Information Security (infoSec), CIA triad, threats,Audit, Risk Analysis

1. INFORMATION SECURITY
(infosec)
Presented by:
Isha Rana

2. AGENDA
 What is Information Security?
 Threats
 Why Information Security?
 What can we do?

3. What is Information Security?
Information security (infosec) is a set of
strategies for managing the
processes, tools and policies
necessary to prevent, detect,
document and counter threats to
digital and non-digital information.

4. Responsibilities
Infosec responsibilities include
establishing a set of business
processes that will protect information
assets regardless of how the
information is formatted or whether it
is in transit, is being processed or is at
rest in storage.

5. CIA triad
Infosec programs are built around the core
objectives of the CIA triad: maintaining the
 confidentiality
 integrity
 availability
of IT systems and business data.
These objectives ensure that sensitive
information is only disclosed to authorized
parties (confidentiality), prevent
unauthorized modification of data (integrity)
and guarantee the data can be accessed by
authorized parties when requested
(availability).

6. Threats
Malware:
◦ Hostile, intrusive, or annoying software or
program code ("malicious" + "software“)
◦ Includes computer viruses, worms, trojan horses,
bots, spyware, adware, etc
◦ Software is considered malware based on the
intent of the creator rather than any particular
features

7. Threats
Internet bot:
◦ also known as web robots, are automated
internet applications controlled by software
agents
◦ These bots interact with network services
intended for people, carrying out monotonous
tasks and behaving in a humanlike manner (i.e.,
computer game bot)
◦ Bots can gather information, reply to queries,
provide entertainment, and serve commercial
purposes.
◦ Botnet - a network of "zombie" computers used
to do automated tasks such as spamming or
reversing spamming

8. Definitions
Adware:
◦ Advertising-supported software is any
software package which automatically plays,
displays, or downloads advertising material to a
computer after the software is installed on it or
while the application is being used.
◦ Adware is software integrated into or bundled
with a program, typically as a way to recover
programming development costs through
advertising income

9. Threats
Spyware:
◦ A broad category of software designed to
intercept or take partial control of a computer's
operation without the informed consent of that
machine's owner or legitimate user
◦ In simpler terms, spyware is a type of program
that watches what users do with their computer
and then sends that information over the internet

10. Threats
Spyware:
◦ Spyware can collect many different types of
information about a user:
 Records the types of websites a user visits
 Records what is typed by the user to intercept
passwords or credit card numbers
 Used to launch “pop up” advertisements
◦ Many legitimate companies incorporate forms of
spyware into their software for purposes of
advertisement(Adware)

11. Spyware Example

12. Spyware Example
(add-on toolbars)

13. Threats
Spam:
◦ Spamming is the abuse of electronic messaging
systems to send unsolicited, undesired bulk
messages
◦ Spam media includes:
 e-mail spam (most widely recognized form)
 instant messaging spam
 Usenet newsgroup spam
 Web search engine spam
 spam in blogs
 mobile phone messaging spam

14. Spam Example

15. Threats
Phishing:
◦ A criminal activity using social engineering
techniques.
◦ An attempt to acquire sensitive data, such as
passwords and credit card details, by
masquerading as a trustworthy person or
business in an electronic communication.
◦ Typically carried out using email or an instant
message

16. Phishing Example
Points to “bad” IP
Address!

17. Identity Theft
Protecting your online privacy is the
best step you can take in preventing
the new but popular crime of Identity
Theft: stealing someone's "identity" in
order to fraudulently carry out
monetary transactions in the name of
the stolen identity.

18. Why Information Security
(infosec)?
 Governments, commercial businesses, and
individuals are all storing information
electronically
◦ compact, instantaneous transfer, easy access
 Ability to use information more efficiently has
resulted in a rapid increase in the value of
information
 Information stored electronically faces new
and potentially more damaging security
threats
◦ can potentially be stolen from a remote location
◦ much easier to intercept and alter electronic
communication than its paper-based
predecessors

19. What can we do?
Firewalls
 A "network firewall" is like a filter for
Internet messages: it lets some pass
through, but blocks others.
 A firewall selectively allows certain
messages to pass through based on
its type (e-mail, web, file sharing). All
other messages are stopped at the
gates.

20. Authenticating Sites and Using
Encryption
There are two main problems with the
out-of-the-box Internet:
i. identifying people or computers at
the other end of the network
ii. guarding against eavesdroppers.
Authentication solves the first problem,
and encryption solves the second.

21. Audit
A chronological record of system
activities that is sufficient to enable the
reconstruction and examination of a
given sequence of events

22. Risk analysis
The process of identifying: Security
risks

23. Symmetric and public key
cryptosystems
Symmetric-key cryptosystem
 same key is used for encryption
and decryption
 system with 1000 users requires
499,500 keys
◦ each pair of users requires a
different key
Example: DES
Public-key cryptosystem
 separate keys for encryption
and decryption
 system with 1000 users requires
2000 keys
◦ each individual user has
exactly two keys
Example: RSA

24. THANK YOU!