1 / 16

IT Security

IT Security. CS5493(74293). IT Security. Q: Why do you need security? A: To protect assets. What are assets?. Any item that has value: People Intellectual property Physical property Data Services Reputation Assets are the things you want to protect. The SA and Assets. People

helmut
Download Presentation

IT Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT Security CS5493(74293)

  2. IT Security Q: Why do you need security? A: To protect assets.

  3. What are assets? • Any item that has value: • People • Intellectual property • Physical property • Data • Services • Reputation • Assets are the things you want to protect

  4. The SA and Assets • People • Employees • Shareholders • Customers • Contractors

  5. The SA and Assets • Physical - The information computing system (hardware, software)

  6. The SA and Assets • Intellectual property • Patents • Proprietary source code. • Formulas • plans

  7. The SA and Assets • Data • Financial data • Customer database • Inventory • Scientific data

  8. The SA and Assets • Services • Availability of services • Productivity of employees

  9. SA and Services • Reputation • Brand image

  10. Attacks, Threats, &Vulnerabilities • Assets are subject to • Threats • Vulnerabilities • Attacks

  11. SA: Threats • A threat is a potential action that could compromise an asset.

  12. SA: Vulnerabilities • A vulnerability is a weakness in a system that makes it possible for a threat to cause harm.

  13. SA: Attacks • An attack is an action that compromises an asset.

  14. Risks • All risk cannot be eliminated. • Risk is managed analytically through risk analysis.

  15. Risk Analysis • Quantifying (in monetary terms) the impact of attacks, threats, and vulnerabilities upon assets.

  16. Security Summary • Protect your assets • Understand the threats • Eliminate the vulnerabilities • Reach an acceptable level of risk

More Related