ISYS111 Lecture Notes - Lecture 8: Information Security, Cyberterrorism, Extortion

It, properly used can have enormous benefits for individuals, organisations and entire societies. It can also be misused, often with huge consequences. The degree of protection against criminal activity, danger, damage, and/or loss. Protecti(cid:374)g a(cid:374) orga(cid:374)isatio(cid:374)"s i(cid:374)for(cid:373)atio(cid:374) resources from un-authorised access, use, disclosure, disruption, modification or destruction: threats. Any danger to which a system may be exposed. Unintentional threats to information: social engineering, human errors, security threats, exposure. The harm, loss or damage that can result if a threat compromises that resource: vulnerability. The possibility that the system will be harmed by a threat. 5 factors that increase vulnerability: networked business environment, smaller, faster, cheaper computers and storage devices, decreasing skills necessary to be a hacker, organised crime taking over cybercrime, lack of management support. Deliberate threats to information systems: espionage or trespass. Information extortion: sabotage or vandalism, theft of equipment or information, compromises to intellectual property, software attacks, alien software (pestware)