All information security measures try to address at least one of three goals:
i. Protect the confidentiality of data ii. Preserve the integrity of data
iii. Promote the availability of data for authorized use
1. Confidentiality: Ensure that necessary level of secrecy is enforced at each point of data processing and prevents
unauthorized disclosure. Sensitive information should be available only to a set of predefined individuals. Unauthorized transmission and usage of information should be restricted.
2. Integrity: Ensuring the accuracy and consistency of information overtime. Integrity of data is protected when the assurance of accuracy and reliability of information and system is provided, and unauthorized modification is prevented.
Integrity models keep data pure and trustworthy by protecting system data from intentional or accidental changes. Integrity models have three goals:
• Prevent unauthorized users from making modifications to data or programs
• Prevent authorized users from making improper or unauthorized modifications
• Maintain internal and external consistency of data and programs An example of integrity checks is balancing a batch of transactions to make sure that all the information is present and accurately accounted for.
3. Availability: Ensures that authorized users have continued and timely access to information and resources. Availability models keep data and resources available for authorized use, especially during emergencies or disasters. Information security professionals usually address three common challenges to availability:
• Denial of service (DoS) due to intentional attacks or because of undiscovered flaws in implementation (for example, a program written by a programmer who is unaware of a flaw that could crash the program if a certain unexpected input is encountered)
• Loss of information system capabilities because of natural disasters (fires, floods, storms, or earthquakes) or human actions (bombs or strikes)
• Equipment failures during normal use NB: Some activities that preserve confidentiality, integrity, and/or availability are granting access only to authorized personnel, applying encryption to information that will be sent over the Internet or stored on digital media, periodically testing computer system security to uncover new vulnerabilities, building software defensively, and developing a disaster recovery plan to ensure that the business can continue to exist in the event of a disaster or loss of access by personnel.
6.8 SECURITY THREATS
A Threat is any potential danger to information or system.
It can also define as any circumstance that may cause direct or indirect harm to the information, systems or organization assets.
Computer crime and abuse
Any violations of criminal law that involve knowledge of computer technology for their perpetration, investigation, or prosecution.
Computer may be target/victims of crime or instrument of crime.
Alternatively referred to as cybercrime, e crime, electronic crime, or hi-tech crime. Computer crime is an act performed by a knowledgeable computer user, sometimes referred to as a hacker that illegally browses or steals a company’s or individuals’ private information. In some cases, this person or group of individuals may be malicious and destroy or otherwise corrupt the computer or data files.
Examples of computer crimes
Below is a listing of the different types of computer crimes today. Clicking on any of the links below gives further information about each crime. i. Child pornography – Making or distributing child pornography.
ii. Copyright violation – Stealing or using another person’s Copyrighted material without permission. iii. Cracking – Breaking or deciphering codes that are being used to protect data. iv. Cyber terrorism – Hacking, threats, and blackmailing towards a business or person. v. Cyberbully or Cyberstalking – Harassing or stalking others online. vi. Cybersquatting – Setting up a domain of another person or company with the sole intentions of selling it to them later at a premium price. vii. Creating Malware – Writing, creating, or distributing malware (e.g., viruses and spyware.) Computer viruses -These are program instructions that are able not only to perform malicious acts but also to insert copies of themselves into other programs and thus spread to other computer systems. Common types of virus:
a) Boot Sector Virus
From a user perspective, boot sector viruses are some of the most dangerous. Because they infect the master boot record, they are notoriously difficult to remove, often requiring a full system format. This is especially true if the virus has encrypted the boot sector or excessively damaged the code.
b) Direct Action Virus
A direct-action virus is one of the two main types of file infector viruses (the other being a resident virus). The virus is considered “non-resident”; it doesn’t install itself or remain hidden in your computer’s memory. It works by attaching itself to a particular type of file (typically EXE or COM files). When someone executes the file, it springs into life, looking for other similar files in the directory for it to spread to.
c) Resident Virus
Resident viruses are the other primary type of file infectors. Unlike direct action viruses, they install themselves on a computer. It allows them to work even when the original source of the infection has been eradicated.
d) Multipartite Virus
While some viruses are happy to spread via one method or deliver a single payload, multipartite viruses want it all. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files. They can simultaneously infect both the boot sector and executable files, allowing them to act quickly and spread rapidly.
e) Polymorphic Virus
According to Symantec, polymorphic viruses are one of the most difficult to detect/remove for an anti-virus program. It claims anti-virus firms need to “spend days or months creating the detection routines needed to catch a single polymorphic”. But why are they so hard to protect against? The clue is in the name. Anti-virus software can only blacklist one variant of a virus—but a polymorphic virus changes its signature (binary pattern) every time it replicates. To an anti-virus program, it looks like an entirely different piece of software, and can, therefore, elude the blacklist.
f) Overwrite Virus
To an end-user, an overwrite virus is one of the most frustrating, even if it’s not particularly dangerous for your system as a whole. That’s because it will delete the contents of any file which it infects; the only way to remove the virus is to delete the file, and consequently, lose its contents. It can infect both standalone files and entire pieces of software.
g) Space filler Virus
Also known as “Cavity Viruses”, space filler viruses are more intelligent than most of their counterparts. A typical modus operandi for a virus is to simply attach itself to a file, but space fillers try to get into the empty space which can sometimes be found within the file itself.
viii. Denial of Service attack – Overloading a system with so many requests it cannot serve normal requests.
ix. Espionage – Spying on a person or business.
x. Fraud – Manipulating data, e.g., changing banking records to transfer money to an account or participating in credit card fraud.
xi. Harvesting – Collect account or other account related information on other people.
xii. Human trafficking – Participating in the illegal act of buying or selling other humans.
xiii. Identity theft – Pretending to be someone you are not.
xiv. Illegal sales – Buying or selling illicit goods online including drugs, guns, and psychotropic substances.
xv. Intellectual property theft – Stealing practical or conceptual information developed by another person or company.
xvi. IPR violation – An intellectual property rights violation is any infringement of another’s Copyright, patent, or trademark.
xvii. Phishing – Deceiving individuals to gain private or personal information about that person.
xviii. Salami slicing – Stealing tiny amounts of money from each transaction.
xix. Scam – Tricking people into believing something that is not true.
xx. Slander – Posting libel or slander against another person or company.
xxi. Software piracy – Copying, distributing, or using software that is copyrighted that you did not purchase.
xxii. Spamming – Distributed unsolicited e-mail to dozens or hundreds of different addresses.
xxiii. Spoofing – Deceiving a system into thinking you are someone you really are not.
xxiv. Typo squatting – Setting up a domain that is a misspelling of another domain.
xxv. Unauthorized access – Gaining access to systems you have no permission to access.
xxvi. Wiretapping – Connecting a device to a phone line to listen to conversations.
6.9 AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) Is a set of policies and procedures for systematically managing an organization’s sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach. Range of responsibilities expected of an information security manager include the following: –
• Provide information security awareness training to organization personnel.
• Creating and managing security strategies.
• Oversee information security audits, whether by performed by organization or third-party personnel.
• Manage security team members and all other information security personnel.
• Provide training to information security personnel during onboarding.
• Evaluate department budget and costs associated with technological training.
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
• Implement and oversee technological upgrades, improvements and major changes to the information security environment.
• Serve as a focal point of contact for the information security team and the customer or organization.
• Manage and configure physical security, disaster recovery and data backup systems.
• Communicate information security goals and new programs effectively with other department managers within the organization.
(adsbygoogle = window.adsbygoogle || []).push({});
One thought on “ICT RISK MANAGEMENT-PRINCIPLES OF SECURITY”
Comments are closed.