Difficulties faced in this section-
This section of work relating to risk Management was reasonably easy to understand all the concepts involved, the difficult thing was really to put everything together and make sense of the different ideas discussed in this section. Without actually having a lecture it is sometimes difficult to relate certain concepts to real situations which would help me understand each topic better. The length and amount of information dicussed in this section was also a little bit overwhelming to get a grip on everything. It is difficult to know what information and ideas which are mostly relevant and how they all link together.
I found the following questions answered in my blog difficult to find answers to and really just understand what the question was asking as i could not find any reference to it in the notes for this section.
1) What is the best value that should be assessed when evaluating the worth of an information asset to the organisation - replacement cost or loss income while repairing or replacing?
The best value that should be assessed while evaluating the worth of an information asset can vary throughout different organisations and type of information asset. A efficient machine or piece of equipment can be priceless in some organisation's as it is the linch pin of the organisation, income losses could be quite severe. Replacement costs may not be greatly expensive but the difficulty in finding another is sometimes difficult and time consuming. Repairing and replacing these assets can also be quite costly in terms of sales revenue, most of the times these occurencies are inconveniences that are not needed in an organiation.
2) What is the likelihood value of a vulnerability that no longer must be considered?
Likelihood is 'the probability that a specific vulnerability within an organisation will be successfully attacked'. When doing risk assessment's a numerical value is assigned to vulnerability and one which is no longer really considered is close to zero.
3) In what instances is baselining or benchmarking superior to Cost Benefit Analysis?
In my view these concepts are relatively different. A CBA refers to either helping appraise , or assess the case for a project, programme or policy proposal. It can also refer to an approach to help make economic decisions of any kind. Whereas baselining and benchmarking relates to comparing various factors within organisation's.
4) How can we find out what organisations risk appeitie is? Why is this important?
An organisation's risk appetite is "the amount of risk exposure, or potential adverse impact from an event, that the organisation is willing to accept/retain". To work out an organisation's risk appetite they must ask themselves the following questions :
- Where do we feel we should allocate our limited time and resources to minimise risk exposures?
- What level of risk exposure requires immediate action? Why?
- What level of risk requires a formal response strategy to mitigate the potentially material impact? Why?
- What events have occured in the past and at what level were they managed? Why?
Each question is followed by a 'why' because the organisation should be able to articulate the quantitative and/or qualitative basis for the appetite. The overall aim of the organisation is to keep the risk within the organisations accepted range.
"http://www.continuitycentral.com/feature0170.htm'
Friday, August 27, 2010
Friday, August 20, 2010
Week 4 Work
Do you see any disparity between local (Australia) law and International law? What could be the implications when information security breaches cross borders?
Overall from what i can see from my research of information security globally most of the laws seem to be fairly similar and similar regulations are in place. The U.S. and U.K. seem to be a bit ahead of Australia in the laws which they have made and the detail and broadness of their laws. This is reasonably expected as it could be said they are a bit more technologically advanced and have faced these threats more regularly and for a longer period of time.
Their could be very significant implications relating to information security breaches which cross international borders. As seen in this case of a U.K. hacker being extradited to the U.S. to face trial regarding his attempts to hack N.A.S.A's computers, the U.S. Department of Defense and several military branches. Extraditing an individual to another country is a very extreme measure and is probably one of the highest implications for an information security breach. It can become very different when information security breaches are internationally committed as country's attempt not to allow their citizens to be extradited as in this case where the man was allowes to be extradited. It can become a very messy situation between nations when they want to charge individuals from other country's, all sorts of issues can arise legal-political, economical or sociocultural which may cause all kinds of issues relating to breaks and charges on these breaches.
Thoughts on Video - "British 'UFO' hacker loses extradition battle"
This is a very highly debated topic and a difficult one to pass judgement on. As the attack was undertaken in the U.K. against computers in the U.S. it seems fair that as the attack was against the U.S. the charges should be made in the U.S.. Then on the other hand as the offence was essentially committed in the U.K. it brings up a whole lot of issues for discussion. I can now see and understand why there is so much controversy about extraditing individuals for crimes such as this one i previously did not understand what extradition was but after just thinking about it for a few minutes it really brings about many dilemas in a persons thinking. Is it right that someone can be trialed in another country or should they be trialed in their country and fulfill theri penalties there. It really brings up some dilema's especially in this case as the individual in question as Asperger's Syndrome. This in it's self brings up many issues both ethical and moral as would it be right to sentence him in the U.S. away from his who he would heavily rely depend on because of his condition or should he really be sentenced at all, instead maybe he needs help with his disability to overcome certain issues.
If the hacker was identified as being from China or a country less friendly with the U.S., the circumstances may be different. This may be because of national relations, cultures and laws in place in these countries. These countries may also not allow one of their citizens to be extradited to a foriegn country for trial instead attempted to put barriers in place to stop this extradition.
Overall from what i can see from my research of information security globally most of the laws seem to be fairly similar and similar regulations are in place. The U.S. and U.K. seem to be a bit ahead of Australia in the laws which they have made and the detail and broadness of their laws. This is reasonably expected as it could be said they are a bit more technologically advanced and have faced these threats more regularly and for a longer period of time.
Their could be very significant implications relating to information security breaches which cross international borders. As seen in this case of a U.K. hacker being extradited to the U.S. to face trial regarding his attempts to hack N.A.S.A's computers, the U.S. Department of Defense and several military branches. Extraditing an individual to another country is a very extreme measure and is probably one of the highest implications for an information security breach. It can become very different when information security breaches are internationally committed as country's attempt not to allow their citizens to be extradited as in this case where the man was allowes to be extradited. It can become a very messy situation between nations when they want to charge individuals from other country's, all sorts of issues can arise legal-political, economical or sociocultural which may cause all kinds of issues relating to breaks and charges on these breaches.
Thoughts on Video - "British 'UFO' hacker loses extradition battle"
This is a very highly debated topic and a difficult one to pass judgement on. As the attack was undertaken in the U.K. against computers in the U.S. it seems fair that as the attack was against the U.S. the charges should be made in the U.S.. Then on the other hand as the offence was essentially committed in the U.K. it brings up a whole lot of issues for discussion. I can now see and understand why there is so much controversy about extraditing individuals for crimes such as this one i previously did not understand what extradition was but after just thinking about it for a few minutes it really brings about many dilemas in a persons thinking. Is it right that someone can be trialed in another country or should they be trialed in their country and fulfill theri penalties there. It really brings up some dilema's especially in this case as the individual in question as Asperger's Syndrome. This in it's self brings up many issues both ethical and moral as would it be right to sentence him in the U.S. away from his who he would heavily rely depend on because of his condition or should he really be sentenced at all, instead maybe he needs help with his disability to overcome certain issues.
If the hacker was identified as being from China or a country less friendly with the U.S., the circumstances may be different. This may be because of national relations, cultures and laws in place in these countries. These countries may also not allow one of their citizens to be extradited to a foriegn country for trial instead attempted to put barriers in place to stop this extradition.
Thursday, August 12, 2010
Article Summary Week 3 Work
Article name: FTP login credentials at major corporations breached.
By Greg Masters, posted June 29, 2009.
http://www.securecomputing.net.au/News/148759,ftp-login-credentials-at-major-corporations-breached.aspx
"A Trojan was reportedly uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee". It is a ZBot trojan which is known for capturing keystrokes to obtain login credentials, along with credit card or other sensitive information.
Once a PC was infected, user's stored FTP login credentials were stolen.
The major impacts of this trojan were stolen login credentials for around 68,000 websites. Also some versions of the trojan are capable of getting snapshots of an infected user's system.
Measures that these organisations can take to prevent these threats and attacks in future include warning site users about these problems. Ivan Macalintal, a threat researcher manager at Trend Micro said that traditional antidotes can be used including not clicking on suspicious or solicited links, browse safely and securely using web filtering, update patches and use safe computing practices. These are the main measures which can be taken to prevent any future attacks by the users, other than these i am sure that these major corporations have taken some approaches to stop any future attacks but the artical does not discuss these.
In regards to measures that the University of Ballarat has in place to deal with information security the Network and Infrastructure team have dedicated team that focuses on information security. The ICT security staff has implemented a number of strategies to protect our data, services and systems. Measures that have beeen taken include use of state of the art fire walls, virus and spyware protection, anti-spam software, multi tiered password protection, secure login via Access@UB, secure data storage, security alerts, educating UB students and staff and access to free anti-virus software(sophos).
By Greg Masters, posted June 29, 2009.
http://www.securecomputing.net.au/News/148759,ftp-login-credentials-at-major-corporations-breached.aspx
"A Trojan was reportedly uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee". It is a ZBot trojan which is known for capturing keystrokes to obtain login credentials, along with credit card or other sensitive information.
Once a PC was infected, user's stored FTP login credentials were stolen.
The major impacts of this trojan were stolen login credentials for around 68,000 websites. Also some versions of the trojan are capable of getting snapshots of an infected user's system.
Measures that these organisations can take to prevent these threats and attacks in future include warning site users about these problems. Ivan Macalintal, a threat researcher manager at Trend Micro said that traditional antidotes can be used including not clicking on suspicious or solicited links, browse safely and securely using web filtering, update patches and use safe computing practices. These are the main measures which can be taken to prevent any future attacks by the users, other than these i am sure that these major corporations have taken some approaches to stop any future attacks but the artical does not discuss these.
In regards to measures that the University of Ballarat has in place to deal with information security the Network and Infrastructure team have dedicated team that focuses on information security. The ICT security staff has implemented a number of strategies to protect our data, services and systems. Measures that have beeen taken include use of state of the art fire walls, virus and spyware protection, anti-spam software, multi tiered password protection, secure login via Access@UB, secure data storage, security alerts, educating UB students and staff and access to free anti-virus software(sophos).
Wednesday, August 11, 2010
Week 3 Reflection - The need for security
The only time i believe i have had to deal with the effects of these attacks was by a worm. From my understanding of the definition of a worm it is a malicious program that replicates itself constantly without requiring another to provide a safe environment for replication. These worms can replicate themselves until they completely fill available resources.
In my experience i am not 100% sure that the attack was a worm, but the internet browser screen continually kept opening to the page which i had visited. I can not remember what page this was but i know it was my internet explorer browser. This continued for a few minutes and then i turned my computer off at the power. When i started it back up again it rebooted andeverything worked as normal. This attack if it was an attack may not have been a worm but that's the only category which i think it fits into.
Afterwards i took no precautionary measures to stop future worms or attacks and have had no trouble since this one off experience.
As i do not use the internet that regularly unless required, i may not be as prone to these attacks. It is only recently since doing eBusiness courses that i have expanded my online use, so in the future i may need to protect my self from any of these events occuring to me. Maybe through completing this course i may learn ways to do this and learn more about information security in general.
In my experience i am not 100% sure that the attack was a worm, but the internet browser screen continually kept opening to the page which i had visited. I can not remember what page this was but i know it was my internet explorer browser. This continued for a few minutes and then i turned my computer off at the power. When i started it back up again it rebooted andeverything worked as normal. This attack if it was an attack may not have been a worm but that's the only category which i think it fits into.
Afterwards i took no precautionary measures to stop future worms or attacks and have had no trouble since this one off experience.
As i do not use the internet that regularly unless required, i may not be as prone to these attacks. It is only recently since doing eBusiness courses that i have expanded my online use, so in the future i may need to protect my self from any of these events occuring to me. Maybe through completing this course i may learn ways to do this and learn more about information security in general.
Friday, August 6, 2010
Article Summary Week 2 Work
Article: Burton Group names Symantic, RSA, Websense as best data loss prevention vendors. By Robert Westerveit, Posted 19th October 2009.
http://searchsecurity.techtarget.com.au/articles/36348-Burton-Group-names-Symantec-RSA-Websense-as-best-data-loss-prevention-vendors?topic_id=176
Overall this article relates to companies being fearful of being the next victim of an information security breach. Company's are beginning to use Data Leakage Prevention(DLP) technology to track data.
Data Laekage Prevention vendors are creating new and important relationships with other parties to better integrate DLP software it can track where the data is going, it can block potential hackers or even place alarms on the data.
The article also discusses vendors of Data Leakage Prevention software and how they were rated for their services as a vendor. It discusses the issues relating to DLP technologies, making it an ongoing process that needs to be continued for the DLP software to be fully effective within the business.
On a whole this article discusses the first topic of the subject an Introduction to Information Security as it discusses Data Leakage Prevention software. This relates to Information Security as data is a form information which needs to be secured within businesses.
http://searchsecurity.techtarget.com.au/articles/36348-Burton-Group-names-Symantec-RSA-Websense-as-best-data-loss-prevention-vendors?topic_id=176
Overall this article relates to companies being fearful of being the next victim of an information security breach. Company's are beginning to use Data Leakage Prevention(DLP) technology to track data.
Data Laekage Prevention vendors are creating new and important relationships with other parties to better integrate DLP software it can track where the data is going, it can block potential hackers or even place alarms on the data.
The article also discusses vendors of Data Leakage Prevention software and how they were rated for their services as a vendor. It discusses the issues relating to DLP technologies, making it an ongoing process that needs to be continued for the DLP software to be fully effective within the business.
On a whole this article discusses the first topic of the subject an Introduction to Information Security as it discusses Data Leakage Prevention software. This relates to Information Security as data is a form information which needs to be secured within businesses.
Thursday, August 5, 2010
Week 2 Reflection - Introduction to Information Security
As this is my first journal reflection entry i am still coming to grips with what is fully required out of this exercise, so i will just learn as i go.
As this weeks chapter was an Introduction to Information Security overall it was a reasonably easy first chapter to come to grips with the concepts discussed throughout.
MAIN THINGS I LEARNT-
Whilst reading this chapter i have learnt several new concepts and ideas that i did not know or not fully understand. I have learnt about the history of Information Security dating back to the 1960's. I have learnt that the beginning of information security began after the first mainframes were developed. This produced the need for information on these mainframes needed some form of protection. I have also discovered the meaning of several terms including security, information, information security, data ownership, data custodian and data users. From studying this chapter i have a greater understanding of a lot more of the components if both information and security. From completing the online quiz i learnt the majority of what i learnt out of this topic, i found it a very useful exercise to complete.
WHAT I FOUND DIFFICULT TO UNDERSTAND-
As i previously said this chapter was an introduction to information security the overall concepts and issues discussed are really quite simple to understand. In terms of anything i found difficult to understand nothing really was that in depth that it was mind boggling. The only thing i do not fully understand is The Systems Development Life Cycle and The Waterfall Methodology. After reading it over a couple of times and thinking about it, it became clearer and easier to understand.
WHAT INTERESTS ME-
Overall the topic was fairly interesting to me as i enrolled in this course to learn more about information security. As the first chapter was an overview of this topic it lived up to my expectations about what i intended to learn about. So the concepts or ideas which i found interesting were some elements relating to both information and security. The history of information security was probably the most interesting aspect of the chapter as i now know the origin of the concept of information security. The weekly quiz was probably the best part of the work for the week and the most useful activity i completed as it made me go and hunt for the answers through the slide presentation.
WHAT DOES NOT INTEREST ME-
As i am not the most technically savy person when it comes to computers anything which is too in depth about computers does not really interest me. As there was nothing really like this in this chapter, none of the topics were not some what interesting to me.
As this weeks chapter was an Introduction to Information Security overall it was a reasonably easy first chapter to come to grips with the concepts discussed throughout.
MAIN THINGS I LEARNT-
Whilst reading this chapter i have learnt several new concepts and ideas that i did not know or not fully understand. I have learnt about the history of Information Security dating back to the 1960's. I have learnt that the beginning of information security began after the first mainframes were developed. This produced the need for information on these mainframes needed some form of protection. I have also discovered the meaning of several terms including security, information, information security, data ownership, data custodian and data users. From studying this chapter i have a greater understanding of a lot more of the components if both information and security. From completing the online quiz i learnt the majority of what i learnt out of this topic, i found it a very useful exercise to complete.
WHAT I FOUND DIFFICULT TO UNDERSTAND-
As i previously said this chapter was an introduction to information security the overall concepts and issues discussed are really quite simple to understand. In terms of anything i found difficult to understand nothing really was that in depth that it was mind boggling. The only thing i do not fully understand is The Systems Development Life Cycle and The Waterfall Methodology. After reading it over a couple of times and thinking about it, it became clearer and easier to understand.
WHAT INTERESTS ME-
Overall the topic was fairly interesting to me as i enrolled in this course to learn more about information security. As the first chapter was an overview of this topic it lived up to my expectations about what i intended to learn about. So the concepts or ideas which i found interesting were some elements relating to both information and security. The history of information security was probably the most interesting aspect of the chapter as i now know the origin of the concept of information security. The weekly quiz was probably the best part of the work for the week and the most useful activity i completed as it made me go and hunt for the answers through the slide presentation.
WHAT DOES NOT INTEREST ME-
As i am not the most technically savy person when it comes to computers anything which is too in depth about computers does not really interest me. As there was nothing really like this in this chapter, none of the topics were not some what interesting to me.
Week 1 Course Introduction
What sort of damage do you think could be done to a business who had insecure databases? Can you think of any examples where this has happened?
If a business had an insecure database various kinds of damage could be done by hackers to their businesses database. Hackers could steal various kinds of information from databases, depending the information stored on the databases businesses are very open to all kinds of hackers. Hacking businesses databases may lead to all sorts of problems for businesses whether they involve the leaking of information, stealing ideas or problems with legal issues such as privacy being breached. These hackers are a major problem for all businesses in today's business environment as more and more businesses are expanding operations onto the internet without a sufficient knowledge of what they are doing and the risks that they may be open to. Database hacking shows the need for the knowledge of corporate information security in today's business environment.
If a business had an insecure database various kinds of damage could be done by hackers to their businesses database. Hackers could steal various kinds of information from databases, depending the information stored on the databases businesses are very open to all kinds of hackers. Hacking businesses databases may lead to all sorts of problems for businesses whether they involve the leaking of information, stealing ideas or problems with legal issues such as privacy being breached. These hackers are a major problem for all businesses in today's business environment as more and more businesses are expanding operations onto the internet without a sufficient knowledge of what they are doing and the risks that they may be open to. Database hacking shows the need for the knowledge of corporate information security in today's business environment.
Tuesday, August 3, 2010
Assessment Task One
- Why have you chosen to study this course?
The reason i have chosen to study Corporate Information Security is mainly because i enjoyed eBusiness Fundamentals last semester. I found it really good how there were no classes and no set timne during a week where you had to complete set tasks. As i found out already this subject seems to be fairly similar in style which is appealing to me.
- How secure is your personal information? wherever it may exist
The security of most of my personal information is mainly the security of my house as it is mainly in a physical form. So in relation security via my computer it is not really an issue. There would be general concerns about information on social networking sites such as Facebook and the security of those sites. As i do not do a lot of things online like buying or selling online, internet banking or paying bills, my personal information is not available to be stolen through the online world by hackers or etc.
- What do you hope to learn this semester?
Throughout this semester i hope to learn a few things from completing this course. As my knowledge of the online world is not that vast i learnt a lot from doing eBusiness Fundamentals previously. I hope to expand my knowledge of obviously areas such as online security, protection of my personal information as i expand my use of the internet and learn about new areas that i am not currently aware of in the field of information security.
- What is your definition of information?
Information in my eyes can exist in many different forms, tangible or intangible, a collection of data, writing, audio or videos which becomes acquired knowledge.
- What is your definition of information security?
The protection of information of any nature, which is secured from risks and threats from unauthorised users.
- How will the knowledge of information security you gain this semester help you in the future?
The knowledge i gain from completing this information security course will hopefully be beneficial in many areas of my future life. In my field of accounting i think it will be relatively important that i know how to protect client and firm information. It will also be important in my daily life as the internet becomes more and more a part of peoples everyday lives.
The reason i have chosen to study Corporate Information Security is mainly because i enjoyed eBusiness Fundamentals last semester. I found it really good how there were no classes and no set timne during a week where you had to complete set tasks. As i found out already this subject seems to be fairly similar in style which is appealing to me.
- How secure is your personal information? wherever it may exist
The security of most of my personal information is mainly the security of my house as it is mainly in a physical form. So in relation security via my computer it is not really an issue. There would be general concerns about information on social networking sites such as Facebook and the security of those sites. As i do not do a lot of things online like buying or selling online, internet banking or paying bills, my personal information is not available to be stolen through the online world by hackers or etc.
- What do you hope to learn this semester?
Throughout this semester i hope to learn a few things from completing this course. As my knowledge of the online world is not that vast i learnt a lot from doing eBusiness Fundamentals previously. I hope to expand my knowledge of obviously areas such as online security, protection of my personal information as i expand my use of the internet and learn about new areas that i am not currently aware of in the field of information security.
- What is your definition of information?
Information in my eyes can exist in many different forms, tangible or intangible, a collection of data, writing, audio or videos which becomes acquired knowledge.
- What is your definition of information security?
The protection of information of any nature, which is secured from risks and threats from unauthorised users.
- How will the knowledge of information security you gain this semester help you in the future?
The knowledge i gain from completing this information security course will hopefully be beneficial in many areas of my future life. In my field of accounting i think it will be relatively important that i know how to protect client and firm information. It will also be important in my daily life as the internet becomes more and more a part of peoples everyday lives.
Subscribe to:
Comments (Atom)