's hot

Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking ClassLaney Dale
 
Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksAPNIC
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Exclusive Networks ME
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Joel Aleburu
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma begmohsin
 
CV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UKCV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UKThiago Cunha
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghOWASP Delhi
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 

What's hot (20)

Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking Class
 
Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacks
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing
 
Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
 
Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma Ethical System Hacking- Cyber Training Diploma
Ethical System Hacking- Cyber Training Diploma
 
CV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UKCV -Thiago Cunha da Silva - UK
CV -Thiago Cunha da Silva - UK
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by prime
 
Introduction to ceh
Introduction to cehIntroduction to ceh
Introduction to ceh
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep Singh
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 

Similar to Information Assurance Presentation

2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For CybersecurityNathan Anderson
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link임채호 박사님
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkJack Shaffer
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack DemonstrationAlert Logic
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Rishabh Gupta
 
[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information Disclosure[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information DisclosureOWASP EEE
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From CybercrimeDavid J Rosenthal
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
Threat Modeling
Threat ModelingThreat Modeling
Threat Modelingkeyuradmin
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci complianceShiva Hullavarad
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci complianceShiva Hullavarad
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 

Similar to Information Assurance Presentation (20)

2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
2016 ISACA NACACS - Audit As An Impact Player For Cybersecurity
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link
 
Malware
MalwareMalware
Malware
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
 
Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2
 
[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information Disclosure[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information Disclosure
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Threat Modeling
Threat ModelingThreat Modeling
Threat Modeling
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci compliance
 
Monitoring threats for pci compliance
Monitoring threats for pci complianceMonitoring threats for pci compliance
Monitoring threats for pci compliance
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 

Information Assurance Presentation

  • 1. INFORMATION ASSURANCE Threats, Attacks & Controls Rebecca Patient Cyber Security
  • 2. KEY THREATS – HUMAN FACTORS • THE GET OUT CLAUSE: “NOT MY FAULT”. 12/11/2014CMPRPATI 2 • ISSUES OCCUR AROUND: 80-90% INTERNALLY & ONLY 20% EXTERNALLY.
  • 3. LIKELIHOOD OF ATTACKS IT Students – cracking passwords using Hash Kracker to gain access to lecturer's partition on the drive: •Risk Calculation: Risk = Threat x Likelihood x Cost. •Less than 1% chance of an attack occurring. Other breaches: •Inability to hide grades permitting confidential information to be misused. 12/11/2014CMPRPATI 3
  • 4. MAIN CONTROL'S:    Misuse of Privileges – Sanction.  Protocol Penetration – Consent Form.  Check firewalls & anti-virus software.  Non-Authorisation – Passwords with authentication, smart cards and biometrics.  Create a vulnerability list - maintain procedures.  Hacker Profiling. 12/11/2014CMPRPATI 4 • Risk Assessment / Auditing processes !!
  • 5. PAUSE FOR THOUGHT - FUTURE ISSUES? 12/11/2014CMPRPATI 5 • A Possible 9/11 of the University Cyber World? • No, an attack would be unseen until those person(s) would want you to know. • Or is it reality? Blackboard brought to a stand still. SECURITY IS ONGOING PROCESS !
  • 6. 12/11/2014CMPRPATI 6 For More Information – check out these Links: HTTPS://WWW.CYBERSTREETWISE.COM HTTP://WWW.BBC.CO.UK/PROGRAMMES/B04P23 MV : CYBER CRIMES WITH BEN HAMMERSLEY Next: Risk Assessment to be produced.