Information security involves protecting information by mitigating risks. Common cyber attacks include denial-of-service attacks, man-in-the-middle attacks, phishing, malware, and password attacks. The goals of cyber security are confidentiality, integrity, and availability, known as the CIA triads. Cyber attacks can be accidental, purposeful, or due to human error and threaten e-commerce security systems like electronic payments, e-cash, and credit/debit cards.

1. Information
Security
Concepts

2. Agenda
1 3
2
Information
Security
Overview
&
Current
Scenario
1
Goals
for
Security
3
Types
of attack
2 s
4
e-Commerce
Security

3. 1
• What is Information Security
Information security is the practice of
protecting information by mitigating
information risks. It is part of
information risk management.
• Current Scenario
National Association of Software
and Service Companies
(NASSCOM) is the premier global
trade body and the chamber of
commerce of the IT software and
services industry in India.

4. Types of Cyber Attacks
A cyber attack is any type of offensive action that
targets computer information systems,
infrastructures, computer networks or personal
computer devices, using various methods to steal,
alter or destroy data or information systems.
What is a Cyber Attack?

5. 2
Types
• Denial-of-service (DoS) and distributed denial-of-
service (DDoS) attacks
• Man-in-the-middle (MitM) attack
• Phishing and spear phishing attacks
• Drive-by attack
• Password attack
• SQL injection attack
• Cross-site scripting (XSS) attack
• Eavesdropping attack
• Birthday attack
• Malware attack

6. Types of DoS attack
TCP SYN flood attack
Teardrop attack
Smurf attack
Ping of death attack
Botnets

7. Man in the Middle Attack
Session hijacking

8. 1.IP Spoofing
2.Replay
3. Phishing and spear phishing attacks

9. Cyber Security
Goals

10. 1
• Confidentiality
• Integrity
• Availability
CIA Triads

11. 1

12. 1
• Accidental
• Purposeful
• Human Error

13. 1
• Electronic Payment System
• e-cash
• Credit/Debit Card