Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Slides:



Advertisements
Similar presentations
Computer Fraud Chapter 5.
Advertisements

Computer Fraud Chapter 5.
Agenda COBIT 5 Product Family Information Security COBIT 5 content
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Accounting Information Systems Chapter Outlines
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens.
Lecture 11 Reliability and Security in IT infrastructure.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
IBM Security Network Protection (XGS)
Factors to be taken into account when designing ICT Security Policies
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
INTRODUCTION TO COMPUTER TECHNOLOGY
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
Securing Information Systems
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Computer Crime and Information Technology Security
Part 2- An IT Auditing Framework
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
Chapter 3 Internal Controls.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
What does “secure” mean? Protecting Valuables
Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Twelfth Edition.
Security Architecture
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.
INFORMATION SECURITY & RISK MANAGEMENT SZABIST – Spring 2012.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Copyright 2014 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Six Steps To A Common Open Networking Ecosystem Common.
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
1 An Introduction to Microbial Metabolism: The Chemical Crossroads of Life Chapter 8 Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Scott Charney Cybercrime and Risk Management PwC.
McGraw-Hill/Irwin © 2013 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 11 Computer Crime and Information Technology Security.
MIS 7003 MIS Core Course The MBA Program The University of Tulsa Professor: Akhilesh Bajaj Security: Personal & Business © Akhilesh Bajaj 2004,2005, 2007,
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte.
NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS
Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
Chapter 1: Security Governance Through Principles and Policies
MIS323 – Business Telecommunications Chapter 10 Security.
Welcome to the ICT Department Unit 3_5 Security Policies.
IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.
Module 6: Business Application Software Audit Chapter 1: Business Application Software Audit 1.
Securing Information Systems
Risk management.
Network Security Basics: Malware and Attacks
Crimes against Property
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Understand Core Security Principles
Securing Information Systems
Threat Landscape for Data Security
Final Conference 18 Set 2018.
Chapter # 3 COMPUTER AND INTERNET CRIME
Presentation transcript:

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Chapter 11 Computer Crime and Information Technology Security

11-2 Outline Learning objectives Carter’s taxonomy Risks and threats IT controls COBIT

11-3 Learning objectives 1.Explain Carter’s taxonomy of computer crime. 2.Identify and describe business risks and threats to information systems. 3.Discuss ways to prevent and detect computer crime. 4.Explain the main components of the CoBIT framework and their implications for IT security.

11-4 Carter’s taxonomy Target –Targets system or its data –Example: DOS attack Instrumentality –Uses computer to further criminal end –Example: Phishing Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

11-5 Carter’s taxonomy Incidental –Computer not required, but related to crime –Example: Extortion Associated –New versions of old crimes –Example: Cash larceny Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

11-6 Risks and threats Fraud Service interruption and delays Disclosure of confidential information Intrusions Malicious software Denial-of-service attacks Please consult the chapter for the full list.

11-7 IT controls Confidentiality Data integrity Availability C-I-A triad

11-8 IT controls Physical controls Guards, locks, fire suppression systems Technical controls Biometric access controls, malware protection Administrative controls Password rotation policy, password rules, overall IT security strategy

11-9 COBIT Two main parts –Principles Five ideas that form the foundation of strong IT governance and management –Enablers Seven tools that match the capabilities of IT tools with users’ needs Control Objectives for Information and Related Technology Information Systems Audit and Control Association (ISACA) Framework for IT governance and management

11-10 COBIT

11-11 COBIT

11-12

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.