IT Security

Welcome to our presentation

Group members

ID Name Section

120104461 Asaduzzaman Sohag

A120104463 Hasib Ahmed

120104467 Sheikh Mohammad Sagor Ahmmed

IntroductionThe internet is not a single network, but a worldwide

collection of loosely connected networks that are accessible by individual computer hosts, in a variety of ways, to anyone with a computer and a network connection. However, along with the convenience and easy access to information come risks. Among them are the risks that valuable information will be lost, stolen, changed, or misused. That’s why we need IT Security.

Definition

The U.S. National Information Systems Security Glossary defines –

"Information Systems Security" as the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.

Continue…

The definitions of InfoSec suggested in different sources are summarized below –

1. Committee on National Security Systems (CNSS) "The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

2. “Information Systems Audit and Control Association (ISACA) "Ensures that only authorized users (confidentiality) have access to accurate and complete information (integrity) when required (availability).

Issues of IT Security

Top Issues of IT Security:

From banking hacks and malicious mobile apps to insider leaks, 2014 promises to an interesting but challenging year for CISOs. Here, the issues coming into view-

1. Insider threat isn't going away.2. Cyber-attacks, including government-

sponsored, continue; education and standards prioritized.

3. Enterprises deploy faster response and recovery solutions

4. 'Social' the new frontier for cyber crime.5. DDoS attacks get even bigger but Botnets stick

around.

Issues of IT Security

Continue…

6. Android to see a malware explosion.7. Internet of Things extends threats to

'dumb' platforms.8. Consumer products penetrate the

perimeter, boost demand for security protection.

9. Regional clouds proliferate.10. Criminals prey on Windows XP

vulnerabilities.

Potential Impact

Some potential impacts are given below-

1. Reducing cost and increasing security.2. Emerging technology providers sells security mechanisms

for the IT users.3. Compliance bodies.4. Organic business growth.5. Size and Scale.6. Regulatory requirements.7. Establish a baseline - a diagnostic approach.8. Understanding the business requirements and cost

drivers.9. Understanding the data.10.Priorities and adopt correct technologies.11.Bring it all together.

Potential Impact

11

Conclusion

Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution. The never ending process of information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review. This makes information security an indispensable part of all the business operations across different domains.

15/12/2014

12

Thanks To ALL

15/12/2014