Computer Security

Chapter-Seven

Administering Security

1
Outline

• Security planning

• Risk analysis

• Security policies

• Cyber security

• Ethics

2
 1. Security planning

• Involves developing comprehensive strategies and actions to protect an

organization’s information assets against threats

• Ensure continuity of operations, and manage risk.

• Key Elements:
• Asset Identification: Cataloging all information assets that need protection, including data,
hardware, and software.
• Threat Assessment: Identifying potential threats to these assets, from cyber threats like
hacking and malware to physical threats such as theft or natural disasters.
• Vulnerability Analysis: Determining weaknesses in the organization's infrastructure that
could be exploited by threats. 3
 1. Security planning
• Security Strategy Development:

• Creating a security strategy that addresses identified risks and aligns with
organizational objectives and compliance requirements.

• Implementation Plan:

• Outlining steps, timelines, and responsibilities for deploying security measures and
technologies.

• Review and Update:

• Regularly reviewing and updating the security plan to adapt to new threats and
changes in the organization.
4
 2. Risk Analysis
• Risk analysis is the process of identifying, assessing, and evaluating potential risks to an
organization’s assets to determine the appropriate ways to mitigate them.

• Purpose of Risk Analysis:

• To arrange security efforts based on potential impact and probability of risks, ensuring that resources
are allocated effectively to protect critical assets.

• Steps in Risk Analysis:-

• Identification: List all assets, threats, and existing controls. Identify vulnerabilities that could be
exploited by threats.
• Assessment: Evaluate the likelihood of each risk occurring and its potential impact on the
organization.
• Evaluation: Compare the risks against risk criteria to determine their significance.
5
 2. Risk Analysis
• Methods and Tools:
• Utilize quantitative methods (financial impact) and qualitative methods (scenario analysis) to
assess risks.
• Tools such as risk matrices and software applications help in visualizing and managing risks.

• Outcome:
• Produce a risk assessment report that ranks risks based on their severity and likelihood.

• This report guides the decision-making process for implementing controls.

• Continuous Monitoring and Review:

• Establish a routine of ongoing risk evaluation and adjustments to the risk management plan as
the organizational environment and external threats evolve.
6
 3. Security Policies
• Security policies are formal, written statements that guide the protection of an
organization's assets.

• They serve as a framework for setting expectations and enforcing behaviors

regarding security.

• Purpose of Security Policies:

• To provide clear and consistent instructions on what is permissible and what is

prohibited,

• Help to ensure that all personnel understand their roles and responsibilities in

protecting the organization's assets. 7

 3. Security Policies
• Key Elements of Effective Security Policies:
• Clearly defines what the policy covers and its objectives.

• Specifies who is responsible for various security actions.

• Includes detailed policies to different aspects of security, such as data protection,

network security, physical security, and response protocols.

• Outlines the legal and regulatory standards the organization must comply with.

8
 3. Security Policies
• Development and Implementation:
• Involvement of Stakeholders: Engaging various stakeholders in the policy creation process to
ensure coverage of all critical areas and buy-in from the start.
• Clarity and Simplicity: Writing policies in clear, understandable language.

• Regular Reviews and Updates: Policies should be reviewed and updated regularly to adapt to new
security challenges and regulatory changes.

• Training and Awareness:

• Ensuring that all employees are aware of the policies through regular training sessions and updates.

• Training helps to reinforce the importance of compliance and the implications of security breaches.

9
 4. Cyber Security
• Refers to the practice of protecting systems, networks, and programs from digital attacks.

• Cyber attacks are usually aimed at accessing, changing, or destroying sensitive

information;
• extorting money from users; or interrupting normal business processes.

• Importance of Cyber Security:

• As our dependency on digital systems grows, the potential risks and impacts of cyber
attacks increase.
• Effective cyber security measures are crucial for protecting data integrity, securing
information and assets, and ensuring continuity of operations.
1
0
 4. Cyber Security
• Key Cyber Security Challenges:

• Cyber threats are constantly changing, requiring adaptive and dynamic security
strategies.

• Balancing cyber security needs with available resources can be challenging,

especially for smaller organizations.

• Modern IT environments are complex and interconnected, making them harder to

secure comprehensively.

11
 5. Ethics in Security
• Refers to the moral principles that guide decisions and behavior in the field of

cybersecurity and information security.

• It involves the appropriate use and protection of information that is entrusted to

individuals and organizations.

• Importance of Ethics:-

• Ethical behavior is crucial in maintaining trust between organizations and the public,

• It protect privacy, and ensure the reliability and integrity of systems and data.

1
2
 5. Ethics in Security
• Ethics helps to:-

• Building Trust:- Ethical practices in security help build and maintain trust between

service providers and their clients or users.

• Protecting Privacy:- Ethical security practices involve ensuring that information is

used responsibly, respecting individuals' privacy rights, and complying with laws

designed to safeguard personal data.

• Accountability:- Hold individuals and organizations accountable for their actions that

affect security and privacy.

1
3
 5. Ethics in Security
• Challenges in Maintaining Ethical Standards:-
• Global Impact:- Addressing ethical considerations across different cultural and legal

frameworks internationally.

• Rapid Technological Changes:- Keeping ethical guidelines relevant and effective in

the face of rapidly evolving technologies and threat landscapes.

• Conflict of Interest:- Managing personal or organizational interests that might

interfere with impartial and unbiased decision-making.

1
4
 5. Ethics in Security
• Promoting Ethical Practices:-
• Develop and enforce a code of conduct that outlines ethical behaviors and practices.

• Provide regular training on ethical issues in cybersecurity to promote awareness and

understanding among professionals.

• Monitor and Audit:- Regularly audit and assess how ethical policies are being

implemented and followed within the organization.

1
5
 6. Digital Forensics
• The practice of uncovering and interpreting electronic data.

• The goal is to preserve any evidence in its most original form.

• Perform a structured investigation by collecting, identifying, and validating

the digital information for the purpose of reconstructing past events.

• Purpose of Digital Forensics:-

• The findings are often used in cybercrime investigations and legal proceedings to
support or refute a claim or criminal charge.
• Help organizations to understand the nature of a security breach and improve future
defenses.
1
 Key Processes in Digital Forensics
• Identification:- Determining the scope of the data that is relevant to the investigation.

• Preservation:- Isolating, securing, and preserving the data to ensure that it is not altered,
deleted, or damaged.

• Analysis:- Examining the collected data to draw conclusions based on the evidence found.

• Documentation:- Keeping detailed and accurate records of all investigative processes and
findings to ensure the integrity and reproducibility of the investigation.

• Presentation:- Summarizing and presenting the findings in a manner that is

understandable to those who are not technically proficient.
• This may involve preparing detailed reports, exhibits, and other forms of documentation that explain
what was found and how.
1
 Tools and Technologies in Digital Forensics
• Forensic Software Tools:-

• EnCase, FTK, and Autopsy, are used to perform comprehensive searches of hard
drives, recover deleted emails and files, and create timelines of computer usage.

• Mobile Forensics Tools:

• Cellebrite and Oxygen Forensic Suite are used to retrieve data from mobile devices,
including call histories, text messages, emails, and photos.

• Network Forensics Tools:-

• Wireshark and Network Miner that analyze network traffic and logs to identify
unauthorized access or anomalies.
1
8
 7. Hackers
• A hacker is an individual who uses their technical knowledge and skills to
gain unauthorized access to systems, networks, or data.

• Hackers can exploit weakness for various purposes, ranging from kind to
malicious.

1
9
 Types of Hackers
• White Hat Hackers:-

• Definition:- Ethical hackers who use their skills to improve security by finding and
fixing weakness in the system.
• Motivation:- Typically work with organizations to strengthen defenses and prevent
breaches.
• Tools:- Penetration testing tools like Nmap, Wireshark, Metasploit.

2
0
 Types of Hackers
• Black Hat Hackers:-
• Definition:- Malicious hackers who exploit weakness of the system for personal gain,
• such as stealing data or causing disruptions.

• Motivation:- Financial gain, political agendas, or personal satisfaction.

• Tools:- Malware, phishing kits, keyloggers, exploit kits.

2
1
 Types of Hackers
• Gray Hat Hackers:-
• Definition:- Hackers who operate between ethical and unethical hacking, often
exploiting vulnerabilities without malicious intent but without permission.
• Motivation:- Curiosity or Interest, challenge, or to inform the affected parties about
the vulnerabilities.
• Tools:- Similar to both white hat and black hat tools, such as scanning tools and
custom scripts.

2
2
 Types of Hackers
• Script Kiddies:-
• Definition:- Innocent hackers who use pre-written hacking tools and scripts without
understanding how they work.
• Motivation:- Desire to impress peers, cause harm, or for personal enjoyment.

• Tools:- Automated scripts, downloadable hacking tools, and user-friendly hacking

software.

2
3
 Types of Hackers
• Hacktivists:-
• Definition:- Hackers who use their skills for political or social activism, often to
promote a cause or deliver a message.
• Motivation:- Political agendas, social change, protest against organizations or
governments.
• Tools:- DDoS attack tools, website defacement tools, data breach methods.

2
4
 Types of Hackers
• State-Sponsored Hackers:-
• Definition:- Hackers employed by governments to conduct espionage(surveillance),
cyber warfare, and sabotage or disruption.
• Motivation:- National security, intelligence gathering, disrupting adversaries.

• Tools:- Advanced persistent threats (APTs), zero-day exploits, custom malware.

2
5
End of Computer Security

Thanks !!!!

2
6