Topic 5: Security policies Flashcards
Name three types of security threat.
Criminal vandalism/sabotage Hacking or theft White collar crime Natural disasters (eg flooding) and fire Accidents and errors State-sponsored hacking Politically-motivated attacks or data breaches Terrorism
What is hacking? Give an example.
Hacking is when an individual or criminal gang finds a way to break into a company’s ICT systems. They may steal customers’ information, especially their bank account details. Or hackers may use ransomware to encrypt a company’s files. They then demand the company pays a ransom to unencrypt the files.
What is an example of white collar cybersecurity crime?
White collar cybersecurity crime is when an employee uses their access to ICT systems to steal information from their company, or misuses the network for criminal activity. For example, an employee in a bank might steal customers’ account details. Or they might sell confidential information to a rival company.
Why are natural disasters a security threat?
A natural disaster such as flooding could damage a company’s data centre. The company could lose important information and would need to replace equipment.
What is an example of a security threat due to misuse or accidents?
Common mistakes that employees make include accidentally deleting important data, or sending confidential information by email to the wrong people.
What is state-sponsored hacking?
State-sponsored hacking is when a country uses its cybersecurity expertise to attack another country’s ICT, or a specific company that it doesn’t approve of.
Give an example of state-sponsored hacking involving the entertainment industry.
When Sony Pictures launched a comedy film about the leader of North Korea in 2014, a hacker group allegedly backed by the government attacked Sony’s ICT systems. It posted on the Internet copies of their films and confidential emails about film stars. Sony initially withdrew the film, but later changed its mind.
Give an example of state-sponsored hacking involving an industrial target.
Allegedly, the Stuxnet virus was created by the US and Israeli governments to attack Iran’s nuclear facility in 2010. The virus caused equipment at the plant to run out of control. Stuxnet has been described as the most dangerous virus ever released.
Give an example of a politically-motivated data breach.
Edward Snowden was an IT security contractor employed by the National Security Agency in the US. In 2013, he leaked thousands of documents to journalists in protest at the US government’s secret mass surveillance of American citizens.
How can physical access security protect companies?
Doors, locks, keypad codes, swipe cards, voice recognition, facial recognition, and CCTV are examples of physical access security. They protect data centres and server rooms so that only authorised people can enter.
What operational procedures can protect companies from security threats?
Operational procedures include:
A schedule for regular data back-ups;
Regular updates of anti-virus software and firewalls to protect against latest threats;
Have a plan for responding to natural or other disasters;
Store data in different geographic locations;
Have a recovery plan for restoring data if it is corrupted or lost;
Test back-up power supplies, batteries and diesel generators;
Enforce an employee code of conduct to protect company data and equipment;
Regular training for IT staff
Monitor network traffic for unusual activity
Configure routers to detect and filter DDoS attacks
How can an employee Code of Conduct protect companies against security threats?
A Code of Conduct ensures staff know how to avoid taking risks that could expose the company to viruses or other threats. Employees should never click on email attachments from people they don’t know, for example.
What is an uninterruptable power supply?
An uninterruptable power supply is a large battery and diesel generator that keeps equipment running for a few hours or days if the normal power supply is lost.
What is a BYOD policy?
A Bring Your Own Device (BYOD) policy restricts the type of devices (phones and laptops etc) that employees can use on the company network.
Name 3 potential consequences for a company if hackers breach its security systems and steal customer data.
If customer data is stolen or posted online then the company’s reputation would be damaged.
Customers may leave and the company could have difficulty winning new customers.
The company might be sued by customers and it would need to pay legal fees to defend itself.
Regulators may impose a fine.
Competitors may gain access to confidential information.
Production, distribution and delivery may be delayed.
The company is likely to lose business and cash-flow.
The company’s share price could fall if investors lose confidence in it.