1.1 Security Management, Corporate Security, Risks & Responsibilities Flashcards
What is involved in the context of security from the early years onwards?
Networked systems
Internet / WWW
Wireless / mobile access
Describe the elements of the security context from the early years onwards
Networked systems:
Wider & more diversed group of users
Different level of problems (new threats, new connection requirements)
Internet / WWW:
Massive expansion of access
Easier to use (includes tools)
Wireless / Mobile Access: Open channels (open airways) Ubiquity BYOD (Bring Your Own Device) Tablets Smartphones
What is involved in the context of web security from early years onwards?
Proprietary systems
Open systems (UNIX)
Stand alone systems
Describe the elements of web security in context from the early years onwards
Proprietary Systems: Embedded security (built in) Monitoring & accounting functions
Open Systems (UNIX): Security designed with open arena Security facilities developed
Stand Alone Systems:
Limited level of security
PC’s devices
Why have security issues evolved?
Due to changes in society
e.g. Terrorist attacks in US on Sep 11, 2001
What and how does security affect businesses?
Confidential information (increasing at risk) Breaches cost several billion pounds each year (for UK plc's) Cyber security (top security threat) - continues to be a problem
BISS solutions?
Three pronged approach:
Prevention
Detection
Response
Set up policies and appropriate resources (done by the top of the organisation)
What are the general security issues?
Security systems are as strong as its weakest point
Security and ease of use are incompatible
Back seat to market pressures
Security of e-commerce site depends on internet security
Vulnerabilities are increasing faster that they can be prevented
Compromised by common applications
Internal security as or more important than ‘external’
Human side is important (not just technology issues, problems & solutions)
