Free

Entifying Information Assets, Threats, and Vulnerabilities in Top Information Security Breaches of the Decade - Assignment Example

Comments (0) Cite this document
Summary
A security breach or security violation is any occurrence that leads to unauthorized access of data, networks, services, devices, and/or applications by bypassing security mechanisms that exists. Security is breached whenever a person or an application unlawfully enters a…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER96.8% of users find it useful
Entifying Information Assets, Threats, and Vulnerabilities in Top Information Security Breaches of the Decade
Read TextPreview

Extract of sample "Entifying Information Assets, Threats, and Vulnerabilities in Top Information Security Breaches of the Decade"

INFORMATION SECURITY BREACHES A security breach or security violation is any occurrence that leads to un ized access of data, networks, services, devices, and/or applications by bypassing security mechanisms that exists. Security is breached whenever a person or an application unlawfully enters a confidential, private or logical IT perimeter that is unauthorized (Gupta, et al. 2009). Five of information security breach that occurred in the last decade include are: insider misuse, unauthorized access by insiders, spam, malware, and unauthorized access by outsiders.
Insider misuse that belongs to computing resources takes many forms. If is not resolved, it can lead to very serious information security. The electronic or the physical security systems are not the organization’s weakest security link; human are the one with the weakest links. It is always assumed that the insider threats originate from rogue workers or planted ‘moles’, IT administrators and managers who are privileged to the access of sensitive information, controls and resources poses the greatest risk. They can start and stop a system, make changes that are critical such as giving the rights to access and untraceably deleting security logs. This threat is devoted to describing the mechanisms used for compromising organizational intellectual property from within (Gupta, et al. 2012). A lot of security incidents are caused by insider misuse i.e. accidental or malicious. A lot of misuse occurs within the boundaries of trust necessary to perform duties. Preventing the misuse is difficult as the only way to stay secure is to grant access rights only to those with business need and to keep an eye on their activities. The problem is that the majority of organizations have very limited capabilities to trace specific IT events to specific users, with any certainty. A small fraction of IT teams are aware of what is going on in their infrastructure in a particular time and some organizations look manually through files so as to get answers.
Unauthorized access by insiders; by accessing the organization’s secured areas physically, or materials that have data which is sensitive make it very easy for a crime to be committed by malicious insiders. The physical security measures of an organization are as important as the technical security controls. This threat is emerging as a great risk to corporate data. The vulnerability that led to this attacks are; unauthorized access even when credentials are missing, lack of managing the threat of shared password, failing to ensure organization’s critical assets access is attributed to a specific employee, and failing to respond immediately to suspicious access behavior.
Spam is e mail message that is unwanted and is highly visible to each and every person in the organization and it serves as a way of many other forms of attacks. This threat is continuously increasing. The other problem that spam has apart from annoyance is its cheat customers which undermines their confidence and affects the legal internet market that utilizes practices that are ethical (Rainer, et al. 2011). Spam uses the weaknesses of the security so as to remotely install software that are hidden and this changes private PCs to become proxy server or mail. They are routed through servers in the overseas to prevent detection.
Malware is an infection to an organization’s network or system by worms, viruses, adware, Trojans or spyware. In spite the advancement made in technology to prevent malware, it still ranks highly in information security breaches. There distinct difference between organizations in accordance to malicious code attacks frequency, mostly because of their differences in how good organizations defend the security events (Whitman, et al. 2009). Unauthorized access by outsiders simply refers unauthorized use of the system by the outsiders. Hackers have obtained access without the permission of the organization and this has lead to a serious concern of information security breach to organizations.
References
Gupta, M., & Sharman, R. (2009). Handbook of research on social and organizational liabilities in information security. Hershey, PA: Information Science Reference.
Gupta, M., Walp, J., & Sharman, R. (2012). Threats, countermeasures, and advances in applied information security. Hershey, PA: Information Science Reference.
Rainer, R. K., & Cegielski, C. G. (2011). Introduction to information systems. Hoboken, N.J: Wiley.
Whitman, M. E., & Mattord, H. J. (2009). Principles of information security. Boston, Mass: Thomson Course Technology. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Entifying Information Assets, Threats, and Vulnerabilities in Top Assignment”, n.d.)
Entifying Information Assets, Threats, and Vulnerabilities in Top Assignment. Retrieved from https://studentshare.org/information-technology/1682318-entifying-information-assets-threats-and-vulnerabilities-in-top-information-security-breaches-of-the-decade
(Entifying Information Assets, Threats, and Vulnerabilities in Top Assignment)
Entifying Information Assets, Threats, and Vulnerabilities in Top Assignment. https://studentshare.org/information-technology/1682318-entifying-information-assets-threats-and-vulnerabilities-in-top-information-security-breaches-of-the-decade.
“Entifying Information Assets, Threats, and Vulnerabilities in Top Assignment”, n.d. https://studentshare.org/information-technology/1682318-entifying-information-assets-threats-and-vulnerabilities-in-top-information-security-breaches-of-the-decade.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Entifying Information Assets, Threats, and Vulnerabilities in Top Information Security Breaches of the Decade

Information Security

...and information. If resources are rented from outside there are possibilities of linkages with the outside networks that can lead leakages of important information to the outside world. This can lead to several frauds and it is known that organizations are prone to such fraud risks often. If not secured or protected, these may even lead to destruction of the organization’s information, affecting their performances and results (Managing the Business Risk of Fraud: A Practical Guide, n.d., p.5). Considering the use of compute resources risks and threats arise more because in the present times the advanced technologies are more associated with open systems....
12 Pages(3000 words)Essay

Information Security

...are attractive targets to adversaries due to implementation of improper security mechanisms. Maiwald (2004) state that current state of network security cannot be called purely safe from all sorts of threats. Although virus and worm attacks have decreased considerably, yet the companies need to address information theft issue, which is the top network security concern these days (Batten, 2008, p.24). Network administrators also hold the responsibility to create new mechanisms for the security of networks. McFarlane (2010) asserts, “There is no doubt that network administrators are today dealing with much more...
5 Pages(1250 words)Research Paper

Information Security

...as information security management (ISM) (Sipior & Ward, 2008), (Northern Illinois University, 2007) and (Grimaila, 2004). Security Issue The basic issue which I have chosen for this SLP is about information hacking. In our daily lives we often see this kind of security breach. People around us with negative intentions steal someone’s personal information in an attempt to make illegal use of it. This personal information could encompass various sensitive things such as computer passwords, email passwords, social security number, credit card number and a lot of others. The basic purpose...
10 Pages(2500 words)Essay

Information Security

...? Need for Information Security Introduction The intervention of technology has increased competition for organizations since communication has broken geographical barriers and has transformed the world into a global village. The increasing competition makes it vital for all types of organizations to be equipped with information and data about their customers, market trends, consumer behavior etc. However, the possession of complete information is considered to be an incomplete victory if it is not protected in an effective manner against prevailing threats and vulnerabilities. Lack of awareness and execution to protect company’s...
3 Pages(750 words)Research Paper

Common Information Security Threats

...organization is crucial in terms of minimizing attacks on the information security systems. In essence, it enables the company to prepare adequately, and prevents the anticipated risks. Further, Identifying threats and vulnerability assist in planning for appropriate security tests. This allows the firm to put in place effective measures to minimize security threats on a long- term basis (Jenkins, 1998). Risk management techniques The appropriate risk management techniques for organizations, involve implementing programs, efficient in terms of protecting information systems. This requires a focus on a...
3 Pages(750 words)Essay

Information Security

...? Information Security INFORMATION SECURITY Following the anti-virus up from McAfee that affected computers running Windows XPinternationally, the company made an official announcement, contending that a very small percentage of their clients had been affected. The apology was initially given by a spokesman for the company, and it was him who claimed that only less than 0.5% of their clients had been affected by the erroneous update (Harkins, 2013). This was the wrong person to have come out with such an apology, and it seemed that McAfee realized it. The next morning, Barry McPherson, their EVP, released a statement that was well phrased, but still unapologetic. Again,...
3 Pages(750 words)Essay

Information Security

...that are deemed acceptable (Workstation Services Support Group, 1998). This notion of acceptability is crucial to any cost-benefit analysis involving an information security system. The first step is to create a recognition that an organization's informational resources are valuable assets in need of protection. This means creating a pervasive organizational understanding about security risks, new security threats and the procedures for keeping workers informed. The second step is to draft and implement risk assessment procedures which incorporate the information...
4 Pages(1000 words)Essay

Information Security

...information. There are people who accepted hacking as their main revenue source and they are capable of breaking the firewalls created for the protection of the information stored in a computer. It is easy for a hacker to break the firewalls and plant viruses inside a computer apart from taking out all the information he or she wants. Earlier information security solutions mainly focused on preventing the external threats. But currently organizations realized that internal threat is as important as the external threats. The employees can easily export sensitive company information...
6 Pages(1500 words)Term Paper

Information Security

...Information Security Table of Contents Table of Contents 2 An Overview of Information Security 3 Ensuring the Effectiveness of the Information Security Policies 3 Policies and Measures 4 Protection of the Data and the Steps Involved 5 Enhancing the Information Security 6 References 7 An Overview of Information Security The basic concept of the information security in an organization involves providing assistance to the organization’s mission. Every individual organization is open to the elements of worries which at times can influence the...
2 Pages(500 words)Essay

Threats And Vulnerabilities Analysis

...Threats And Vulnerabilities Analysis Figure showing Vulnerability Assessment Matrix   Object of Vulnerability   Physical Cyber Human / Social Enabling Infrastructure Attributes: Hardware (Data Storage, Input/Output, Clients, Servers), Network and Communications, Locality Software, Data, Information, Knowledge Staff, Command, Management, Policies, Procedures, Training, Authentication Ship, Building, Power, Water, Air, Environment Properties Leading to Vulnerabilities Design / Architecture Singularity         Uniqueness     inadequate security awareness   Centrality  Centralized network monitoring and control       Homogeneity standardized network architecture       Separability... ...
6 Pages(1500 words)Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Assignment on topic Entifying Information Assets, Threats, and Vulnerabilities in Top Information Security Breaches of the Decade for FREE!

Contact Us