1 / 10

Key Factors Increasing Threats to Information Security in Today's Business Landscape

The modern business environment is marked by interconnected networks and widespread device usage, which heightens the risk of information security threats. Factors such as smaller, cheaper technology, the diminishing skill barrier for hackers, and increased employee use of unmanaged devices aggravate vulnerabilities. Unintentional threats, including natural disasters and human error, coupled with deliberate threats like espionage and software attacks, pose significant challenges. Effective risk management strategies, including risk mitigation, physical and access controls, and communication controls, are essential for protecting information security.

hector
Télécharger la présentation

Key Factors Increasing Threats to Information Security in Today's Business Landscape

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CHAPTER 4 Information Security

  2. Factors Increasing the Threats to Information Security • Today’s interconnected, interdependent, wirelessly-networked business environment • Smaller, faster, cheaper computers and storage devices • Decreasing skills necessary to be a computer hacker • Increased employee use of unmanaged devices • Lack of management support

  3. Unintentional Threats • Unintentional acts • Natural disasters • Technical failures / environmental hazards • Human error • Social Engineering (tailgating, shoulder surfing, etc.) • Management failures • Ways to prevent?

  4. Deliberate Threats • Espionage / Trespassing • Extortion • Sabotage / vandalism • Theft (equipment, information, or identity) • Software attacks • Many others

  5. Risk Management • Risk • Risk management • Risk analysis • Risk mitigation

  6. Risk Mitigation Strategies • Risk acceptance • Risk limitation • Risk transference

  7. Information Security Controls • Physical Controls • Access Controls • Communications Controls

  8. Access Controls • Authentication • Something the user is • Something the user has • Something the user does • Something the user knows • Authorization

  9. Communications Controls • Firewalls • Antivirus software • Whitelisting and Blacklisting software • Encryption • Digital Certificates • VPN • Employee Monitoring Systems

  10. Other things organizations can do... • Business Continuity Planning • Backup • Recovery • Information Security Auditing

More Related