What is Information Security?

• Deals with several different "trust" aspects of information and its protection

Goal of Information Security

• To protect the CIA (Confidentiality, Integrity, and Availability) of information assets, whether in
storage, processing, or transmission. It is achieved via the application of policy, education,
training and awareness, and technology.

Information Security: As an ART

• There are no hard and fast rules regulating the installation of various security mechanisms, nor
are there many universally accepted complete solutions.

Information Security: As SCIENCE

• There are many sources of recognized and approved security methods and techniques that
provide sound technical security advice.

Concept of Cybersecurity

• The state of being protected against a criminal or unauthorized use of electronic data, or the
measures taken to achieve this.
• Cybersecurity strives to ensure the attainment and maintenance of the security properties of the
organization.
• Cybersecurity: The ability to protect or defend the use of cyberspace from cyber-attacks.
• Information Security: The protection of information and information systems from unauthorized
access, use, disclosure, disruption, modification, or destruction in order to provide
confidentiality, integrity, and availability.

Cybersecurity vs Information Security

•While cybersecurity deals with protecting the information in cyberspace, information security means
protecting the data in cyberspace and beyond.
What is Cyber Security?

- The ability to protect or defend the use of cyberspace from cyber-attacks.

•Cyber Security focuses on stopping breach, protecting endpoints such as databases, servers

•Focuses solely on online attacks

•Acts as the first line of defense

•Develops a deep understanding of malicious software

WAYS TO IMPLEMENT Information SECURITY

Authentication

- It is a process of identifying an individual and ensuring that the individual is the same who
he/she claims to be.
• How can it be done - Something they know, something they have, and Something they are.

Encryption

- It is a technique to convert the data in unreadable form before transmitting it over the internet

DIGITAL SIGNATURE

• it is a technique for validation of data. Validation is a process of certifying the content of a

document.
• The digital signatures not only validate the data but also used for authentication.

ANTIVIRUS

- It not only prevents the malicious code to enter the system but also detects and destroys the
malicious code that is already installed into the system.

FIREWALL

- It is a hardware/software which acts as a shield between an organization's network and the

internet and protects it from the threats like virus, malware, hackers.
Firewall Configuration: Proxy

Proxy - all the outbound traffic is routed through proxies for monitoring and controlling the packet that
are routed out of the organization.

Firewall Configuration: Stateful Inspection or Dynamic Packet Filtering

Stateful Inspection - rather than going through all the field of a packet, key features are defined. The
outgoing/incoming packets are judged based on those defined characteristics only.

PACKET FILTERING

• Based on the rules defined in the policies each packet is filtered by their type, port information,
and source & destination information.

STEGANOGRAPHY

• It is a technique of hiding secret messages in a document file, image file, and program or
protocol etc. such that the embedded message is invisible and can be retrieved using special
software.

Cyber FORENSICS

• Cyber forensic is a branch of science which deals with tools and techniques for investigation of
digital data to find evidences against a crime which can be produced in the court of law
Basic Steps to Implement Information Security

ASSESSING YOUR NETWORK

• This involves evaluating all hardware and software components of your network.
• You should also monitor both incoming and outgoing traffic to identify potential access points.
• Setting strict network access permissions makes it easier to identify breaches.

PLANNING

• It involves deciding on whether to replace or upgrade vulnerable components, integrating new

software, and improving network access permissions.

INSTALLATION

• Smooth deployment depends on how detailed the planning phase was. Since your network runs
24/7, this critical task should ideally be performed when traffic is at its lowest.
• If deploying the security plan in one instance is likely to cause network interference, you may do
it in phases.
• Address the most critical vulnerabilities first.
• Holding trials before going live makes it easier to identify and solve previously unforeseen issues.

CONSTANT MONITORING

• Malicious attackers are constantly proving your network for weak points.
• It also allows you to tweak your security settings to prevent similar attacks in the future.
• You should also have a team of IT experts specifically tasked with responding to breaches.

HOW TO KEEP YOUR NETWORK SECURE

Isolating and Segmenting Networks

• Instead of treating your network as a single entity, segment it according to the types of traffic
flowing through it.
• Creating sub-networks allows you to lock out some users from sensitive parts.

Creating a Security-Focused Culture

• As sophisticated as your security system might be, you cannot ignore the human actor. Ensure
your employees are updated on basic cybersecurity measures, even if they are not in the IT
department.
• This includes identifying and reporting suspected phishing attempts and social engineering
attacks.

Secure Wireless Networks

• Wireless networks have become a vital part of every organization’s cyber system. Although they
improve service delivery, they also make it easier for bad actors to gain access to your network.
• Your network security plan must include your Wi-Fi network.
Hiring a Managed Service Provider (MSP)

• An in-house IT team helps you manage your day-to-day tech challenges, but a managed services
provider takes it to the next level.
• Such firms are highly specialized in solving the most complex cybersecurity problems.

EMPLOYEE NEGLIGENCE A CAUSE OF CONCERN TO CYBERSECURITY

The Number One Cause

- The lack of awareness or negligence regarding cybersecurity among staff can lead to dramatic
consequences for the organization.
- According to a published report by Carmen Reinicke in 2018. The biggest cybersecurity risk to US
businesses is employee negligence.

HUMAN ERROR

- Just like in any industry, CYBERSECURITY is also a subject of human error. Negligence is a human
error—any unintended or accidental action. It is emerging as one of the prominent causes of
security incidents.
- Negligence is an avoidable error but demands proper attention of business owners and the
precision of employees handling sensitive data.

3 Types of Employees That Can Cause a Data Breach

INNOCENT ACTIONS

• When it comes to breach of data, innocent workers can cause as much damage as malicious
hackers. The lack of knowledge and competency of employees are a serious threat for
information security. Sometimes an innocent action causes a major consequence and poses a
grave threat.

Careless or negligent?

• When an employee does not give care about his/her information being compromised or if the
employee does not take immediate action on how to manage information.

MALICIOUS

• Unfortunately, as well as human error, malicious actions by employees also play a part inside
data breaches. Employees with knowledge and intent to compromise information is very
dangerous, they are more dangerous than external threats or hackers.
5 Common Negligence by EC Council

Falling for Phishing Attacks

• When an employee opens an email containing malicious content.

How to Avoid:

• Establishing a security-centric culture is more beneficial than merely talking about the
importance of cybersecurity at the time of hiring
• Regularly run phishing simulation tests can help the employees to follow pre-defined security
policies. It will also help you identify high-risk users so that you can work with them individually.

Poor Password Practices

• When an employee has a poor password management or a lack thereof is a risky practice. This
can lead to compromising sensitive information.

Examples of such practice

1. Having to have the same login credentials

2. Sharing password with other employee

3. Saving password on computers as text file

4. Using obvious passwords

5. Not updating passwords regularly

How To Avoid:

• Organizing awareness sessions regarding the best password practices.

• Providing tips on login screens such as “Never store your password in an accessible place.”
• Using password management tool to generate complex passwords.

Incorrect Management of Privileged User Accounts

• High privilege accounts are sometimes poorly managed, often this cause by the lack of
experience and technical expertise of privilege account users.

How to Avoid

• Restricting all accounts to least-privilege features—minimizes the risk of compromising admin

credentials and then losing sensitive data to cyber attackers.
• Ensuring availability of high-privilege features on an “as-need” basis instead of granting a few
accounts with all the administrative rights.
• Having multi-factor authentication limits unauthorized users to access data.
Unauthorized Users Having Access to Corporate Devices

• • When employee let their friends and family members access their employer-issued devices.
These unauthorized users will get access to sensitive data as well as they can download malware
by mistake

How to Avoid:

• Enforcing a detailed security plan that states dos and don’ts. Team leaders must actively
participate
• Ensuring corporate devices have a two-factor authentication to access any sensitive data. Use
proper security controls.

Misdelivery

• Employees sending sensitive information to wrong recipients fall under the category of
“misdelivery.” This is one of the most challenging errors to avoid.

How to Avoid

• Enforcing encryption can help against accidental disclosure.

• Using pop-up dialog boxes will help remind senders to double–check the recipient’s address,
especially when sending sensitive data.
• Using Data Loss Prevention (DLP) solutions can help limit information leakage when data are
sent out of the corporate circuit.