Professional Documents
Culture Documents
Introduction to U
Upon completion
l ti off this
thi material,
t i l you should
h ld bbe able
bl tto:
Information Security
Define information security
Relate the history of computer security and how it
Treat your password like your toothbrush.
Don't let anybody else use it, and get a new evolved
l d iinto
t information
i f ti security
it
one every six months.
Define key terms and critical concepts of information
~ Clifford
Cliff d Stoll
St ll security
it
Discuss the phases of the security systems
Business Information development life cycle
System Security & Audit Present the roles of professionals involved in
(BBT3005)
information security within an organization
How Seriously Should You Take Threats to How Seriously Should You Take Threats to
Network Security? Network Security?
•Prove to me that I am not at risk
“No one is coming after my •Overestimate dangers “The sky is falling!”
computer.” •Assumes that talented hackers are
everywhere
•Believes that teenagers with a laptop
•Prove to me that I am at risk can traverse highly secure systems at
•No one has attacked my computers yet. will.
ill
•An educated awareness of true risk Necessary to review the origins of this field and its
•Understands that many “hackers” are impact on our understanding of information security
not as skilled as they claim today
•Takes a balanced view towards securityy
G
Groups ddeveloping
l i code-breaking
d b ki computationst ti dduring
i
World War II created the first modern computers
Networks of computers
p became more common;; so too The Internet brings
g millions of computer
p networks into
did the need to interconnect networks communication with each other—many of them
unsecured
Internet became first manifestation of a global network of
networks Ability to secure a computer’s data influenced by the
security of every computer to which it is connected
In early Internet deployments, security was treated as a
low priority
“The qqualityy or state of beingg secure—to be free from The protection of information and its critical
danger” elements, including systems and hardware that
A successful organization should have multiple layers of use, store, and transmit that information
security in place:
Physical security
Necessary tools: policy, awareness, training,
Personal security
education technology
education,
Operations security C.I.A. triangle was standard based on
Communications security confidentiality, integrity, and availability
Network security
Information security
Temasek Polytechnic (Diploma in BIT) 13 Temasek Polytechnic (Diploma in BIT) 14