Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12

Published byBenny Sudirman Modified over 6 years ago

Similar presentations

Presentation on theme: "SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12"— Presentation transcript:

1 SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12
IR. NIZIRWAN ANWAR, MT PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS ILMU KOMPUTER

2 IT Security Incidents: A Major Concern
Security of information technology is of utmost importance Safeguard: Confidential business data Private customer and employee data Protect against malicious acts of theft or disruption Balance against other business needs and issues Number of IT-related security incidents is increasing around the world

3 Why Computer Incidents Are So Prevalent
Increasing complexity increases vulnerability Computing environment is enormously complex Continues to increase in complexity Number of entry points expands continuously Cloud computing and virtualization software Higher computer user expectations Computer help desks under intense pressure Forget to verify users’ IDs or check authorizations Computer users share login IDs and passwords

4 Expanding/changing systems equal new risks
Network era Personal computers connect to networks with millions of other computers All capable of sharing information Information technology Ubiquitous Necessary tool for organizations to achieve goals Increasingly difficult to match pace of technological change

5 Increased reliance on commercial software with known vulnerabilities
Exploit Attack on information system Takes advantage of system vulnerability Due to poor system design or implementation Patch “Fix” to eliminate the problem Users are responsible for obtaining and installing Delays expose users to security breaches

6 Types of Exploits Computers as well as smartphones can be target
Types of attacks Virus Worm Trojan horse Distributed denial of service Rootkit Spam Phishing (spear-phishing, smishing, and vishing)

7 Types of Perpetrators Perpetrators include:
Thrill seekers wanting a challenge Common criminals looking for financial gain Industrial spies trying to gain an advantage Terrorists seeking to cause destruction Different objectives and access to varying resources Willing to take different levels of risk to accomplish an objective

8 Hackers and Crackers Hackers
Test limitations of systems out of intellectual curiosity Some smart and talented Others inept; termed “lamers” or “script kiddies” Crackers Cracking is a form of hacking Clearly criminal activity

9 Cybercriminals Hack into corporate computers to steal
Engage in all forms of computer fraud Chargebacks are disputed transactions Loss of customer trust has more impact than fraud To reduce potential for online credit card fraud: Use encryption technology Verify the address submitted online against the issuing bank Request a card verification value (CVV) Use transaction-risk scoring software

10 Hacktivists and Cyberterrorists
Hacktivism Hacking to achieve a political or social goal Cyberterrorist Attacks computers or networks in an attempt to intimidate or coerce a government in order to advance certain political or social objectives Seeks to cause harm rather than gather information Uses techniques that destroy or disrupt services

11 Implementing Trustworthy Computing

12 Trustworthy computing
Delivers secure, private, and reliable computing Based on sound business practices Security of any system or network Combination of technology, policy, and people Requires a wide range of activities to be effective Systems must be monitored to detect possible intrusion Clear reaction plan addresses: Notification, evidence protection, activity log maintenance, containment, eradication, and recovery

13 Establishing a Security Policy
A security policy defines: Organization’s security requirements Controls and sanctions needed to meet the requirements Delineates responsibilities and expected behavior Outlines what needs to be done Not how to do it Automated system policies should mirror written policies

14 Trade-off between: Ease of use Increased security Areas of concern attachments Wireless devices VPN uses the Internet to relay communications but maintains privacy through security features Additional security includes encrypting originating and receiving network addresses

15 KEMAMPUAN AKHIR YANG DIHARAPKAN
Mahasiswa secara aktif, kreatif dan dapat ber- inovasi dalam mengerti dan memahami tentang tentang Security Policies, Laws and Computer Crimes.

Download ppt "SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12"

Similar presentations

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Chapter 3 Computer and Internet Crime

Chapter 3 Computer and Internet Crime
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Ethics in Information Technology, Fourth Edition

Ethics in Information Technology, Fourth Edition
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Ethics in Information Technology, Second Edition

Ethics in Information Technology, Second Edition
Chapter 3 Computer and Internet Crime

Chapter 3 Computer and Internet Crime
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Similar presentations

Ads by Google