ISYS111 Lecture Notes - Lecture 8: Information Security, Cyberterrorism, Extortion
![](https://new-preview-html.oneclass.com/06gDVlA8qeMwNreG9o2bj3W524oxrnBz/bg1.png)
ISYS111 – Fundamentals of Business Information Systems
Week 8 Workshop
Essential question:
• What are the major threats to information security and how to minimise them?
IT:
• IT, properly used can have enormous benefits for individuals, organisations and
entire societies
• IT can also be misused, often with huge consequences
Information security:
• Security
- The degree of protection against criminal activity, danger, damage, and/or
loss
• Information security
- Protectig a orgaisatio’s iforatio resources from un-authorised
access, use, disclosure, disruption, modification or destruction
• Threats
- Any danger to which a system may be exposed
- Unintentional threats to information
▪ Social engineering
▪ Human Errors
find more resources at oneclass.com
find more resources at oneclass.com
Document Summary
It, properly used can have enormous benefits for individuals, organisations and entire societies. It can also be misused, often with huge consequences. The degree of protection against criminal activity, danger, damage, and/or loss. Protecti(cid:374)g a(cid:374) orga(cid:374)isatio(cid:374)"s i(cid:374)for(cid:373)atio(cid:374) resources from un-authorised access, use, disclosure, disruption, modification or destruction: threats. Any danger to which a system may be exposed. Unintentional threats to information: social engineering, human errors, security threats, exposure. The harm, loss or damage that can result if a threat compromises that resource: vulnerability. The possibility that the system will be harmed by a threat. 5 factors that increase vulnerability: networked business environment, smaller, faster, cheaper computers and storage devices, decreasing skills necessary to be a hacker, organised crime taking over cybercrime, lack of management support. Deliberate threats to information systems: espionage or trespass. Information extortion: sabotage or vandalism, theft of equipment or information, compromises to intellectual property, software attacks, alien software (pestware)