SlideShare a Scribd company logo

Information Security Fundamentals

The Avi Sharma, profile picture
The Avi Sharma

The document discusses the fundamentals of information security, emphasizing the need to protect data from unauthorized access and the impact of breaches on organizations. Key elements include confidentiality, integrity, availability, and non-repudiation, along with various attack types such as operating system and application-level attacks. Additionally, it outlines relevant laws, such as PCI-DSS, HIPAA, SOX, and DMCA, that guide security practices in different sectors.

Technology
1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Information Security Fundamentals The Avi Sharma
Information Security • Information Security refers to securing the data or information and systems from unauthorized access or misuses. • Data of organizations are breached by scammers, fraudsters or hackers and to stop them we have to deal with information security.
Need for Security • Development in information technology. • Lack of knowledge and skills in field of security. • Impact on data breaches on the organizations and business corporates.
Elements of Security • Confidentiality – only authorized users can access or protection of data by preventing the unauthorized access. • Integrity – It refers to the accuracy and consistency of data over its lifecycle. • Availability – it means the information will be available when it required for authorized users.
Elements of Security • Non Repudiation – is the assurance that someone cannot deny the validity of something.
Attacks in Info. Security • Operating system attacks Attackers find vulnerabilities in a operating system to gain access to the system. In every operating system vulnerabilities are present and the attackers take advantages of it.
Attacks in Info. Security • Mis – Configuration attacks – Misconfiguration attacks exploit configuration weaknesses found in web and application servers. Many servers come with unnecessary default and sample files, including applications, configuration files, scripts, and WebPages.
Attacks in Info. Security • Application level attack – An application attack consists of cyber criminals gaining access to unauthorized areas. Attackers most commonly start with a look at the application layer, hunting for application vulnerabilities written within code. • Example – Man-in-middle ,session hijacking,DOS attacks.
Info. Security Laws • Payment Card Industry Data Security [PCI-DSS] The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.
Info. Security Laws • ISO/IEC 27001:2013 It specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
Info. Security Laws • Health Insurance Portability and Accountability Act [HIPPA] The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed
Info. Security Laws • Sarbanes Oxley Act [SOX] The Sarbanes-Oxley Act of 2002 is a law the U.S. Congress passed on July 30 of that year to help protect investors from fraudulent financial reporting by corporations.
Info. Security Laws • The Digital Millennium Copyright Act [DMCA] Digital Millennium Copyright Act (DMCA), which amended U.S. copyright law to address important parts of the relationship between copyright and the internet.
Thank You The Avi Sharma Cyber Security Expert

More Related Content

PDF
Report on Mobile security
Kavita Rastogi
 
PPT
Virtualization in Cloud Computing.ppt
MohammadArmanulHaque
 
PDF
computer-security-and-cryptography-a-simple-presentation
Alex Punnen
 
PPTX
User authentication
CAS
 
PPTX
Operating system security
Rachel Jeewa
 
PDF
Hackers
AdrianMartinezBaraja
 
PPTX
Virus and Worms
GrittyCC
 
PPT
network printer.ppt
Michael Montarde
 
Report on Mobile security
Kavita Rastogi
 
Virtualization in Cloud Computing.ppt
MohammadArmanulHaque
 
computer-security-and-cryptography-a-simple-presentation
Alex Punnen
 
User authentication
CAS
 
Operating system security
Rachel Jeewa
 
Hackers
AdrianMartinezBaraja
 
Virus and Worms
GrittyCC
 
network printer.ppt
Michael Montarde
 

What's hot (20)

PPTX
23 network security threats pkg
Umang Gupta
 
PPT
Wireless security presentation
Muhammad Zia
 
PPTX
Password Policy and Account Lockout Policies
anilinvns
 
PPT
Multimedia networking
Kikima Jimmy
 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
PPTX
Hacking and Anti Hacking
International Islamic University
 
PPTX
Introduction to Intrusion detection and prevention system for network
Eng. Mohammed Ahmed Siddiqui
 
PPTX
IT security
Aman Jain
 
PDF
5 Things to Know about Safety and Security of Embedded Systems
MEN Mikro Elektronik GmbH
 
PPTX
Ingeniería social
Manuel Fdz
 
PPTX
One time password(otp)
Anjali Agrawal
 
PPTX
Email security
Baliram Yadav
 
PPT
Information Assurance And Security - Chapter 1 - Lesson 2
MLG College of Learning, Inc
 
PPTX
Melissa Virus
Minh Nguyen
 
PDF
Recomendaciones básicas de seguridad en servidores y hosting
Hostalia Internet
 
PDF
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Mukesh Chinta
 
PPTX
Trusted systems1
Sumita Das
 
PDF
Ransomware
m3 Networks Limited
 
PDF
Password Attacks.pdf
Andy32903
 
PDF
Secure by Design - Security Design Principles for the Rest of Us
Eoin Woods
 
23 network security threats pkg
Umang Gupta
 
Wireless security presentation
Muhammad Zia
 
Password Policy and Account Lockout Policies
anilinvns
 
Multimedia networking
Kikima Jimmy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Hacking and Anti Hacking
International Islamic University
 
Introduction to Intrusion detection and prevention system for network
Eng. Mohammed Ahmed Siddiqui
 
IT security
Aman Jain
 
5 Things to Know about Safety and Security of Embedded Systems
MEN Mikro Elektronik GmbH
 
Ingeniería social
Manuel Fdz
 
One time password(otp)
Anjali Agrawal
 
Email security
Baliram Yadav
 
Information Assurance And Security - Chapter 1 - Lesson 2
MLG College of Learning, Inc
 
Melissa Virus
Minh Nguyen
 
Recomendaciones básicas de seguridad en servidores y hosting
Hostalia Internet
 
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Mukesh Chinta
 
Trusted systems1
Sumita Das
 
Ransomware
m3 Networks Limited
 
Password Attacks.pdf
Andy32903
 
Secure by Design - Security Design Principles for the Rest of Us
Eoin Woods
 
Ad

Similar to Information Security Fundamentals (20)

PPTX
Cyber Security and data Security for all.pptx
RajagopalKeshavan
 
PPTX
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
PPTX
Introduction of ethical hacking.........
AalyanAbid
 
PPTX
Information Security
Alok Katiyar
 
PPTX
Cyber Sequrity.pptx is life of cyber security
perweeng31
 
PPTX
Presentation 1.pptx
rabeetkashif
 
PPTX
Data security
AbdulBasit938
 
PDF
Information Security - Goals, Challenges, and Best Practices Discussed | USCSI®
United States Cybersecurity Institute (USCSI®)
 
PDF
Lecture 01 Information Security BS computer Science
maqib8373
 
PPTX
sec.This includes policy settings that prevent unauthorized people
JuliusECatipon
 
PPTX
Cyber Security awareness of cyber security
BabaBoss5
 
PPTX
Software Security - Copy-1.pptx by sohab
pakpra733
 
PPTX
Management Information Systems ( Security and Control.pptx
NamugenyiBetty
 
PPTX
Information security: importance of having defined policy & process
Information Technology Society Nepal
 
PDF
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
PDF
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
SecureCurve
 
PPTX
What is Cyber & information security.pptx
amnamahfooz615
 
PPTX
Unit four .pptx
BLACKSPAROW
 
PDF
Introduction-to-Cyber-Security presentation.pdf
Naruto103394
 
PDF
internet security and cyber lawUnit1
Royalzig Luxury Furniture
 
Cyber Security and data Security for all.pptx
RajagopalKeshavan
 
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Introduction of ethical hacking.........
AalyanAbid
 
Information Security
Alok Katiyar
 
Cyber Sequrity.pptx is life of cyber security
perweeng31
 
Presentation 1.pptx
rabeetkashif
 
Data security
AbdulBasit938
 
Information Security - Goals, Challenges, and Best Practices Discussed | USCSI®
United States Cybersecurity Institute (USCSI®)
 
Lecture 01 Information Security BS computer Science
maqib8373
 
sec.This includes policy settings that prevent unauthorized people
JuliusECatipon
 
Cyber Security awareness of cyber security
BabaBoss5
 
Software Security - Copy-1.pptx by sohab
pakpra733
 
Management Information Systems ( Security and Control.pptx
NamugenyiBetty
 
Information security: importance of having defined policy & process
Information Technology Society Nepal
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
SecureCurve
 
What is Cyber & information security.pptx
amnamahfooz615
 
Unit four .pptx
BLACKSPAROW
 
Introduction-to-Cyber-Security presentation.pdf
Naruto103394
 
internet security and cyber lawUnit1
Royalzig Luxury Furniture
 
Ad

More from The Avi Sharma (6)

PPTX
Networking fundamentals
The Avi Sharma
 
PPTX
Presentation on - Processors
The Avi Sharma
 
PPTX
Robotics
The Avi Sharma
 
PPTX
Sql injection
The Avi Sharma
 
PPTX
BLUEJACKING
The Avi Sharma
 
PPTX
Presentation on IOT SECURITY
The Avi Sharma
 
Networking fundamentals
The Avi Sharma
 
Presentation on - Processors
The Avi Sharma
 
Robotics
The Avi Sharma
 
Sql injection
The Avi Sharma
 
BLUEJACKING
The Avi Sharma
 
Presentation on IOT SECURITY
The Avi Sharma
 

Recently uploaded (20)

PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Encapsulation theory and applications.pdf
gurumoop
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 

Information Security Fundamentals

  • 2. Information Security • Information Security refers to securing the data or information and systems from unauthorized access or misuses. • Data of organizations are breached by scammers, fraudsters or hackers and to stop them we have to deal with information security.
  • 3. Need for Security • Development in information technology. • Lack of knowledge and skills in field of security. • Impact on data breaches on the organizations and business corporates.
  • 4. Elements of Security • Confidentiality – only authorized users can access or protection of data by preventing the unauthorized access. • Integrity – It refers to the accuracy and consistency of data over its lifecycle. • Availability – it means the information will be available when it required for authorized users.
  • 5. Elements of Security • Non Repudiation – is the assurance that someone cannot deny the validity of something.
  • 6. Attacks in Info. Security • Operating system attacks Attackers find vulnerabilities in a operating system to gain access to the system. In every operating system vulnerabilities are present and the attackers take advantages of it.
  • 7. Attacks in Info. Security • Mis – Configuration attacks – Misconfiguration attacks exploit configuration weaknesses found in web and application servers. Many servers come with unnecessary default and sample files, including applications, configuration files, scripts, and WebPages.
  • 8. Attacks in Info. Security • Application level attack – An application attack consists of cyber criminals gaining access to unauthorized areas. Attackers most commonly start with a look at the application layer, hunting for application vulnerabilities written within code. • Example – Man-in-middle ,session hijacking,DOS attacks.
  • 9. Info. Security Laws • Payment Card Industry Data Security [PCI-DSS] The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.
  • 10. Info. Security Laws • ISO/IEC 27001:2013 It specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
  • 11. Info. Security Laws • Health Insurance Portability and Accountability Act [HIPPA] The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed
  • 12. Info. Security Laws • Sarbanes Oxley Act [SOX] The Sarbanes-Oxley Act of 2002 is a law the U.S. Congress passed on July 30 of that year to help protect investors from fraudulent financial reporting by corporations.
  • 13. Info. Security Laws • The Digital Millennium Copyright Act [DMCA] Digital Millennium Copyright Act (DMCA), which amended U.S. copyright law to address important parts of the relationship between copyright and the internet.
  • 14. Thank You The Avi Sharma Cyber Security Expert