SlideShare una empresa de Scribd logo

Seurity policy

Descargar como PPTX, PDF
Hari Sarda
Hari Sarda

types of frauds, impact thereon and security policy for an organisation

Tecnología
1 de 16
Techniques to commits cyber frauds Hacking Cracking Data diddling – changing data before, during, or after it is entered into system Data leakage – unauthorized copying of company data such as computer files Denial of service attack – prevent access to a software system by its authorized users
Techniques to commits cyber frauds Internet terrorism – using internet to disrupt e-commerce ex. - SONY Logic time bombs – program that lies idle until some specified circumstances triggers; after this programs or data destroyed Masquerading or impersonation – perpetrator gsins access to the system by pretending to be an authorized user Password cracking – steals the file containing valid passwords, decrypts them and use them to gain access to system resources Piggybacking – tapping into a telecomm. Line and latching on to a legitimate user before he got into the system
Techniques to commits cyber frauds Round down – all int. calculation up to 2 decimal places, remaining fraction is placed in account controlled by perpetrator Scavenging or dumpster diving – searching confidential info in rubbish bin of corporate records Social engineering techniques – perpetrator tricks an employee into giving out info needed Super zapping – unauthorized use of special system programs to bypass regular system controls and perform illegal acts Trap door - enter into the system using a back door
Impact of cyber frauds on enterprises Financial loss Legal repercussions Loss of credibility or competitive edge Disclosure of confidential, sensitive or embarrassing information sabotage
Examples of impact Unauthorized data access of citi bank Sony mail hack
Reason behind Cyber frauds Organization to update themselves to new set of risks Smart fraudsters Failure of internal control system
Cyber frauds (any type of deliberate deception that occur online) Pure cyber frauds Cyber enabled frauds
IS security policy Introduction Tools to implement policy Issues to address Members Policies and hierarchy Components
Introduction • Intent by top level mgmt. about how to protect info. Assets • Formal statement of rules (documented) • IS security program • Direction and instruction to employees
Security policy invariably includes rules intended Preserve and protect information from unauthorized access Limit legal liability from employees or third party Prevent waste or inappropriate use of organization resources
Tools to implement policy (standard, guideline & procedures) • Offer users a clear approach about implementing policy and meeting organizational goals • Procedures – detailed steps to be followed • Uniform use of specific technologies • Guidelines are useful to understand standard
Issues to address Guiding documents to middle and lower level management Formally, written, available to everyone, updated, state roles and responsibilities to everyone, stating scope of the policy Security policy manual Does not need to be extremely extensive
Members of security policy Managerial Technologicallegal who have budget and policy authority IT EXPERTS What can and cannot be supported Who know the legal Ramifications of Various policy charges
Components • Purpose and scope of document • Security infrastructure • Response mechanism and incident reporting • Environmental security policy • It operations management • It communication • System development and maintenance control • Legal compliances • Monitoring and auditing requirements
Information security policy and their hierarchy Information security policy User security policy Acceptable usage policy Organizational info security policy Network and system security policy Info classification policy Conditions of connection
Information security policy and their hierarchy Information security policy – definition of info security User security policy – specify responsibilities and requirements Acceptable usage policy – satisfactory use of email and internet services Organizational info security policy – group policy of security of its info assets Network and system security policy – system and network security Info classification policy –sets out policy for classification of information Conditions of connection – sets out the group policy for connecting to their network

Recomendados

Security and Control Issues in information Systems
Security and Control Issues in information SystemsSecurity and Control Issues in information Systems
Security and Control Issues in information SystemsDr. Rosemarie Sibbaluca-Guirre
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Procedural Controls
Procedural ControlsProcedural Controls
Procedural ControlsDr. Rosemarie Sibbaluca-Guirre
 
Smart city project's Information Security challenges
Smart city project's Information Security challenges Smart city project's Information Security challenges
Smart city project's Information Security challenges Behak Kangarloo
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Mis presentation by suraj vaidya
Mis presentation by suraj vaidyaMis presentation by suraj vaidya
Mis presentation by suraj vaidyaSuraj Vaidya
 

Recomendados

Security and Control Issues in information Systems
Security and Control Issues in information SystemsSecurity and Control Issues in information Systems
Security and Control Issues in information SystemsDr. Rosemarie Sibbaluca-Guirre
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Procedural Controls
Procedural ControlsProcedural Controls
Procedural ControlsDr. Rosemarie Sibbaluca-Guirre
 
Smart city project's Information Security challenges
Smart city project's Information Security challenges Smart city project's Information Security challenges
Smart city project's Information Security challenges Behak Kangarloo
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Mis presentation by suraj vaidya
Mis presentation by suraj vaidyaMis presentation by suraj vaidya
Mis presentation by suraj vaidyaSuraj Vaidya
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...Zara Nawaz
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-securityAl Balqa Applied University
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issuesHaseeb Ahmed Awan
 
Information security
Information security Information security
Information security razendar79
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKATHEESKUMAR S
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography toolsMLG College of Learning, Inc
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-applSR NAIDU
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...Zara Nawaz
 
Information and network security 3 security challenges
Information and network security 3 security challengesInformation and network security 3 security challenges
Information and network security 3 security challengesVaibhav Khanna
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012RECIPA
 
Security.ppt
Security.pptSecurity.ppt
Security.pptssuser50c54b
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdfNdheh
 

Más contenido relacionado

La actualidad más candente

Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...Zara Nawaz
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issuesHaseeb Ahmed Awan
 
Information security
Information security Information security
Information security razendar79
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKATHEESKUMAR S
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-applSR NAIDU
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to securityDhani Ahmad
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...Zara Nawaz
 
Information and network security 3 security challenges
Information and network security 3 security challengesInformation and network security 3 security challenges
Information and network security 3 security challengesVaibhav Khanna
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012RECIPA
 

La actualidad más candente (20)

Information security
Information securityInformation security
Information security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-security
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
 
Information security
Information security Information security
Information security
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography tools
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Ch02 mis-ctrl-appl
Ch02 mis-ctrl-applCh02 mis-ctrl-appl
Ch02 mis-ctrl-appl
 
06. security concept
06. security concept06. security concept
06. security concept
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
 
Information and network security 3 security challenges
Information and network security 3 security challengesInformation and network security 3 security challenges
Information and network security 3 security challenges
 
17 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_201217 info sec_ma_imt_27_2_2012
17 info sec_ma_imt_27_2_2012
 

Similar a Seurity policy

Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdfNdheh
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftCase IQ
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxdotco
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxTechnocracy2
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxGovandJamalSaeed
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 
01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdfRiyaSonawane
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfSecureCurve
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 

Similar a Seurity policy (20)

Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
 
IS Unit II.pptx
IS Unit II.pptxIS Unit II.pptx
IS Unit II.pptx
 
Unit v
Unit vUnit v
Unit v
 
The Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data TheftThe Inside Job: Detecting, Preventing and Investigating Data Theft
The Inside Job: Detecting, Preventing and Investigating Data Theft
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
security in is.pptx
security in is.pptxsecurity in is.pptx
security in is.pptx
 
Chapter-2 (1).pptx
Chapter-2 (1).pptxChapter-2 (1).pptx
Chapter-2 (1).pptx
 
insider threat research
insider threat researchinsider threat research
insider threat research
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Security & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptxSecurity & Risk Mgmt_WK1.pptx
Security & Risk Mgmt_WK1.pptx
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
 
Computer security
Computer securityComputer security
Computer security
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 

Último

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Último (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Seurity policy

  • 1. Techniques to commits cyber frauds Hacking Cracking Data diddling – changing data before, during, or after it is entered into system Data leakage – unauthorized copying of company data such as computer files Denial of service attack – prevent access to a software system by its authorized users
  • 2. Techniques to commits cyber frauds Internet terrorism – using internet to disrupt e-commerce ex. - SONY Logic time bombs – program that lies idle until some specified circumstances triggers; after this programs or data destroyed Masquerading or impersonation – perpetrator gsins access to the system by pretending to be an authorized user Password cracking – steals the file containing valid passwords, decrypts them and use them to gain access to system resources Piggybacking – tapping into a telecomm. Line and latching on to a legitimate user before he got into the system
  • 3. Techniques to commits cyber frauds Round down – all int. calculation up to 2 decimal places, remaining fraction is placed in account controlled by perpetrator Scavenging or dumpster diving – searching confidential info in rubbish bin of corporate records Social engineering techniques – perpetrator tricks an employee into giving out info needed Super zapping – unauthorized use of special system programs to bypass regular system controls and perform illegal acts Trap door - enter into the system using a back door
  • 4. Impact of cyber frauds on enterprises Financial loss Legal repercussions Loss of credibility or competitive edge Disclosure of confidential, sensitive or embarrassing information sabotage
  • 5. Examples of impact Unauthorized data access of citi bank Sony mail hack
  • 6. Reason behind Cyber frauds Organization to update themselves to new set of risks Smart fraudsters Failure of internal control system
  • 7. Cyber frauds (any type of deliberate deception that occur online) Pure cyber frauds Cyber enabled frauds
  • 8. IS security policy Introduction Tools to implement policy Issues to address Members Policies and hierarchy Components
  • 9. Introduction • Intent by top level mgmt. about how to protect info. Assets • Formal statement of rules (documented) • IS security program • Direction and instruction to employees
  • 10. Security policy invariably includes rules intended Preserve and protect information from unauthorized access Limit legal liability from employees or third party Prevent waste or inappropriate use of organization resources
  • 11. Tools to implement policy (standard, guideline & procedures) • Offer users a clear approach about implementing policy and meeting organizational goals • Procedures – detailed steps to be followed • Uniform use of specific technologies • Guidelines are useful to understand standard
  • 12. Issues to address Guiding documents to middle and lower level management Formally, written, available to everyone, updated, state roles and responsibilities to everyone, stating scope of the policy Security policy manual Does not need to be extremely extensive
  • 13. Members of security policy Managerial Technologicallegal who have budget and policy authority IT EXPERTS What can and cannot be supported Who know the legal Ramifications of Various policy charges
  • 14. Components • Purpose and scope of document • Security infrastructure • Response mechanism and incident reporting • Environmental security policy • It operations management • It communication • System development and maintenance control • Legal compliances • Monitoring and auditing requirements
  • 15. Information security policy and their hierarchy Information security policy User security policy Acceptable usage policy Organizational info security policy Network and system security policy Info classification policy Conditions of connection
  • 16. Information security policy and their hierarchy Information security policy – definition of info security User security policy – specify responsibilities and requirements Acceptable usage policy – satisfactory use of email and internet services Organizational info security policy – group policy of security of its info assets Network and system security policy – system and network security Info classification policy –sets out policy for classification of information Conditions of connection – sets out the group policy for connecting to their network