Why Are Employees Among The Greatest Threats To Information Security

Both general management and IT management are responsible for implementing information security to protect the ability of the organization to function. Decision-makers in organizations must set policy and operate their organization in a manner that complies with the complex, shifting political legislation on the use of technology. Management is responsible for informed policy choices and the enforcement of decisions that affect applications and the IT infrastructures that support them. Management can also implement an effective information security program to protect the integrity and value of the organization's data.

Data is important in the organization because without it an organization will lose its record of transactions and/or its ability to deliver value to its customers. Since any business, educational institution, or government agency that functions within the modern social context of connected and responsive service relies on information systems to support these services, protecting data in motion and data at rest are both critical. Other assets that require protection include the ability of the organization to function, the safe operation of applications, and technology assets.

IT management, Senior Management

It has created more of a risk because information can travel much faster from locations. It is also due to the fact that potential attackers have more and readier access to these information systems when they have been networked, especially if they are interconnected to the Internet.

Information extortion occurs when an attacker or trusted insider steal information from a computer system and demands compensation for its return or for an agreement not to disclose it.

Employees are the greatest threats since they are the closest to the organizational data and will have access by nature of their assignments. They are the ones who use it in everyday activities, and employee mistakes represent a very serious threat to the confidentiality, integrity, and availability of data. Employee mistakes can easily lead to the revelation of classified data, entry of erroneous data, accidental deletion or modification of data, storage of data in unprotected areas, and failure to protect information.

-Be aware of who is around you - Limit the number of times you access confidential information - Avoid accessing confidential information while others are present

The classic perception of the hacker is frequently glamorized in fictional accounts as someone who stealthily manipulates their way through a maze of computer networks, systems, and data to find the information that resolves the dilemma posed in the plot and saves the day. However, in reality, a hacker frequently spends long hours examining the types and structures of the targeted systems because he or she has to use skill, guile, or fraud to attempt to bypass the controls placed around information that is the property of someone else. The profile of a hacker has evolved from teenagers to professional backed by government funds.

Common types of malware are viruses, worms, Trojan horses, logic bombs, and back doors. Computer viruses are segments of code that induce other programs to perform actions. Worms are malicious programs that replicate themselves constantly without requiring another program to provide a safe environment for replication. Once a trusting user executes a Trojan horse program it will unleash viruses or worms to the local workstation and the network as a whole.

A skilled hacker develops software and code exploits, and masters many technologies like programming, networking protocols and operating systems. An unskilled hacker uses expert written software to exploit a system with little knowledge of how it works. Protecting against an expert hacker is much more difficult, due in part to the fact that most of the time the expert hacker is using new, undocumented attack code. This makes it almost impossible to guard against these attacks at first. Conversely, an unskilled hacker generally uses hacking tools that have been made publicly available. Therefore, protection against these hacks can be maintained by staying up-to-date on the latest patches and being aware of hacking tools that have been published by expert hackers.

It changes over time making it more difficult to detect and protect against

Software piracy Preventions can be licensing with a product key. Key agencies are Software Information Industry Association (SIIA) and Business Software Alliance (BSA)

Force majeure = force of nature Includes fire, flood, earthquake, lightning, landslide or mudslide, tornado or severe windstorm, hurricane or typhoon, tsunami, electrostatic discharge (ESD), and/or dust contamination.

It occurs when technology becomes outdated. Planning is the best way to avoid this by planning to update outdated technology in a timely fashion. Once discovered, outdated technologies must be replaced. Information Technology personnel must help management identify probable obsolescence so that any necessary replacement (or upgrade) of technologies can be done in a timely fashion.

Yes, the IP of an organization may be its highest value asset. Attackers can threaten its value by reducing or removing its availability to the owner or by stealing and then selling copies of the asset thus causing a loss in the economic value of the assets.

The types of password attacks include: Password Crack, Brute Force, and Dictionary: - Password crack: Attempting to reverse calculate the password is called "cracking." Cracking is used when a copy of the Security Account Manager data file can be obtained. A possible password is taken from the SAM file and run through the hashing algorithm in an attempt to guess the password. - Brute Force: The application of computing and network resources to try every possible combination of options for a password. - Dictionary: A form of brute force for guessing passwords. The dictionary attack selects specific accounts and uses a list of commonly used passwords with which to guess. To protect against password attacks, security administrators can: - Implement controls that limit the number of attempts allowed. - Use a "disallow" list of passwords from a similar dictionary. - Require use of additional numbers and special characters in passwords.

DoS attacks are a single user sending a large number of connections in an attempt to overwhelm or crash a target server. DDoS is when many users (or many compromised systems) simultaniously perform a DoS attack. The DDoS is more dangerous because ulike a DoS there is no single user you can block and no easy way to overcome it.

The attacker must first gain access to a network to install the sniffer. Usually this is done using social engineering to get into the building to plant a sniffer device.

The attacker represents himself or herself as someone of authority requesting information. A data-entry clerk could likely be swayed just by mentioning the name of the CEO and describing his anger at not getting the requested information promptly. Conversely, someone higher up the chain of command, who perhaps even works directly with those in power, would require more convincing proof. This could be anything from a few additional details regarding a particular project or something as precise as an authorization password or document.

A buffer overflow occurs when more data is sent than can be receivers buffer can handle - usually resulting in non-buffer application memory being overwritten. Buffer overflow on a webserver may allow an attacker to run executable code on the webserver either manipulating files directly or creating a backdoor for later use.