Scribd Logo
Upload

Welcome to Scribd!

  • Intro To Info Security Part 1

    Uploaded by

    Benson Poh
    39 views4 pages
    Information security is a "well-informed sense of y assurance that the information risks and controls are in balance" y y Began immediately after the first mainframes were g y developed. During World War II created the first modern computers physical controls to limit access to sensitive military locations.

    Original Description:

    Original Title

    Intro to Info Security Part 1

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Information security is a "well-informed sense of y assurance that the information risks and controls are in balance" y y Began immediately after the first mainframes were g y developed. During World War II created the first modern computers physical controls to limit access to sensitive military locations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    39 views4 pages

    Intro To Info Security Part 1

    Uploaded by

    Benson Poh
    Information security is a "well-informed sense of y assurance that the information risks and controls are in balance" y y Began immediately after the first mainframes were g y developed. During World War II created the first modern computers physical controls to limit access to sensitive military locations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Learning Objectives

    Introduction to U
    Upon completion
    l ti off this
    thi material,
    t i l you should
    h ld bbe able
    bl tto:
    Information Security
    ƒ Define information security
    ƒ Relate the history of computer security and how it
    Treat your password like your toothbrush.
    Don't let anybody else use it, and get a new evolved
    l d iinto
    t information
    i f ti security
    it
    one every six months.
    ƒ Define key terms and critical concepts of information
    ~ Clifford
    Cliff d Stoll
    St ll security
    it
    ƒ Discuss the phases of the security systems
    Business Information development life cycle
    System Security & Audit ƒ Present the roles of professionals involved in
    (BBT3005)
    information security within an organization

    Temasek Polytechnic (Diploma in BIT) 1 Temasek Polytechnic (Diploma in BIT) 2

    How Seriously Should You Take Threats to How Seriously Should You Take Threats to
    Network Security? Network Security?
    •Prove to me that I am not at risk
    “No one is coming after my •Overestimate dangers “The sky is falling!”
    computer.” •Assumes that talented hackers are
    everywhere
    •Believes that teenagers with a laptop
    •Prove to me that I am at risk can traverse highly secure systems at
    •No one has attacked my computers yet. will.
    ill

    •Reactive approach to security


    •Wait
    W it until
    til after
    ft an incident
    i id t occurs to
    t
    address security issues.

    Temasek Polytechnic (Diploma in BIT) 3 Temasek Polytechnic (Diploma in BIT) 4


    How Seriously Should You Take Threats to
    Introduction
    Network Security?
    ƒ Information security:
    y a “well-informed sense of
    Middle ground assurance that the information risks and controls are in
    balance.” — Jim Anderson, Inovant (2002)

    •An educated awareness of true risk ƒ Necessary to review the origins of this field and its
    •Understands that many “hackers” are impact on our understanding of information security
    not as skilled as they claim today
    •Takes a balanced view towards securityy

    Temasek Polytechnic (Diploma in BIT) 5 Temasek Polytechnic (Diploma in BIT) 6

    The Historyy of Information Securityy Figure


    g 1-1 – The Enigma
    g
    ƒ Began
    g immediatelyy after the first mainframes were
    developed

    ƒ G
    Groups ddeveloping
    l i code-breaking
    d b ki computationst ti dduring
    i
    World War II created the first modern computers

    ƒ Physical controls to limit access to sensitive military


    locations to authorized personnel

    ƒ Rudimentary in defending against physical theft,


    espionage and sabotage
    espionage,

    Temasek Polytechnic (Diploma in BIT) 7 Temasek Polytechnic (Diploma in BIT) 8


    The 1960s The 1970s and 80s

    ƒ Advanced Research Project j Agency


    g y ((ARPA)) began
    g to ƒ Information securityy began
    g with Rand Reportp R-609 (p
    (paper
    p
    examine feasibility of redundant networked that started the study of computer security)
    communications
    ƒ Scope of computer security grew from physical security to
    include:
    ƒ Larry Roberts developed ARPANET from its inception
    ƒ Safety of data
    ƒ Limiting unauthorized access to data
    ƒ Involvement of personnel from multiple levels of an
    organization

    Temasek Polytechnic (Diploma in BIT) 9 Temasek Polytechnic (Diploma in BIT) 10

    The 1990s The Present

    ƒ Networks of computers
    p became more common;; so too ƒ The Internet brings
    g millions of computer
    p networks into
    did the need to interconnect networks communication with each other—many of them
    unsecured
    ƒ Internet became first manifestation of a global network of
    networks ƒ Ability to secure a computer’s data influenced by the
    security of every computer to which it is connected
    ƒ In early Internet deployments, security was treated as a
    low priority

    Temasek Polytechnic (Diploma in BIT) 11 Temasek Polytechnic (Diploma in BIT) 12


    What is Security?
    y What is Security?
    y ((continued))

    ƒ “The qqualityy or state of beingg secure—to be free from ƒ The protection of information and its critical
    danger” elements, including systems and hardware that
    ƒ A successful organization should have multiple layers of use, store, and transmit that information
    security in place:
    ƒ Physical security
    ƒ Necessary tools: policy, awareness, training,
    ƒ Personal security
    education technology
    education,
    ƒ Operations security ƒ C.I.A. triangle was standard based on
    ƒ Communications security confidentiality, integrity, and availability
    ƒ Network security
    ƒ Information security
    Temasek Polytechnic (Diploma in BIT) 13 Temasek Polytechnic (Diploma in BIT) 14

    Critical Characteristics of Information

    ƒ The value of information comes from the characteristics it


    possesses:
    ƒ Availabilityy
    ƒ Accuracy
    ƒ Authenticity
    ƒ Confidentiality
    ƒ Integrity
    ƒ Utility
    ƒ Possession

    Temasek Polytechnic (Diploma in BIT) 15

    You might also like