Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Published byOsborn Lucas Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education."— Presentation transcript:

1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Chapter 11 Computer Crime and Information Technology Security

2 11-2 Outline Learning objectives Carter’s taxonomy Risks and threats IT controls COBIT

3 11-3 Learning objectives 1.Explain Carter’s taxonomy of computer crime. 2.Identify and describe business risks and threats to information systems. 3.Discuss ways to prevent and detect computer crime. 4.Explain the main components of the CoBIT framework and their implications for IT security.

4 11-4 Carter’s taxonomy Target –Targets system or its data –Example: DOS attack Instrumentality –Uses computer to further criminal end –Example: Phishing Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

5 11-5 Carter’s taxonomy Incidental –Computer not required, but related to crime –Example: Extortion Associated –New versions of old crimes –Example: Cash larceny Four-part system for classifying computer crime A specific crime may fit more than one classification The taxonomy provides a useful framework for discussing computer crime in all types of organizations.

6 11-6 Risks and threats Fraud Service interruption and delays Disclosure of confidential information Intrusions Malicious software Denial-of-service attacks Please consult the chapter for the full list.

7 11-7 IT controls Confidentiality Data integrity Availability C-I-A triad

8 11-8 IT controls Physical controls Guards, locks, fire suppression systems Technical controls Biometric access controls, malware protection Administrative controls Password rotation policy, password rules, overall IT security strategy

9 11-9 COBIT Two main parts –Principles Five ideas that form the foundation of strong IT governance and management –Enablers Seven tools that match the capabilities of IT tools with users’ needs Control Objectives for Information and Related Technology Information Systems Audit and Control Association (ISACA) Framework for IT governance and management

10 11-10 COBIT

11 11-11 COBIT

12 11-12

Download ppt "Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education."

Similar presentations

Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Accounting Information Systems Chapter Outlines

Accounting Information Systems Chapter Outlines
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens.

Disaster Prevention and Recovery. Team Members   Gwenn Cooper   Kristy Short   John knieling   Carissa Vancleave   Matthew Owens.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Fifth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
INTRODUCTION TO COMPUTER TECHNOLOGY

INTRODUCTION TO COMPUTER TECHNOLOGY
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Similar presentations

Ads by Google