INFORMATION SYSTEMS: LECTURE 17 STUDY GUIDE

cybersecurity threat

• an event or condition that has the potential for causing asset loss and the undesirable consequences or impact from such loss

• Assets include: Information, Software, and Hardware

Causes of Asset Loss

situations and events related to adversity typically referred to as disruptions, hazards, or threats

Types of Asset Loss

all forms of intentional, unintentional, accidental, incidental, misuse, abuse, error, weakness, defect, fault, and/or failure events and associated conditions

Cybersecurity vulnerabilities

• weaknesses in system security that can be exploited

• System compromises can lead to:

  • They can lead to breaches, data loss, system outages, and policy violations.

  • they may stem from flaws in design, implementation, or security exposure in software.

Database of Software Vulnerabilities

• Attackers exploit vulnerabilities to launch attacks.

• Organizations maintain public databases of software vulnerabilities.

• These databases help others prevent known security threats.

Cybersecurity Exploits

• a method hackers use to exploit system vulnerabilities.

• It includes code, commands, or exploit kits targeting security flaws.

• enable unauthorized remote access and privilege to move deeper into the organization’s network.

Cybersecurity threat mitigation

includes the policies and procedures to help prevent against security incidents

Three Main Components of Threat Mitigation

• Threat Prevention: Policies and procedures put in place by an organization to protect systems and data

• Threat Identification: Security tools and oversight designed to identify specific and active security threats

• Threat Cure: Policies, tools, and strategies used to lessen the impact of active security threats

Common Types of Cybersecurity Breaches

• Viruses

• Social Engineering

• Spyware

• Distributed Denial of Service (DDOS)

• Adware

• Malware Bots

• Ransomeware

• Keyloggers

Viruses:

• Application: Software that infects computers, are created using code and typically must be “run” to cause harm.

• Adverse Impact: They can damage programs or disrupt computer and network operations.

• Key Condition: Like biological viruses, they replicate and spread but require a host file or document.

Social Engineering

• manipulates people into revealing confidential information.

• Targets include bank details, passwords, network access, and Social Security numbers.

• These attacks exploit trust and lack of awareness about sensitive information

Common Social Engineering Cybersecurity Attacks

• E-mail messages

• Baiting Scenarios

Spyware

• collects data on internet activity and user behavior.

• It can capture keystrokes, passwords, account numbers, and confidential information.

• Often installed through free downloads or malicious websites

Distributed Denial of Service (DDOS) attack

• A cyberattack to make a computer or online service unavailable to its users.

• It’s usually accomplished by flooding the resource with nonsensical or superfluous requests from multiple sources across the web.

Adware

• collects users' web browsing history.

• It displays ads on digital devices.

• It forwards search history to advertisers and social media sites.

• It gathers marketing and behavioral data.

Malware bots

Uses self-propagating malware that infects its host and connects back to a central server

Ransomware

• malware that locks data until a ransom is paid.

• It encrypts files and demands payment for decryption.

• Payments are often made via untraceable methods like Bitcoin.

• Attackers may or may not provide a decryption key after payment.

• Some variants threaten to expose personal data if the ransom is unpaid.

Keyloggers

• record keystrokes on a device.

• They can be used on smartphones, tablets, and computers.

• exist as hardware devices or software applications.

• Software keyloggers are often Trojan horses installed without user awareness.

• They can capture passwords and confidential data.

Chief Information Security Officer (CISO)

• Develops policies to protect an organization’s information assets.

• Advises on minimizing IT risks and implementing security processes.

• Manages security incidents, tools, and protocol enforcement.

• Typically requires a master's degree (MBA or cybersecurity)

Common Job Responsibilities of a CISO

• Aligns security strategies with business goals.

• Reports on information security risks to ensure compliance.

• Manages security incidents to protect IT assets.

• Oversees vendor relationships to ensure security requirements are met

Cybersecurity Goals

• to protect systems, data, and information from theft, compromise, or attack.

• Three common cybersecurity goals:

  • Protect data, information, and systems.

  • Preserve data, information, and system integrity.

  • Promote authentication to ensure authorized access and prevent unauthorized access.

Integrity

• can be maintained through measures like:

  • User-access controls

  • File permissions

  • Version controls

• Organizations must have systems to detect changes in data caused by both human and nonhuman events.

Authentication

• the process of verifying the origin of information or determining an individual's or entity's identity.

• Authentication methods aim to:

  • Prevent unauthorized access to resources.

  • Ensure authorized users have the access they need.

Identity Verification

used to defend IT systems and infrastructure from unauthorized access.

Common methods of identity verification include

• Two-Factor Identification (2FA)

• Knowledge-Based Authentication (KBA)

• Multi-Factor Authentication (MFA)

• Biometric Verification

• Token-Based Authentication