Security in IT (data and cyber security)

Current Topics In Computer
Technology
PST 32220
Security in IT (Data and Cyber Security)
Rohana K Amarakoon
B.Sc (SUSL), MBCS (UK), MBA (AUS-Reading)

Content
1. What is security
2. Why security needed for IT
3. Security threats in IT environment (physical & virtual)
4. How to avoid physical threats
5. How to avoid virtual threats
2PST 32220 - Current Topics In Computer Technology (Lecturer : Mr. Rohana K Amarakoon)

Content
6. Why data and cyber security
7. Practical application of data and cyber security in IT
8. Advantages of security in IT
9. Problem and limitation of security in IT
10. Expected Outcomes

1. What Is Security
• Security means safety, as well as the measures taken to be safe or protected.
• Security is the degree of resistance to, or protection from, harm. It applies to any
vulnerable and valuable asset, such as a person, dwelling, community, item,
nation, or organization.

1. What Is Security
• Security provides "a form of protection where a separation is created between
the assets and the threat.
- Institute for Security and Open Methodologies (ISECOM)

1. What Is Security
• Different Security Mechanisms In Our Life

1. What Is Security
• Categorizing security
IT
•Computer security
•Internet security
•Application security
•Data security
•Information security
•Network security
Physical
•Airport security
•Aviation security
•Communications security
•Corporate security
•Food security
•Home security
•Infrastructure security
•Physical security
•Port security/Supply chai security
•Private security
•School security
•Shopping center security
•Transportation security
Political
•National security
•Public security
•Homeland security
•Internal security
•State security
•International security
•Human security
Monetary
•Economic security
•Financial security
•Social security

1. What Is Security
• Security concepts - Certain concepts recur throughout different fields of security:
1. Assurance - assurance is the level of guarantee that a security system will behave as expected
2. Countermeasure - a countermeasure is a way to stop a threat from triggering a risk event
3. Defense in depth - never rely on one single security measure alone
4. Risk - a risk is a possible event which could cause a loss
5. Threat - a threat is a method of triggering a risk event that is dangerous
6. Vulnerability - a weakness in a target that can potentially be exploited by a security threat
7. Exploit - a vulnerability that has been triggered by a threat - a risk of 100%

2. Why Security Needed For IT
• Similar to other fields, IT field also attacked by various kind of threats.
• Volume of the threats to IT field increases rapidly and the impact also really high.
• Security breaches in IT field loose billions of dollars financially and cost similar
amount of money to take necessary security prevention methods.
• Security threat in IT could affect to millions of people’s all around the world.

• The amount of people using IT related products and services increase daily
generating terabytes of new data and information every day. Securing data,
information and privacy become mandatory.
• Connectivity between IT related products and services with daily life of people
become very strong.
• Most of the critical services depend on the IT infrastructure.
Ex – Banking, Medical Services, Aviation, Telecommunication, automobiles,
government and etc.

• Computer security, also known as cyber security or IT security, is security applied
to computing devices such as computers and smartphones, as well as computer
networks such as private and public networks, including the whole Internet is a
must today.
• The field includes all five components: hardware, software, data, people, and
procedures by which digital equipment, information and services are protected
from unintended or unauthorized access, change or destruction, and is of
growing importance due to the increasing reliance of computer systems in most
societies.

Threat can take one or more of the following actions against an asset:
• Access – simple unauthorized access
• Misuse – unauthorized use of assets (e.g., identity theft, setting up a porn distribution service on
a compromised server, etc.)
• Disclose – the threat agent illicitly discloses sensitive information
• Modify – unauthorized changes to an asset
• Deny access – includes destruction, theft of a non-data asset, etc

3. Security threats in IT environment (physical
& virtual)
• Physical threats in IT environment
1. Natural Disasters
Ex - Flood, Tsunami, Earthquakes, Fire, pollution, lightning & etc.
2. Human Threats
Ex – Unauthorized access, eavesdropping, shoulder sniffing, Sabotage (destruction of HW),
Computer misuse and etc.
3. Loss of essential services
Ex - Power Supply, Air conditioning, Telecommunication, H/W failure and etc.

3. Security threats in IT environment (physical
& virtual)
• Virtual threats to IT environment
1. SQL injection
2. Cross-site scripting
3. Cyber-attack
4. Denial-of-service attack
5. Trojans
6. Viruses
7. worms
8. Malware
9. Key loggers
11. Phishing
12. Social engineering
13. Clickjaking
14. Tampering
15. Backdoors

• Physical security to prevent theft of equipment
Physical controls monitor and control the environment of the work place and
computing facilities. They also monitor and control access to and from such
facilities.
Ex - doors, locks, heating and air conditioning, smoke and fire alarms, fire
suppression systems, cameras, barricades, fencing, security guards, cable locks, etc.
Separating the network and workplace into functional areas are also physical
controls.

• Physical security to prevent theft of equipment
An important physical control that is frequently overlooked is the separation of
duties. Separation of duties ensures that an individual can not complete a critical
task by himself.
Ex - an employee who submits a request for reimbursement should not also be
able to authorize payment or print the check. An applications programmer should
not also be the server administrator or the database administrator – these roles
and responsibilities must be separated from one another.

• Information security to protect the data on that equipment from virtual threats.
1. Firewalls implementation in network
2. User access control with limited user roles (User access control system)
3. Password protection and two way authentication
4. Encryption of data
5. Information security classification labels/access
6. Network intrusion detection systems
7. Access control lists
8. Logical controls
9. Validation of user inputs

• Information security to protect the data on that equipment from virtual threats.
10. Implementation of Virus Guards
11. Implementation of IP controllers
12. Implementation of secure communication channels
13. Data Masking
14. Implementation of Mobile security gateways
15. Implementation of advanced security architecture

Data Security
• Today most of the data generated or stored in computers or databases.
• Prevention of data theft is really important, they are like bank account numbers, credit card
information, passwords, work related documents or spread sheets, etc. These data is essential in
today’s communications since many of our day to day actions depend on the security of the data
paths.
• Data present in a computer can also be misused by unauthorized intrusions. An intruder can
modify and change the program source codes and can also use your pictures or email accounts to
create derogatory content such as pornographic images, fake misleading and offensive social
accounts.
• Single mistake of individual or organization could lead in to life threatening issues in people’s life
due to misuse of confidential data.

Cyber Security
• Today most of the devices connected to internet and have less security protocols implemented.
Make them vulnerable to cyber attacks will loose huge amount of data on them.
• Cyber risk is now firmly at the top of the international agenda as high-profile breaches raise fears
that hack attacks and other security failures could endanger the global economy.
• Cyber crime costs the global economy over US$400 billion per year, according to estimates by the
Center for Strategic and International Studies in 2013. This huge money could use for the
betterment of the customers of those companies affected by cyber crimes if they implement
proper security protocols to prevent such attacks.
• It is really important to have proper mechanism to avoid cyber crimes and protect data.

7. Practical application of data and cyber
security in IT
Onion Model
Data and Cyber Security is concerned with four main areas:
Confidentiality:-
Data is only accessed by those with the right to view the data.
Integrity:-
Data can be relied upon to be accurate and processed
correctly.
Availability:-
Data should be available to users when needed.
Authentication:-
are you really communicating with whom you think you are
communicating with

security in IT
1. Implementation and monitoring of laws and regulations.
(International laws, Local governmental law, industry specific laws and etc.)
2. Disaster recovery planning
(A disaster recovery plan is executed immediately after the disaster occurs and details what steps
are to be taken in order to recover critical information technology infrastructure.)
3. Implementation and monitoring physical security
(secure doors, locks, heating and air conditioning, smoke and fire alarms, fire suppression systems,
cameras, barricades, fencing, security guards, cable locks, Separation of duties, etc.)

security in IT
4. Implementation and monitoring virtual security
(Firewalls, user access control, password protection, encryption of data, information security
classification labels/access, network intrusion detection systems, access control lists, logical
controls.)
5. Incident response plans
(Selecting team members, Define roles, responsibilities and lines of authority, Define a security
incident, Define a reportable incident, Training, Detection, Classification, Escalation, Containment,
Eradication, Documentation)
6. Business continuity plan & risk management

security in IT

• Associates for security in IT
1. Forum of Incident Response and Security Teams (FIRST) (US-CERT, AT&T, Apple, Cisco, McAfee,
Microsoft)
2. Computer Emergency Response Team (CERT) (Most of the countries have this)
3. Information Systems Audit and Control Association (ISACA) (For IT good governance)
4. International Information Systems Security Certification Consortium ((ISC)²)

• New Job Opportunities
Security Analyst
Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks),
investigates available tools and countermeasures to remedy the detected vulnerabilities, and
recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure
as a result of security incidents, examines available recovery tools and processes, and recommends
solutions. Tests for compliance with security policies and procedures. May assist in the creation,
implementation, and/or management of security solutions.
Security Engineer
Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect
security incidents, and mounts incident response. Investigates and utilizes new technologies and
processes to enhance security capabilities and implement improvements. May also review code or
perform other security engineering methodologies.

Security Architect
Designs a security system or major components of a security system, and may head a security
design team building a new security system.
Security Administrator
Installs and manages organization-wide security systems. May also take on some of the tasks of a
security analyst in smaller organizations.
Chief Information Security Officer (CISO)
A high-level management position responsible for the entire information security division/staff.
The position may include hands-on technical work.

Chief Security Officer (CSO)
A high-level management position responsible for the entire security division/staff. A newer position
now deemed needed as security risks grow.
Security Consultant/Specialist/Intelligence
Broad titles that encompass any one or all of the other roles/titles, tasked with protecting
computers, networks, software, data, and/or information systems against viruses, worms, spyware,
malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing
list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.

• High cost for implementation and maintenance of security infrastructure.
• High cost for innovation of new security mechanism’s and infrastructure to
mitigate treats.
• High volume of security threats and innovation of new security threats.
• Majority of people are lack of knowledge about security methods and practices in
IT.

• Lack of cooperation and support from governments to implement new rules and
regulations for computer and IT security.
• Lack of skilled and qualified human resource to deal with the demanding IT and
computer security related job opportunities.
• Limitations of knowledge in failure recovery methods in organization.

Expected Outcomes
• Understand about the why we need security IT
• Understand about the nature and challenges for the security in IT
• Get to know about what are the ways that our physical and virtual assets get
expose to different threats.
• Study about how we could protect our physical and virtual assets from different
threats.

Thank You!

Security in IT (data and cyber security)

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Security in IT (data and cyber security) (20)

More from Rohana K Amarakoon (9)

Recently uploaded (20)

Security in IT (data and cyber security)

Editor's Notes