å°Šę•¬ēš„ å¾®äæ”걇ēŽ‡ļ¼š1円 ā‰ˆ 0.046166 元 ę”Æä»˜å®ę±‡ēŽ‡ļ¼š1円 ā‰ˆ 0.046257元 [退å‡ŗē™»å½•]
SlideShare a Scribd company logo

Security in IT (data and cyber security)

ā€¢
ā€¢
Rohana K Amarakoon
Rohana K Amarakoon

The document discusses security in information technology. It covers what security is, why it is needed for IT, physical and virtual security threats to IT environments, and how to avoid these threats. Specific topics covered include data security, cyber security, firewalls, access controls, encryption, and other methods to protect against threats like viruses, hacking, and data theft. The goal is to explain the importance of security for protecting IT systems, data, and infrastructure from both physical and virtual risks.

Software
1 of 32
Current Topics In Computer Technology PST 32220 Security in IT (Data and Cyber Security) Rohana K Amarakoon B.Sc (SUSL), MBCS (UK), MBA (AUS-Reading)
Content 1. What is security 2. Why security needed for IT 3. Security threats in IT environment (physical & virtual) 4. How to avoid physical threats 5. How to avoid virtual threats 2PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
Content 6. Why data and cyber security 7. Practical application of data and cyber security in IT 8. Advantages of security in IT 9. Problem and limitation of security in IT 10. Expected Outcomes 3PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
1. What Is Security ā€¢ Security means safety, as well as the measures taken to be safe or protected. ā€¢ Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, item, nation, or organization. 4PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
1. What Is Security ā€¢ Security provides "a form of protection where a separation is created between the assets and the threat. - Institute for Security and Open Methodologies (ISECOM) 5PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
1. What Is Security ā€¢ Different Security Mechanisms In Our Life 6PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
1. What Is Security ā€¢ Categorizing security 7PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) IT ā€¢Computer security ā€¢Internet security ā€¢Application security ā€¢Data security ā€¢Information security ā€¢Network security Physical ā€¢Airport security ā€¢Aviation security ā€¢Communications security ā€¢Corporate security ā€¢Food security ā€¢Home security ā€¢Infrastructure security ā€¢Physical security ā€¢Port security/Supply chai security ā€¢Private security ā€¢School security ā€¢Shopping center security ā€¢Transportation security Political ā€¢National security ā€¢Public security ā€¢Homeland security ā€¢Internal security ā€¢State security ā€¢International security ā€¢Human security Monetary ā€¢Economic security ā€¢Financial security ā€¢Social security
1. What Is Security ā€¢ Security concepts - Certain concepts recur throughout different fields of security: 1. Assurance - assurance is the level of guarantee that a security system will behave as expected 2. Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event 3. Defense in depth - never rely on one single security measure alone 4. Risk - a risk is a possible event which could cause a loss 5. Threat - a threat is a method of triggering a risk event that is dangerous 6. Vulnerability - a weakness in a target that can potentially be exploited by a security threat 7. Exploit - a vulnerability that has been triggered by a threat - a risk of 100% 8PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
2. Why Security Needed For IT ā€¢ Similar to other fields, IT field also attacked by various kind of threats. ā€¢ Volume of the threats to IT field increases rapidly and the impact also really high. ā€¢ Security breaches in IT field loose billions of dollars financially and cost similar amount of money to take necessary security prevention methods. ā€¢ Security threat in IT could affect to millions of peopleā€™s all around the world. 9PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
2. Why Security Needed For IT ā€¢ The amount of people using IT related products and services increase daily generating terabytes of new data and information every day. Securing data, information and privacy become mandatory. ā€¢ Connectivity between IT related products and services with daily life of people become very strong. ā€¢ Most of the critical services depend on the IT infrastructure. Ex ā€“ Banking, Medical Services, Aviation, Telecommunication, automobiles, government and etc. 10PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
2. Why Security Needed For IT ā€¢ Computer security, also known as cyber security or IT security, is security applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet is a must today. ā€¢ The field includes all five components: hardware, software, data, people, and procedures by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction, and is of growing importance due to the increasing reliance of computer systems in most societies. 11PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
2. Why Security Needed For IT Threat can take one or more of the following actions against an asset: ā€¢ Access ā€“ simple unauthorized access ā€¢ Misuse ā€“ unauthorized use of assets (e.g., identity theft, setting up a porn distribution service on a compromised server, etc.) ā€¢ Disclose ā€“ the threat agent illicitly discloses sensitive information ā€¢ Modify ā€“ unauthorized changes to an asset ā€¢ Deny access ā€“ includes destruction, theft of a non-data asset, etc 12PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
3. Security threats in IT environment (physical & virtual) ā€¢ Physical threats in IT environment 1. Natural Disasters Ex - Flood, Tsunami, Earthquakes, Fire, pollution, lightning & etc. 2. Human Threats Ex ā€“ Unauthorized access, eavesdropping, shoulder sniffing, Sabotage (destruction of HW), Computer misuse and etc. 3. Loss of essential services Ex - Power Supply, Air conditioning, Telecommunication, H/W failure and etc. 13PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
3. Security threats in IT environment (physical & virtual) ā€¢ Virtual threats to IT environment 1. SQL injection 2. Cross-site scripting 3. Cyber-attack 4. Denial-of-service attack 5. Trojans 6. Viruses 7. worms 8. Malware 9. Key loggers 14PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 11. Phishing 12. Social engineering 13. Clickjaking 14. Tampering 15. Backdoors
4. How to avoid physical threats ā€¢ Physical security to prevent theft of equipment Physical controls monitor and control the environment of the work place and computing facilities. They also monitor and control access to and from such facilities. Ex - doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, etc. Separating the network and workplace into functional areas are also physical controls. 15PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
4. How to avoid physical threats ā€¢ Physical security to prevent theft of equipment An important physical control that is frequently overlooked is the separation of duties. Separation of duties ensures that an individual can not complete a critical task by himself. Ex - an employee who submits a request for reimbursement should not also be able to authorize payment or print the check. An applications programmer should not also be the server administrator or the database administrator ā€“ these roles and responsibilities must be separated from one another. 16PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
5. How to avoid virtual threats ā€¢ Information security to protect the data on that equipment from virtual threats. 1. Firewalls implementation in network 2. User access control with limited user roles (User access control system) 3. Password protection and two way authentication 4. Encryption of data 5. Information security classification labels/access 6. Network intrusion detection systems 7. Access control lists 8. Logical controls 9. Validation of user inputs 17PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
5. How to avoid virtual threats ā€¢ Information security to protect the data on that equipment from virtual threats. 10. Implementation of Virus Guards 11. Implementation of IP controllers 12. Implementation of secure communication channels 13. Data Masking 14. Implementation of Mobile security gateways 15. Implementation of advanced security architecture 18PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
6. Why data and cyber security Data Security ā€¢ Today most of the data generated or stored in computers or databases. ā€¢ Prevention of data theft is really important, they are like bank account numbers, credit card information, passwords, work related documents or spread sheets, etc. These data is essential in todayā€™s communications since many of our day to day actions depend on the security of the data paths. ā€¢ Data present in a computer can also be misused by unauthorized intrusions. An intruder can modify and change the program source codes and can also use your pictures or email accounts to create derogatory content such as pornographic images, fake misleading and offensive social accounts. ā€¢ Single mistake of individual or organization could lead in to life threatening issues in peopleā€™s life due to misuse of confidential data. 19PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
6. Why data and cyber security Cyber Security ā€¢ Today most of the devices connected to internet and have less security protocols implemented. Make them vulnerable to cyber attacks will loose huge amount of data on them. ā€¢ Cyber risk is now firmly at the top of the international agenda as high-profile breaches raise fears that hack attacks and other security failures could endanger the global economy. ā€¢ Cyber crime costs the global economy over US$400 billion per year, according to estimates by the Center for Strategic and International Studies in 2013. This huge money could use for the betterment of the customers of those companies affected by cyber crimes if they implement proper security protocols to prevent such attacks. ā€¢ It is really important to have proper mechanism to avoid cyber crimes and protect data. 20PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
7. Practical application of data and cyber security in IT 21PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) Onion Model Data and Cyber Security is concerned with four main areas: Confidentiality:- Data is only accessed by those with the right to view the data. Integrity:- Data can be relied upon to be accurate and processed correctly. Availability:- Data should be available to users when needed. Authentication:- are you really communicating with whom you think you are communicating with
7. Practical application of data and cyber security in IT 22PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 1. Implementation and monitoring of laws and regulations. (International laws, Local governmental law, industry specific laws and etc.) 2. Disaster recovery planning (A disaster recovery plan is executed immediately after the disaster occurs and details what steps are to be taken in order to recover critical information technology infrastructure.) 3. Implementation and monitoring physical security (secure doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, Separation of duties, etc.)
7. Practical application of data and cyber security in IT 23PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 4. Implementation and monitoring virtual security (Firewalls, user access control, password protection, encryption of data, information security classification labels/access, network intrusion detection systems, access control lists, logical controls.) 5. Incident response plans (Selecting team members, Define roles, responsibilities and lines of authority, Define a security incident, Define a reportable incident, Training, Detection, Classification, Escalation, Containment, Eradication, Documentation) 6. Business continuity plan & risk management
7. Practical application of data and cyber security in IT 24PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
8. Advantages of security in IT ā€¢ Associates for security in IT 1. Forum of Incident Response and Security Teams (FIRST) (US-CERT, AT&T, Apple, Cisco, McAfee, Microsoft) 2. Computer Emergency Response Team (CERT) (Most of the countries have this) 3. Information Systems Audit and Control Association (ISACA) (For IT good governance) 4. International Information Systems Security Certification Consortium ((ISC)Ā²) 25PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
8. Advantages of security in IT ā€¢ New Job Opportunities Security Analyst Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions. Security Engineer Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. May also review code or perform other security engineering methodologies. 26PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
8. Advantages of security in IT ā€¢ New Job Opportunities Security Architect Designs a security system or major components of a security system, and may head a security design team building a new security system. Security Administrator Installs and manages organization-wide security systems. May also take on some of the tasks of a security analyst in smaller organizations. Chief Information Security Officer (CISO) A high-level management position responsible for the entire information security division/staff. The position may include hands-on technical work. 27PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
8. Advantages of security in IT ā€¢ New Job Opportunities Chief Security Officer (CSO) A high-level management position responsible for the entire security division/staff. A newer position now deemed needed as security risks grow. Security Consultant/Specialist/Intelligence Broad titles that encompass any one or all of the other roles/titles, tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments. 28PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
9. Problem and limitation of security in IT ā€¢ High cost for implementation and maintenance of security infrastructure. ā€¢ High cost for innovation of new security mechanismā€™s and infrastructure to mitigate treats. ā€¢ High volume of security threats and innovation of new security threats. ā€¢ Majority of people are lack of knowledge about security methods and practices in IT. 29PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
9. Problem and limitation of security in IT ā€¢ Lack of cooperation and support from governments to implement new rules and regulations for computer and IT security. ā€¢ Lack of skilled and qualified human resource to deal with the demanding IT and computer security related job opportunities. ā€¢ Limitations of knowledge in failure recovery methods in organization. 30PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
Expected Outcomes ā€¢ Understand about the why we need security IT ā€¢ Understand about the nature and challenges for the security in IT ā€¢ Get to know about what are the ways that our physical and virtual assets get expose to different threats. ā€¢ Study about how we could protect our physical and virtual assets from different threats. 31PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
Thank You! 32PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)

Recommended

Software Vulnerabilities
Software VulnerabilitiesSoftware Vulnerabilities
Software Vulnerabilities
amiable_indian
Ā 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
Ā 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
ADGP, Public Grivences, Bangalore
Ā 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
Ā 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security
Sammer Qader
Ā 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
PECB
Ā 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
Ā 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
Ā 

Recommended

Software Vulnerabilities
Software VulnerabilitiesSoftware Vulnerabilities
Software Vulnerabilities
amiable_indian
Ā 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
Ā 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
ADGP, Public Grivences, Bangalore
Ā 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Eng Hasan Shamroukh CISCO Exams Author
Ā 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security
Sammer Qader
Ā 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
PECB
Ā 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
Ā 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
Ā 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
ShivamSharma909
Ā 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
AbdullahKanash
Ā 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
Ā 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
bdemchak
Ā 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
Shreedeep Rayamajhi
Ā 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
Ā 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
Animesh Roy
Ā 
Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
LearningwithRayYT
Ā 
Information Security Management.Introduction
Information Security Management.IntroductionInformation Security Management.Introduction
Information Security Management.Introduction
yuliana_mar
Ā 
Cybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationCybersecurity PowerPoint Presentation
Cybersecurity PowerPoint Presentation
Ritik Kumar
Ā 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
Ā 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
A. Shamel
Ā 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
PECB
Ā 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
William Godwin
Ā 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
Ā 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
Ā 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Marlabs
Ā 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
PECB
Ā 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
Ā 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
Ā 
Policies & Laws in IT industry
Policies & Laws in IT industryPolicies & Laws in IT industry
Policies & Laws in IT industry
Rohana K Amarakoon
Ā 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality Assurance
Rohana K Amarakoon
Ā 

More Related Content

What's hot

CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
ShivamSharma909
Ā 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
AbdullahKanash
Ā 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
Ā 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
bdemchak
Ā 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
Shreedeep Rayamajhi
Ā 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
Ā 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
Animesh Roy
Ā 
Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
LearningwithRayYT
Ā 
Information Security Management.Introduction
Information Security Management.IntroductionInformation Security Management.Introduction
Information Security Management.Introduction
yuliana_mar
Ā 
Cybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationCybersecurity PowerPoint Presentation
Cybersecurity PowerPoint Presentation
Ritik Kumar
Ā 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
Ā 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
A. Shamel
Ā 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
PECB
Ā 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
William Godwin
Ā 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
Ā 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
Ā 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Marlabs
Ā 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
PECB
Ā 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
Ā 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
Ā 

What's hot (20)

CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
Ā 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
Ā 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Ā 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
Ā 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
Ā 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Ā 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
Ā 
Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
Ā 
Information Security Management.Introduction
Information Security Management.IntroductionInformation Security Management.Introduction
Information Security Management.Introduction
Ā 
Cybersecurity PowerPoint Presentation
Cybersecurity PowerPoint PresentationCybersecurity PowerPoint Presentation
Cybersecurity PowerPoint Presentation
Ā 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Ā 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
Ā 
7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation7 Key Problems to Avoid in ISO 27001 Implementation
7 Key Problems to Avoid in ISO 27001 Implementation
Ā 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
Ā 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Ā 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Ā 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Ā 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
Ā 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
Ā 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Ā 

Viewers also liked

Policies & Laws in IT industry
Policies & Laws in IT industryPolicies & Laws in IT industry
Policies & Laws in IT industry
Rohana K Amarakoon
Ā 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality Assurance
Rohana K Amarakoon
Ā 
Professional bodies in IT
Professional bodies in ITProfessional bodies in IT
Professional bodies in IT
Rohana K Amarakoon
Ā 
New Product Management AIB (MBA) 2016
New Product Management AIB (MBA) 2016New Product Management AIB (MBA) 2016
New Product Management AIB (MBA) 2016
Rohana K Amarakoon
Ā 
Nature of the it profession
Nature of the it professionNature of the it profession
Nature of the it profession
Rohana K Amarakoon
Ā 
Entrepreneurship AIB (MBA) 2016
Entrepreneurship AIB (MBA) 2016Entrepreneurship AIB (MBA) 2016
Entrepreneurship AIB (MBA) 2016
Rohana K Amarakoon
Ā 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
Rohana K Amarakoon
Ā 
Project Management - AIB (MBA)
Project Management - AIB (MBA)Project Management - AIB (MBA)
Project Management - AIB (MBA)
Rohana K Amarakoon
Ā 
Project Management Best Practices
Project Management Best PracticesProject Management Best Practices
Project Management Best Practices
Rohana K Amarakoon
Ā 
Social & professional issues in IT
Social & professional issues in ITSocial & professional issues in IT
Social & professional issues in IT
Rohana K Amarakoon
Ā 
Green it
Green itGreen it
Green it
Rohana K Amarakoon
Ā 
Windows Azure Essentials
Windows Azure EssentialsWindows Azure Essentials
Windows Azure Essentials
Rohana K Amarakoon
Ā 
Introduction to windows azure
Introduction to windows azureIntroduction to windows azure
Introduction to windows azure
Rohana K Amarakoon
Ā 
Strategic Management - AIB (MBA) 2015
Strategic Management - AIB (MBA) 2015Strategic Management - AIB (MBA) 2015
Strategic Management - AIB (MBA) 2015
Rohana K Amarakoon
Ā 
Strategic Human Resource Management - AIB (MBA) 2015
Strategic Human Resource Management - AIB (MBA) 2015Strategic Human Resource Management - AIB (MBA) 2015
Strategic Human Resource Management - AIB (MBA) 2015
Rohana K Amarakoon
Ā 
Location Based Services in Telecommunication Networks
Location Based Services in Telecommunication Networks Location Based Services in Telecommunication Networks
Location Based Services in Telecommunication Networks
Rohana K Amarakoon
Ā 
Operations Management - AIB (MBA) 2015
Operations Management - AIB (MBA) 2015Operations Management - AIB (MBA) 2015
Operations Management - AIB (MBA) 2015
Rohana K Amarakoon
Ā 
Compressed workweek
Compressed workweekCompressed workweek
Compressed workweek
Rohana K Amarakoon
Ā 
Leadership - AIB (MBA) 2015
Leadership - AIB (MBA) 2015Leadership - AIB (MBA) 2015
Leadership - AIB (MBA) 2015
Rohana K Amarakoon
Ā 
Rapid application developmet
Rapid application developmetRapid application developmet
Rapid application developmet
Rohana K Amarakoon
Ā 

Viewers also liked (20)

Policies & Laws in IT industry
Policies & Laws in IT industryPolicies & Laws in IT industry
Policies & Laws in IT industry
Ā 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality Assurance
Ā 
Professional bodies in IT
Professional bodies in ITProfessional bodies in IT
Professional bodies in IT
Ā 
New Product Management AIB (MBA) 2016
New Product Management AIB (MBA) 2016New Product Management AIB (MBA) 2016
New Product Management AIB (MBA) 2016
Ā 
Nature of the it profession
Nature of the it professionNature of the it profession
Nature of the it profession
Ā 
Entrepreneurship AIB (MBA) 2016
Entrepreneurship AIB (MBA) 2016Entrepreneurship AIB (MBA) 2016
Entrepreneurship AIB (MBA) 2016
Ā 
security in it (data and cyber security)
security in it (data and cyber security)security in it (data and cyber security)
security in it (data and cyber security)
Ā 
Project Management - AIB (MBA)
Project Management - AIB (MBA)Project Management - AIB (MBA)
Project Management - AIB (MBA)
Ā 
Project Management Best Practices
Project Management Best PracticesProject Management Best Practices
Project Management Best Practices
Ā 
Social & professional issues in IT
Social & professional issues in ITSocial & professional issues in IT
Social & professional issues in IT
Ā 
Green it
Green itGreen it
Green it
Ā 
Windows Azure Essentials
Windows Azure EssentialsWindows Azure Essentials
Windows Azure Essentials
Ā 
Introduction to windows azure
Introduction to windows azureIntroduction to windows azure
Introduction to windows azure
Ā 
Strategic Management - AIB (MBA) 2015
Strategic Management - AIB (MBA) 2015Strategic Management - AIB (MBA) 2015
Strategic Management - AIB (MBA) 2015
Ā 
Strategic Human Resource Management - AIB (MBA) 2015
Strategic Human Resource Management - AIB (MBA) 2015Strategic Human Resource Management - AIB (MBA) 2015
Strategic Human Resource Management - AIB (MBA) 2015
Ā 
Location Based Services in Telecommunication Networks
Location Based Services in Telecommunication Networks Location Based Services in Telecommunication Networks
Location Based Services in Telecommunication Networks
Ā 
Operations Management - AIB (MBA) 2015
Operations Management - AIB (MBA) 2015Operations Management - AIB (MBA) 2015
Operations Management - AIB (MBA) 2015
Ā 
Compressed workweek
Compressed workweekCompressed workweek
Compressed workweek
Ā 
Leadership - AIB (MBA) 2015
Leadership - AIB (MBA) 2015Leadership - AIB (MBA) 2015
Leadership - AIB (MBA) 2015
Ā 
Rapid application developmet
Rapid application developmetRapid application developmet
Rapid application developmet
Ā 

Similar to Security in IT (data and cyber security)

CS_Lecture01.pptx for the new lab conservatio of computer network
CS_Lecture01.pptx for the new lab conservatio of computer networkCS_Lecture01.pptx for the new lab conservatio of computer network
CS_Lecture01.pptx for the new lab conservatio of computer network
saad504633
Ā 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
CMDLearning
Ā 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
abrahamermias1
Ā 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
KARANSINGHD
Ā 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
ijtsrd
Ā 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
Suleiman55
Ā 
Class activity 4
Class activity 4 Class activity 4
Class activity 4
Jeewanthi Fernando
Ā 
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
Asad Zaman
Ā 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
ali raza
Ā 
Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024
CollegeEssay.Org
Ā 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Aparajita Banerjee
Ā 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Applied Forensic Research Sciences
Ā 
Forensics
ForensicsForensics
Forensics
Laura Aviles
Ā 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
IJERA Editor
Ā 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
IJERA Editor
Ā 
Cyber Security - Awareness Presentation - High Level
Cyber Security - Awareness Presentation - High LevelCyber Security - Awareness Presentation - High Level
Cyber Security - Awareness Presentation - High Level
bbothma718
Ā 
IT8073_Information Security_UNIT I _.pdf
IT8073_Information Security_UNIT I _.pdfIT8073_Information Security_UNIT I _.pdf
IT8073_Information Security_UNIT I _.pdf
Asst.prof M.Gokilavani
Ā 
IT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notesIT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notes
Asst.prof M.Gokilavani
Ā 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
ijtsrd
Ā 
Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
INFOGAIN PUBLICATION
Ā 

Similar to Security in IT (data and cyber security) (20)

CS_Lecture01.pptx for the new lab conservatio of computer network
CS_Lecture01.pptx for the new lab conservatio of computer networkCS_Lecture01.pptx for the new lab conservatio of computer network
CS_Lecture01.pptx for the new lab conservatio of computer network
Ā 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
Ā 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
Ā 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
Ā 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
Ā 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
Ā 
Class activity 4
Class activity 4 Class activity 4
Class activity 4
Ā 
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
Ā 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
Ā 
Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024Cyber Security - CollegeEssay.org - 2024
Cyber Security - CollegeEssay.org - 2024
Ā 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Ā 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ā 
Forensics
ForensicsForensics
Forensics
Ā 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
Ā 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
Ā 
Cyber Security - Awareness Presentation - High Level
Cyber Security - Awareness Presentation - High LevelCyber Security - Awareness Presentation - High Level
Cyber Security - Awareness Presentation - High Level
Ā 
IT8073_Information Security_UNIT I _.pdf
IT8073_Information Security_UNIT I _.pdfIT8073_Information Security_UNIT I _.pdf
IT8073_Information Security_UNIT I _.pdf
Ā 
IT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notesIT8073 _Information Security _UNIT I Full notes
IT8073 _Information Security _UNIT I Full notes
Ā 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
Ā 
Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
Ā 

More from Rohana K Amarakoon

Importance of education to everyone & how to improve education
Importance of education to everyone & how to improve educationImportance of education to everyone & how to improve education
Importance of education to everyone & how to improve education
Rohana K Amarakoon
Ā 
How to enhance social awareness on NCD's and STD's
How to enhance social awareness on NCD's and STD'sHow to enhance social awareness on NCD's and STD's
How to enhance social awareness on NCD's and STD's
Rohana K Amarakoon
Ā 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European union
Rohana K Amarakoon
Ā 
What is agile?
What is agile?What is agile?
What is agile?
Rohana K Amarakoon
Ā 
Effective communication
Effective communicationEffective communication
Effective communication
Rohana K Amarakoon
Ā 
Software Change request form
Software Change request formSoftware Change request form
Software Change request form
Rohana K Amarakoon
Ā 
Process for requirement identification & development in software development
Process for requirement identification & development in software developmentProcess for requirement identification & development in software development
Process for requirement identification & development in software development
Rohana K Amarakoon
Ā 
Corporate Governance - AIB (MBA) 2015
Corporate Governance - AIB (MBA) 2015Corporate Governance - AIB (MBA) 2015
Corporate Governance - AIB (MBA) 2015
Rohana K Amarakoon
Ā 
Rest API
Rest APIRest API
Rest API
Rohana K Amarakoon
Ā 

More from Rohana K Amarakoon (9)

Importance of education to everyone & how to improve education
Importance of education to everyone & how to improve educationImportance of education to everyone & how to improve education
Importance of education to everyone & how to improve education
Ā 
How to enhance social awareness on NCD's and STD's
How to enhance social awareness on NCD's and STD'sHow to enhance social awareness on NCD's and STD's
How to enhance social awareness on NCD's and STD's
Ā 
General data protection regulation - European union
General data protection regulation - European unionGeneral data protection regulation - European union
General data protection regulation - European union
Ā 
What is agile?
What is agile?What is agile?
What is agile?
Ā 
Effective communication
Effective communicationEffective communication
Effective communication
Ā 
Software Change request form
Software Change request formSoftware Change request form
Software Change request form
Ā 
Process for requirement identification & development in software development
Process for requirement identification & development in software developmentProcess for requirement identification & development in software development
Process for requirement identification & development in software development
Ā 
Corporate Governance - AIB (MBA) 2015
Corporate Governance - AIB (MBA) 2015Corporate Governance - AIB (MBA) 2015
Corporate Governance - AIB (MBA) 2015
Ā 
Rest API
Rest APIRest API
Rest API
Ā 

Recently uploaded

TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdfTheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
Ortus Solutions, Corp
Ā 
Introduction to Python and Basic Syntax.pptx
Introduction to Python and Basic Syntax.pptxIntroduction to Python and Basic Syntax.pptx
Introduction to Python and Basic Syntax.pptx
GevitaChinnaiah
Ā 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Alina Yurenko
Ā 
Accelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAIAccelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAI
Ahmed Okour
Ā 
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Anita pandey
Ā 
Photo Copier Xerox Machine annual maintenance contract system.pdf
Photo Copier Xerox Machine annual maintenance contract system.pdfPhoto Copier Xerox Machine annual maintenance contract system.pdf
Photo Copier Xerox Machine annual maintenance contract system.pdf
SERVE WELL CRM NASHIK
Ā 
Hands-on with Apache Druid: Installation & Data Ingestion Steps
Hands-on with Apache Druid: Installation & Data Ingestion StepsHands-on with Apache Druid: Installation & Data Ingestion Steps
Hands-on with Apache Druid: Installation & Data Ingestion Steps
servicesNitor
Ā 
Beginner's Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024Beginner's Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024
michniczscribd
Ā 
SAP ECC & S4 HANA PPT COMPARISON MM.pptx
SAP ECC & S4 HANA PPT COMPARISON MM.pptxSAP ECC & S4 HANA PPT COMPARISON MM.pptx
SAP ECC & S4 HANA PPT COMPARISON MM.pptx
aneeshmanikantan2341
Ā 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
Ā 
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
manji sharman06
Ā 
European Standard S1000D, an Unnecessary Expense to OEM.pptx
European Standard S1000D, an Unnecessary Expense to OEM.pptxEuropean Standard S1000D, an Unnecessary Expense to OEM.pptx
European Standard S1000D, an Unnecessary Expense to OEM.pptx
Digital Teacher
Ā 
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
tinakumariji156
Ā 
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable PriceCall Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
vickythakur209464
Ā 
Ensuring Efficiency and Speed with Practical Solutions for Clinical Operations
Ensuring Efficiency and Speed with Practical Solutions for Clinical OperationsEnsuring Efficiency and Speed with Practical Solutions for Clinical Operations
Ensuring Efficiency and Speed with Practical Solutions for Clinical Operations
OnePlan Solutions
Ā 
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
sapnasaifi408
Ā 
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
tinakumariji156
Ā 
Folding Cheat Sheet #5 - fifth in a series
Folding Cheat Sheet #5 - fifth in a seriesFolding Cheat Sheet #5 - fifth in a series
Folding Cheat Sheet #5 - fifth in a series
Philip Schwarz
Ā 
How GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdfHow GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdf
Zycus
Ā 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
Michał Kurzeja
Ā 

Recently uploaded (20)

TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdfTheFutureIsDynamic-BoxLang-CFCamp2024.pdf
TheFutureIsDynamic-BoxLang-CFCamp2024.pdf
Ā 
Introduction to Python and Basic Syntax.pptx
Introduction to Python and Basic Syntax.pptxIntroduction to Python and Basic Syntax.pptx
Introduction to Python and Basic Syntax.pptx
Ā 
Going AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applicationsGoing AOT: Everything you need to know about GraalVM for Java applications
Going AOT: Everything you need to know about GraalVM for Java applications
Ā 
Accelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAIAccelerate your Sitecore development with GenAI
Accelerate your Sitecore development with GenAI
Ā 
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Premium Call Girls In Ahmedabad šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Ahmedabad ...
Ā 
Photo Copier Xerox Machine annual maintenance contract system.pdf
Photo Copier Xerox Machine annual maintenance contract system.pdfPhoto Copier Xerox Machine annual maintenance contract system.pdf
Photo Copier Xerox Machine annual maintenance contract system.pdf
Ā 
Hands-on with Apache Druid: Installation & Data Ingestion Steps
Hands-on with Apache Druid: Installation & Data Ingestion StepsHands-on with Apache Druid: Installation & Data Ingestion Steps
Hands-on with Apache Druid: Installation & Data Ingestion Steps
Ā 
Beginner's Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024Beginner's Guide to Observability@Devoxx PL 2024
Beginner's Guide to Observability@Devoxx PL 2024
Ā 
SAP ECC & S4 HANA PPT COMPARISON MM.pptx
SAP ECC & S4 HANA PPT COMPARISON MM.pptxSAP ECC & S4 HANA PPT COMPARISON MM.pptx
SAP ECC & S4 HANA PPT COMPARISON MM.pptx
Ā 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
Ā 
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
Call Girls BangalorešŸ”„7023059433šŸ”„Best Profile Escorts in Bangalore Available 24/7
Ā 
European Standard S1000D, an Unnecessary Expense to OEM.pptx
European Standard S1000D, an Unnecessary Expense to OEM.pptxEuropean Standard S1000D, an Unnecessary Expense to OEM.pptx
European Standard S1000D, an Unnecessary Expense to OEM.pptx
Ā 
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Kolkata Call Girls Ā šŸ‘‰ 9079923931 šŸ‘« High Profile Call Girls Whatsapp Number ...
Ā 
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable PriceCall Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
Call Girls in Varanasi || 7426014248 || Quick Booking at Affordable Price
Ā 
Ensuring Efficiency and Speed with Practical Solutions for Clinical Operations
Ensuring Efficiency and Speed with Practical Solutions for Clinical OperationsEnsuring Efficiency and Speed with Practical Solutions for Clinical Operations
Ensuring Efficiency and Speed with Practical Solutions for Clinical Operations
Ā 
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
Independent Call Girls In Bangalore šŸ’ÆCall Us šŸ” 7426014248 šŸ”Independent Bangal...
Ā 
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
šŸ”„ Chennai Call Girls Ā šŸ‘‰ 6350257716 šŸ‘« High Profile Call Girls Whatsapp Number ...
Ā 
Folding Cheat Sheet #5 - fifth in a series
Folding Cheat Sheet #5 - fifth in a seriesFolding Cheat Sheet #5 - fifth in a series
Folding Cheat Sheet #5 - fifth in a series
Ā 
How GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdfHow GenAI Can Improve Supplier Performance Management.pdf
How GenAI Can Improve Supplier Performance Management.pdf
Ā 
Refactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contextsRefactoring legacy systems using events commands and bubble contexts
Refactoring legacy systems using events commands and bubble contexts
Ā 

Security in IT (data and cyber security)

  • 1. Current Topics In Computer Technology PST 32220 Security in IT (Data and Cyber Security) Rohana K Amarakoon B.Sc (SUSL), MBCS (UK), MBA (AUS-Reading)
  • 2. Content 1. What is security 2. Why security needed for IT 3. Security threats in IT environment (physical & virtual) 4. How to avoid physical threats 5. How to avoid virtual threats 2PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 3. Content 6. Why data and cyber security 7. Practical application of data and cyber security in IT 8. Advantages of security in IT 9. Problem and limitation of security in IT 10. Expected Outcomes 3PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 4. 1. What Is Security ā€¢ Security means safety, as well as the measures taken to be safe or protected. ā€¢ Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, item, nation, or organization. 4PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 5. 1. What Is Security ā€¢ Security provides "a form of protection where a separation is created between the assets and the threat. - Institute for Security and Open Methodologies (ISECOM) 5PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 6. 1. What Is Security ā€¢ Different Security Mechanisms In Our Life 6PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 7. 1. What Is Security ā€¢ Categorizing security 7PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) IT ā€¢Computer security ā€¢Internet security ā€¢Application security ā€¢Data security ā€¢Information security ā€¢Network security Physical ā€¢Airport security ā€¢Aviation security ā€¢Communications security ā€¢Corporate security ā€¢Food security ā€¢Home security ā€¢Infrastructure security ā€¢Physical security ā€¢Port security/Supply chai security ā€¢Private security ā€¢School security ā€¢Shopping center security ā€¢Transportation security Political ā€¢National security ā€¢Public security ā€¢Homeland security ā€¢Internal security ā€¢State security ā€¢International security ā€¢Human security Monetary ā€¢Economic security ā€¢Financial security ā€¢Social security
  • 8. 1. What Is Security ā€¢ Security concepts - Certain concepts recur throughout different fields of security: 1. Assurance - assurance is the level of guarantee that a security system will behave as expected 2. Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event 3. Defense in depth - never rely on one single security measure alone 4. Risk - a risk is a possible event which could cause a loss 5. Threat - a threat is a method of triggering a risk event that is dangerous 6. Vulnerability - a weakness in a target that can potentially be exploited by a security threat 7. Exploit - a vulnerability that has been triggered by a threat - a risk of 100% 8PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 9. 2. Why Security Needed For IT ā€¢ Similar to other fields, IT field also attacked by various kind of threats. ā€¢ Volume of the threats to IT field increases rapidly and the impact also really high. ā€¢ Security breaches in IT field loose billions of dollars financially and cost similar amount of money to take necessary security prevention methods. ā€¢ Security threat in IT could affect to millions of peopleā€™s all around the world. 9PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 10. 2. Why Security Needed For IT ā€¢ The amount of people using IT related products and services increase daily generating terabytes of new data and information every day. Securing data, information and privacy become mandatory. ā€¢ Connectivity between IT related products and services with daily life of people become very strong. ā€¢ Most of the critical services depend on the IT infrastructure. Ex ā€“ Banking, Medical Services, Aviation, Telecommunication, automobiles, government and etc. 10PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 11. 2. Why Security Needed For IT ā€¢ Computer security, also known as cyber security or IT security, is security applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet is a must today. ā€¢ The field includes all five components: hardware, software, data, people, and procedures by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction, and is of growing importance due to the increasing reliance of computer systems in most societies. 11PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 12. 2. Why Security Needed For IT Threat can take one or more of the following actions against an asset: ā€¢ Access ā€“ simple unauthorized access ā€¢ Misuse ā€“ unauthorized use of assets (e.g., identity theft, setting up a porn distribution service on a compromised server, etc.) ā€¢ Disclose ā€“ the threat agent illicitly discloses sensitive information ā€¢ Modify ā€“ unauthorized changes to an asset ā€¢ Deny access ā€“ includes destruction, theft of a non-data asset, etc 12PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 13. 3. Security threats in IT environment (physical & virtual) ā€¢ Physical threats in IT environment 1. Natural Disasters Ex - Flood, Tsunami, Earthquakes, Fire, pollution, lightning & etc. 2. Human Threats Ex ā€“ Unauthorized access, eavesdropping, shoulder sniffing, Sabotage (destruction of HW), Computer misuse and etc. 3. Loss of essential services Ex - Power Supply, Air conditioning, Telecommunication, H/W failure and etc. 13PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 14. 3. Security threats in IT environment (physical & virtual) ā€¢ Virtual threats to IT environment 1. SQL injection 2. Cross-site scripting 3. Cyber-attack 4. Denial-of-service attack 5. Trojans 6. Viruses 7. worms 8. Malware 9. Key loggers 14PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 11. Phishing 12. Social engineering 13. Clickjaking 14. Tampering 15. Backdoors
  • 15. 4. How to avoid physical threats ā€¢ Physical security to prevent theft of equipment Physical controls monitor and control the environment of the work place and computing facilities. They also monitor and control access to and from such facilities. Ex - doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, etc. Separating the network and workplace into functional areas are also physical controls. 15PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 16. 4. How to avoid physical threats ā€¢ Physical security to prevent theft of equipment An important physical control that is frequently overlooked is the separation of duties. Separation of duties ensures that an individual can not complete a critical task by himself. Ex - an employee who submits a request for reimbursement should not also be able to authorize payment or print the check. An applications programmer should not also be the server administrator or the database administrator ā€“ these roles and responsibilities must be separated from one another. 16PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 17. 5. How to avoid virtual threats ā€¢ Information security to protect the data on that equipment from virtual threats. 1. Firewalls implementation in network 2. User access control with limited user roles (User access control system) 3. Password protection and two way authentication 4. Encryption of data 5. Information security classification labels/access 6. Network intrusion detection systems 7. Access control lists 8. Logical controls 9. Validation of user inputs 17PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 18. 5. How to avoid virtual threats ā€¢ Information security to protect the data on that equipment from virtual threats. 10. Implementation of Virus Guards 11. Implementation of IP controllers 12. Implementation of secure communication channels 13. Data Masking 14. Implementation of Mobile security gateways 15. Implementation of advanced security architecture 18PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 19. 6. Why data and cyber security Data Security ā€¢ Today most of the data generated or stored in computers or databases. ā€¢ Prevention of data theft is really important, they are like bank account numbers, credit card information, passwords, work related documents or spread sheets, etc. These data is essential in todayā€™s communications since many of our day to day actions depend on the security of the data paths. ā€¢ Data present in a computer can also be misused by unauthorized intrusions. An intruder can modify and change the program source codes and can also use your pictures or email accounts to create derogatory content such as pornographic images, fake misleading and offensive social accounts. ā€¢ Single mistake of individual or organization could lead in to life threatening issues in peopleā€™s life due to misuse of confidential data. 19PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 20. 6. Why data and cyber security Cyber Security ā€¢ Today most of the devices connected to internet and have less security protocols implemented. Make them vulnerable to cyber attacks will loose huge amount of data on them. ā€¢ Cyber risk is now firmly at the top of the international agenda as high-profile breaches raise fears that hack attacks and other security failures could endanger the global economy. ā€¢ Cyber crime costs the global economy over US$400 billion per year, according to estimates by the Center for Strategic and International Studies in 2013. This huge money could use for the betterment of the customers of those companies affected by cyber crimes if they implement proper security protocols to prevent such attacks. ā€¢ It is really important to have proper mechanism to avoid cyber crimes and protect data. 20PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 21. 7. Practical application of data and cyber security in IT 21PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) Onion Model Data and Cyber Security is concerned with four main areas: Confidentiality:- Data is only accessed by those with the right to view the data. Integrity:- Data can be relied upon to be accurate and processed correctly. Availability:- Data should be available to users when needed. Authentication:- are you really communicating with whom you think you are communicating with
  • 22. 7. Practical application of data and cyber security in IT 22PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 1. Implementation and monitoring of laws and regulations. (International laws, Local governmental law, industry specific laws and etc.) 2. Disaster recovery planning (A disaster recovery plan is executed immediately after the disaster occurs and details what steps are to be taken in order to recover critical information technology infrastructure.) 3. Implementation and monitoring physical security (secure doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems, cameras, barricades, fencing, security guards, cable locks, Separation of duties, etc.)
  • 23. 7. Practical application of data and cyber security in IT 23PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon) 4. Implementation and monitoring virtual security (Firewalls, user access control, password protection, encryption of data, information security classification labels/access, network intrusion detection systems, access control lists, logical controls.) 5. Incident response plans (Selecting team members, Define roles, responsibilities and lines of authority, Define a security incident, Define a reportable incident, Training, Detection, Classification, Escalation, Containment, Eradication, Documentation) 6. Business continuity plan & risk management
  • 24. 7. Practical application of data and cyber security in IT 24PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 25. 8. Advantages of security in IT ā€¢ Associates for security in IT 1. Forum of Incident Response and Security Teams (FIRST) (US-CERT, AT&T, Apple, Cisco, McAfee, Microsoft) 2. Computer Emergency Response Team (CERT) (Most of the countries have this) 3. Information Systems Audit and Control Association (ISACA) (For IT good governance) 4. International Information Systems Security Certification Consortium ((ISC)Ā²) 25PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 26. 8. Advantages of security in IT ā€¢ New Job Opportunities Security Analyst Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions. Security Engineer Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. May also review code or perform other security engineering methodologies. 26PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 27. 8. Advantages of security in IT ā€¢ New Job Opportunities Security Architect Designs a security system or major components of a security system, and may head a security design team building a new security system. Security Administrator Installs and manages organization-wide security systems. May also take on some of the tasks of a security analyst in smaller organizations. Chief Information Security Officer (CISO) A high-level management position responsible for the entire information security division/staff. The position may include hands-on technical work. 27PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 28. 8. Advantages of security in IT ā€¢ New Job Opportunities Chief Security Officer (CSO) A high-level management position responsible for the entire security division/staff. A newer position now deemed needed as security risks grow. Security Consultant/Specialist/Intelligence Broad titles that encompass any one or all of the other roles/titles, tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments. 28PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 29. 9. Problem and limitation of security in IT ā€¢ High cost for implementation and maintenance of security infrastructure. ā€¢ High cost for innovation of new security mechanismā€™s and infrastructure to mitigate treats. ā€¢ High volume of security threats and innovation of new security threats. ā€¢ Majority of people are lack of knowledge about security methods and practices in IT. 29PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 30. 9. Problem and limitation of security in IT ā€¢ Lack of cooperation and support from governments to implement new rules and regulations for computer and IT security. ā€¢ Lack of skilled and qualified human resource to deal with the demanding IT and computer security related job opportunities. ā€¢ Limitations of knowledge in failure recovery methods in organization. 30PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 31. Expected Outcomes ā€¢ Understand about the why we need security IT ā€¢ Understand about the nature and challenges for the security in IT ā€¢ Get to know about what are the ways that our physical and virtual assets get expose to different threats. ā€¢ Study about how we could protect our physical and virtual assets from different threats. 31PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)
  • 32. Thank You! 32PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)

Editor's Notes

  1. In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.
  2. IP controllers. Controllers are connected to a host PC via Ethernet LAN or WAN. Data Masking is the process of hiding specific data within a database table or cell to ensure that data security is maintained and that sensitive information is not exposed to unauthorized personnel.
  3. UK Data Protection Act 1998 makes new provisions for the regulation of the processing of information relating to individuals, including the obtaining, holding, use or disclosure of such information. The European Union Data Protection Directive (EUDPD) requires that all EU member must adopt national regulations to standardize the protection of data privacy for citizens throughout the EU. The Computer Misuse Act 1990 is an Act of the UK Parliament making computer crime (e.g. hacking) a criminal offence. The Act has become a model upon which several other countries including Canada and the Republic of Ireland have drawn inspiration when subsequently drafting their own information security laws. EU Data Retention laws requires Internet service providers and phone companies to keep data on every electronic message sent and phone call made for between six months and two years. Federal Financial Institutions Examination Councilā€™s (FFIEC) security guidelines for auditors specifies requirements for online banking security. Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires the adoption of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. And, it requires health care providers, insurance providers and employers to safeguard the security and privacy of health data. Grammā€“Leachā€“Bliley Act of 1999 (GLBA), also known as the Financial Services Modernization Act of 1999, protects the privacy and security of private financial information that financial institutions collect, hold, and process. Payment Card Industry Data Security Standard (PCI DSS) establishes comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.
  4. User account access controls and cryptography can protect systems files and data, respectively. Firewalls are by far the most common prevention systems from a network security perspective as they can (if properly configured) shield access to internal network services, and block certain kinds of attacks through packet filtering. Firewalls can be both hardware- or software-based. Intrusion Detection System (IDS) products are designed to detect network attacks in-progress and assist in post-attack forensics, while audit trails and logs serve a similar function for individual systems. "Response" is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of legal authorities, counter-attacks, and the like. In some special cases, a complete destruction of the compromised system is favored, as it may happen that not all the compromised resources are detected.
  ēæ»čƑļ¼š