IT Security “Knowing the potential threat to YOU and your business” Ian McLachlan IT Manager.

Slides:



Advertisements
Similar presentations
POSSIBLE THREATS TO DATA
Advertisements

7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Mr C Johnston ICT Teacher
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Securing Information Systems
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PART THREE E-commerce in Action Norton University E-commerce in Action.
PCI: As complicated as it sounds? Gerry Lawrence CTO
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
Lesson 5 Knowing the Threat. Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Mobile Banking By: Chenyu Gong, Jalal Hafidi, Harika Malineni.
Information Systems Security Operations Security Domain #9.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
IS Network and Telecommunications Risks Chapter Six.
Encryption and Hacking By Steph Garrihy. What is Encryption? Encryption is when data is scrambled by software using a preset key so that anyone viewing.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
Hurdles in implementation of cyber security in India.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Bailey Ryan.
South Wales Cyber Security Cluster A networking group with a purpose Membership Open to anyone with an interest in Cyber Security.
Engineering and Management of Secure Computer Networks School of Engineering © Steve Woodhead 2009 Corporate Governance and Information Security (InfoSec)
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
Cybersecurity Test Review Introduction to Digital Technology.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Regional Cyber Crime Unit
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
Information Management System Ali Saeed Khan 29 th April, 2016.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
Securing Information Systems
Seminar On Ethical Hacking Submitted To: Submitted By:
Secure Software Confidentiality Integrity Data Security Authentication
Securing Information Systems
Unit 1.6 Systems security Lesson 3
Malware, Phishing and Network Policies
Prepared By : Binay Tiwari
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
1.2.2 Security aspects • Show understanding of the security aspects of using the Internet and understand what methods are available to help minimise the.
G061 - Network Security.
6. Application Software Security
Unit 1.6 Systems security Lesson 1
Presentation transcript:

IT Security “Knowing the potential threat to YOU and your business” Ian McLachlan IT Manager

Introduction Ian McLachlan (IT Manager) Responsible for the IT infrastructure within Avogel (UK) and it’s sister companies Background:Support & Maintenance, Networking, Project Management, Security & Pen-Testing, PCI Compliance Tel: Mob:

Index  Hacking, Cracking, Penetration Testing… What is it?  “Who” and “What” are the threats?  Common Attacks and Attack Surfaces  Myths and Liabilities  Facts  Protecting you and your business  Q&A / Discussion

Hacking, Cracking, Pen-Testing… What is it? Hacking, Pen-Testing, Cracking… : Trying to gain access to data, systems or equipment that have been configured to restrict access from unauthorised sources WhiteHats, BlackHats, GreyHats IT Security : “Is a branch of computer technology in relation to computers and networks. The objective of IT security includes the protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. “ System Admin’s or IT Security Personnel

“Who” and “What” are the threats? BlackHats (and to a lesser extent GH)  “The Opportunist” ( target : Anyone) Mot: See what turns up. No defined plan or agenda Threat/Obj : Anything and everything  The “Mark” ( target : You/Business) Mot: Firm objective (personal/business), planned, determined Threat/Obj : Data, Money, Personal Info … etc  “The H…activist” ( target : Business/Gov’t) Mot: Agenda, Planned, Well Organised, Web Defacement Threat /Obj : Reputation

Common Attacks  “The Opportunist” Attack MO’s: Phishing s Crypting – Bots, Rats, Keylogger, Viruses (distribution : P2P, IRC’s) Scripts, Brute Force, War Driving Malware(?)  “The H…activist” Attack MO’s: Web Site Defacement - Vulnerable Sites (source, SQL Inj)  The “Mark” Attack MO’s: Foot-printing Numeration DDOS, Wifi, MitM, BF, Vun S., LHF, Skip Diving **** Social Engineering **** really K.S.

Common Attacks Surfaces  Users (Weakest – Social Engineering)  (Spoofing etc..)  Web Sites (Defacing, DDOS)  Firewalls (BF, Scanning)  Switches/Hubs/Routers (Telnet, SNMP)  Network Services (DNS, VPN etc…)  Applications (Web Apps)  Topology (wifi, sniffing)  Servers/Computers (inc Home)  Production/Safety System (eg fire doors etc.) ** H&S Risk Assessment  Other Hardware (SNMP)

Myths / Liabilities IT System can be made 100% Secure Up-to-date Virus software will stop any attacks ALL Financial transactions are insured from fraud ** Personal (CC, Bank) - Is Chip and Pin Secure? **Business (PCI DSS)

Facts Over two thirds of UK companies have experienced some sort of computer virus 2010 In a survey of 167 participants Over a 1 month survey period (2hr per day) found: 95% of participants probed On average 56 hacking attempts per day 68% of hacking attempts used the Backdoor SubSeven Trojan These were home users One in three companies web sites have had hacking attempts 2009

Protecting YOU and Your Business  IDS and Honey-pots  Identify, Map, Log and Monitor the Risks  Software Patches and Virus Updates  Correctly configured Firewalls and Software  Managed IT policies and systems (ISO) ** DON’T - Hide in the long grass **  Encryption  Be vigilant around anything, that by its nature, is protected from unauthorised access

Q&A Thank You !

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.