Computer Security Management: Assessment and Forensics Session 8.

Slides:



Advertisements
Similar presentations
Security and Control Soetam Rizky. Why Systems Are Vulnerable ?
Advertisements

A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.
Computer Fraud Chapter 5.
Computer Fraud Chapter 5.
Control and Accounting Information Systems
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.
Chapter Extension 24 Computer Crime and Forensics © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Auditing Computer Systems
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Chapter 9: Privacy, Crime, and Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 Information Systems Ethics, Computer Crime, and Security
OVERVIEW OF COMPUTER CRIME LEGISLATION IN HAWAII
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.
COEN 152 Computer Forensics Introduction to Computer Forensics.
Kpmg. The Fourth Asian Roundtable on Corporate Governance Shareholder Rights and the Equitable Treatment of Shareholders Deepankar Sanwalka KPMG “Tools.
Internet safety By Lydia Snowden.
Securing Information Systems
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
Fraud and Forensic Auditing Chapter Ten. Definition of Fraud “…any act involving the use of deception to obtain an illegal advantage.” (ISACA Irregularities.
Computing Essentials 2014 Privacy, Security and Ethics © 2014 by McGraw-Hill Education. This proprietary material solely for authorized instructor use.
Chapter 10 Identifying and preventing fraud Qiang Jiang School of Business Sichuan University, China
CYBER CRIME.
FRAUD Prevention & Detection. Group Members Raven Smith Tommy Harville Kedron Hilario.
Commerce Done by: Sadoun AL-Suwaida Turki AL-Anazi.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Custom Corporate Consulting and Training Fraud: Detecting and Preventing Presented October 30, 2010 To University of Texas at Arlington Executive MBA Students.
00 CHAPTER 1 Governance, Ethics, and Managerial Decision Making © 2009 Cengage Learning.
Chapter 14 Internal Control and the Prevention of Fraud.
Unit 9: Electronic Fraud Professor Thomas Genovese.
IT in Business Issues in Information Technology Lecture – 13.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Chap1: Is there a Security Problem in Computing?.
Cybercrime What is it, what does it cost, & how is it regulated?
CONTROLLING INFORMATION SYSTEMS
Fraud and Forensic Auditing Pertemuan 23-24
© 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke Slide 1 Chapter Extension 24 Computer Crime and Forensics.
Security and Ethics Safeguards and Codes of Conduct.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Protecting Your Assets By Preventing Identity Theft 1.
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Chapter 14 Internal Control, Corporate Governance, and Ethics.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
Presented By: W. Andrew Powell, CPA Principal Halt, Buzas & Powell, Ltd.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
EECS David Chan Computer Crime and Computer Fraud Computer crime means a crime involving computer resources, including using a computer to commit.
Add video notes to lecture
Computer Crime and Computer Fraud
Computer Security INSM 180- Belasco Bryant and Stratton Fall 2011
IT Security  .
Lecture 14: Business Information Systems - ICT Security
Lesson 2- Protecting Yourself Online
INFORMATION SYSTEMS SECURITY and CONTROL
Computer Security.
CCP 420: FRAUD DETECTION AND MANAGEMENT
Lesson 2- Protecting Yourself Online
Presentation transcript:

Computer Security Management: Assessment and Forensics Session 8

 Computer crime means a crime involving computer resources, including using a computer to commit a crime.  Computer fraud means using computer resources to defraud.

 Using a computer to defraud.  Fraud is an intentional act to deceive or mislead, convert assets to one’s own benefit, or make intentional false statements or misrepresentations often accompanied by omission, manipulation of documents or collusion.  Computer fraud is criminal.

 Hacking.  Deliberate virus spreading.  Theft of information, software or hardware.  Theft of computer resource usage.  Denial of computer services by means of malicious software or messages.  Message interception.

 Scams  Phishing  Defamation of character.  Disseminating hate propaganda.  Threats  Developing, holding or spreading child pornography.

 A perpetrator lacking integrity or ethics  Motivation to commit fraud  Opportunity to commit and conceal fraud  False representation to a substantial degree

 Factor to induce a victim or accomplice to act  Intent to defraud  Injury or loss sustained

 The fraud provisions of the Criminal Code have been used to prosecute people who used computers to commit frauds.  The Internet is increasingly used to perpetrate fraud because of its reach and the impulse responses of Web surfers.

 A complex accounting system raises the potential for “creative accounting” and consequently fraud  The general perception that computerized information is reliable makes computer fraud less susceptible to challenge than fraud committed on paper

 Manipulating systems or causing glitches to “smooth” quarterly earnings  Salami, rounding down interest calculation and deposit difference to programmer’s own account  Employee selling of customer lists to competitor  Fictitious insurance policies to defraud insurers and reinsurers

A scheme that uses one or more components of the Internet - such as chat rooms, , message boards, or Web sites - to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or others connected with the scheme.

 Auction or sales inducing the victim to send money or give out credit card numbers for promised goods  Business opportunity  Work-at-home program

 Investment scheme  Stock market manipulation by spreading fictitious news about public companies  Identity theft

 Segregation of duties  Management and independent review  Restricted access  Code of business conduct to outline what is not acceptable, what is not supposed to be done with organization IT resources, what constitutes conflict of interest.

 Intrusion detection and prevention systems  Encryption  Security education  Analytical review

 System monitoring  Security check on new hires and contractors  An established process for whistle blowing and investigation  Exemplifying management culture

 Lock laptops when not attended to  Scheduled refreshment of web sites from the backup version to nullify even minor changes by hackers such as changing a key word in the user agreement or a rate

 Damage control by pulling equipment off the network.  Preserve evidence, do not turn off computers.  Call a forensic expert to image the computer hard disks.  Do not use the computer until the hard disk is successfully captured

 Do not set off alarm, let the suspect continue.  Damage control, by making backup of data and providing an alternate plan.  Continue to monitor suspect.  Collect evidence behind the scene.  Depending on severity, may need to terminate access or reassign suspect immediately.  Sanitize data behind the scene.

 Gathering evidence ◦ Rules of Evidence must be carefully followed ◦ Chain of custody critical ◦ Interviewing personnel ◦ Invigilation ◦ Indirect methods of proof Conducting the Forensic Investigation

 Screwdriver and pliers  Disk imaging software  Hash calculation utility  Search utilities  File and data recovery tools  File viewing utilities  Password cracking software  Digital camera Tools of Computer Forensics

 Computer crime and computer fraud on the rise  Organizations should adopt a code of business conduct.  Organizations should have chief ethic officers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.