SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12

Slides:

Advertisements

Similar presentations

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

Chapter 3 Computer and Internet Crime

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

Ethics in Information Technology, Fourth Edition

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Ethics in Information Technology, Second Edition

Chapter 3 Computer and Internet Crime

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

ICS 434: Computer and Internet crime Aj. Thoranin Intarajak.

Securing Information Systems

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Computer Crime and Information Technology Security

PART THREE E-commerce in Action Norton University E-commerce in Action.

Ethics in Information Technology, Second Edition 1 Computer & Society Week 4 Marwan Al-Namari.

Cyber crime & Security Prepared by : Rughani Zarana.

Prepared by: Dinesh Bajracharya Nepal Security and Control.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.

Computer Crime crime accomplished through knowledge or use of computer technology. Computers are tools – we choose how to use / apply the technology.

Topic 5: Basic Security.

Chap1: Is there a Security Problem in Computing?.

Computer Security By Duncan Hall.

Security and Ethics Safeguards and Codes of Conduct.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

1 Ethics in Information Technology, Second Edition Computer & Society Week 5.

External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.

UNIT II COMPUTER AND INTERNET CRIME. OBJECTIVES 1.Identify key trade-offs and ethical issues associated with safeguarding of data and information systems.

HACKING Submitted By: Ch. Leela Sasi, I M.C.A, Y11MC29011, CJJC P.G College.

Securing Information Systems

Securing Information Systems

Seminar On Ethical Hacking Submitted To: Submitted By:

Add video notes to lecture

PRIVACY AND SECURITY (CCI410) PERTEMUAN 5 IR. NIZIRWAN ANWAR, MT

Instructor Materials Chapter 7 Network Security

Fundamentals of Information Systems

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.

PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS ILMU KOMPUTER

Securing Information Systems

Security in Networking

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Risk of the Internet At Home

Malware, Phishing and Network Policies

Computer Crime and Security Measures

E-Commerce Security and Fraud Issues and Protections

ETHICAL ISSUES IN INFORMATION TECHNOLOGY (CCI410) PERTEMUAN 7

Chapter 9 E-Commerce Security and Fraud Protection

INFORMATION SYSTEMS SECURITY and CONTROL

Faculty of Science IT Department By Raz Dara MA.

Computer and Internet Crime Privacy

Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where.

Computer Security By: Muhammed Anwar.

Chapter # 3 COMPUTER AND INTERNET CRIME

ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.

Presentation transcript:

SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12 IR. NIZIRWAN ANWAR, MT PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS ILMU KOMPUTER

IT Security Incidents: A Major Concern Security of information technology is of utmost importance Safeguard: Confidential business data Private customer and employee data Protect against malicious acts of theft or disruption Balance against other business needs and issues Number of IT-related security incidents is increasing around the world

Why Computer Incidents Are So Prevalent Increasing complexity increases vulnerability Computing environment is enormously complex Continues to increase in complexity Number of entry points expands continuously Cloud computing and virtualization software Higher computer user expectations Computer help desks under intense pressure Forget to verify users’ IDs or check authorizations Computer users share login IDs and passwords

Expanding/changing systems equal new risks Network era Personal computers connect to networks with millions of other computers All capable of sharing information Information technology Ubiquitous Necessary tool for organizations to achieve goals Increasingly difficult to match pace of technological change

Increased reliance on commercial software with known vulnerabilities Exploit Attack on information system Takes advantage of system vulnerability Due to poor system design or implementation Patch “Fix” to eliminate the problem Users are responsible for obtaining and installing Delays expose users to security breaches

Types of Exploits Computers as well as smartphones can be target Types of attacks Virus Worm Trojan horse Distributed denial of service Rootkit Spam Phishing (spear-phishing, smishing, and vishing)

Types of Perpetrators Perpetrators include: Thrill seekers wanting a challenge Common criminals looking for financial gain Industrial spies trying to gain an advantage Terrorists seeking to cause destruction Different objectives and access to varying resources Willing to take different levels of risk to accomplish an objective

Hackers and Crackers Hackers Test limitations of systems out of intellectual curiosity Some smart and talented Others inept; termed “lamers” or “script kiddies” Crackers Cracking is a form of hacking Clearly criminal activity

Cybercriminals Hack into corporate computers to steal Engage in all forms of computer fraud Chargebacks are disputed transactions Loss of customer trust has more impact than fraud To reduce potential for online credit card fraud: Use encryption technology Verify the address submitted online against the issuing bank Request a card verification value (CVV) Use transaction-risk scoring software

Hacktivists and Cyberterrorists Hacktivism Hacking to achieve a political or social goal Cyberterrorist Attacks computers or networks in an attempt to intimidate or coerce a government in order to advance certain political or social objectives Seeks to cause harm rather than gather information Uses techniques that destroy or disrupt services

Implementing Trustworthy Computing

Trustworthy computing Delivers secure, private, and reliable computing Based on sound business practices Security of any system or network Combination of technology, policy, and people Requires a wide range of activities to be effective Systems must be monitored to detect possible intrusion Clear reaction plan addresses: Notification, evidence protection, activity log maintenance, containment, eradication, and recovery

Establishing a Security Policy A security policy defines: Organization’s security requirements Controls and sanctions needed to meet the requirements Delineates responsibilities and expected behavior Outlines what needs to be done Not how to do it Automated system policies should mirror written policies

Trade-off between: Ease of use Increased security Areas of concern Email attachments Wireless devices VPN uses the Internet to relay communications but maintains privacy through security features Additional security includes encrypting originating and receiving network addresses

KEMAMPUAN AKHIR YANG DIHARAPKAN Mahasiswa secara aktif, kreatif dan dapat ber- inovasi dalam mengerti dan memahami tentang tentang Security Policies, Laws and Computer Crimes.