Week 11

Question 1

Why do we need security and controls for Information systems?

Answer 1

IS share data and provide resources to lots of people including those who shouldn’t have access. Controls upon information systems are based upon two underlying principles:
– The need to ensure accuracy of data
– The need to protect against loss or damage

Question 2

Why are systems vulnerable?

Answer 2

Summary : Human error, physical problems, computer crime and invasion of privacy

System complexity –Testing not extensive enough
Unauthorised access is always possible
Human error – People couldn’t be bothered with procedures - a system programmed to do checks will do all the time whereas sometimes people won’t. Don’t use virus checkers, etc., Fail to back up data
Poor audit means that nobody checks

Question 3

What were the results of the cyber security survey 2017

Answer 3

48% of business have no cyber security policy in palce and 72% of small business network security is looked after by the owner, office manager or nobody

Question 4

How might small companies deal with netwokr security management

Answer 4

In small companies, network security may not be anyone’s primary responsibility
and there many not be anyone with specialist training in that area.
Therefore, outsourcing or using cloud software may be safer as this is giving responsibility to specialists.

Question 5

Whats the trend of % of IT spend on security? Why is this trend in place for IT spending?

Answer 5

IT spend on security is growing
Recent growth was driven by more extensive use of IT in the pandemic
- Electronic rather than physical interactions with customers
- Remote working by employees

Question 6

Give examples/ statistics of cybercrime in Ireland

Answer 6

HSE Attack
Garda data says that in 2021 phishing and smishing is up over 1400% since last year- all cybercrime is up

Question 7

Define cyber risk

Answer 7

Cyber Risk is the risk of any financial loss, disruption or negative reputational impact because of a failure in IT systems; whether through people, process or technology.
* risks emanating from the use of electronic data and its transmission, including tools such as the Internet
* physical damage caused by cyber-attacks;
* fraud committed by misuse of data;
* liability arising from data use, storage and transfer
* availability, integrity, and confidentiality of electronic information

Question 8

Give examples of specific cyber risks

Answer 8

• Business interruption
• Contingent business interruption
• Data and software loss
• Intellectual property theft
• Network Security/Security
• Breach of Privacy Compensation
• Reputational Damage (excluding legal protection)
• Compensation for crisis management/remediation actions requiring internal or external experts
• Cyber ransom and extortion
• Financial theft and/or fraud
• Regulatory & Legal Defence costs
• Incident response costs
• Fine and Penalties
• Communication and media

Question 9

Explain how to insure against cyber attacks

Answer 9

Most cyber-attacks are not covered by standard insurance policies, even though Cybercrime is the fastest growing criminal act in the world. But you can take out cyber insurance. However direct costs can be very considerable even with insurance and reputational damage is substantial. You can be held liable for third party data such a customer data or credit card data

Question 10

What expenses does cyber insurance cover?

Answer 10

– Investigation: to determine what occurred, how to repair damage and how to prevent the same type of breach from occurring again
– Business losses: network downtime, business interruption, data loss recovery, repair/replace damaged equipment etc.
– Privacy and notification: to customers and other affected parties,
– Lawsuits and extortion: includes legal expenses for the release of confidential information, legal settlements and fines
Includes expert help in some cases - legal help consultancy support, liability support

Question 11

Why is cyberinsurance not a mature market?

Answer 11

People are uncertain what the risks are and how to price the insurance

Question 12

What are some simple measures everyone should do - cyber first aid

Answer 12

• Wi-fi: Change default router password, Don’t use public wifi without vpn
• Passwords: Secure devices with passwords, pins, biometrics, Use encryption and two factor authentication
• Back up data: Check the back ups work!
• Use antivirus software
• Review app permission
• Keep personal and work data separate

Question 13

What are security planning principles

Answer 13

Risk analysis - balancing threat and protection costs for assets, goal is to reduce risk to an economically rational level.
Comprehensive security - close off all avenues of attack
Defence in depth - attacker should have to break through several lines of defence to succeed

Question 14

Define internal audit

Answer 14

Internal Audit
Third force that checks the adequacy of the controls in place. This might include some external assistance from experts.

Question 15

Explain risk management department

Answer 15

Centralised control of the enterprise, including compliance, legal, quality control and financial control.

Question 16

What info must you know to have proper permissions in palce for ninformation systems

Answer 16

• What people do
• What data they produce
• What data they use

Question 17

What are the key principles of security planning

Answer 17

Minimum permissions : access control is limiting who can use resources and limiting their permissions to the minimum required to do their job but also so they cannot do unauthorised things

Question 18

How do you reduce exposure to security threats

Answer 18

• Containment – Controlling access to an information system
• Deterrence – Threat of punishment to discourage potential
  intruders
• Obfuscation – Hiding or distributing assets to limit damage
• Recovery – Ensuring normal operation resumes as quickly as
  possible with as little disruption as possible

Question 19

What are some other control techniques - some of which do not prevent problems but allow you to recover form them.

Answer 19

• User Validation or Access Controls
• Back-up Procedures
• Auditing – Regular stock-take of procedures, hardware,
  software and data

Question 20

What are the different categories of controls

Answer 20

Physical protection
Software controls
Biometric controls - ex individuals unique characteristics

Question 21

What’s an important control measure when physical parts are disposed of

Answer 21

Data is often left on phones/laptops etc when they are disposed of. As a
minimum the data needs to be deleted and overwritten by an erasure program.
Organisations like Camara that recycle computers will wipe data before sending them to those reviving donations

Question 22

Explain access control

Answer 22

Controlling access to resources so only the right people get access
Authentication involves supplicant sending credentials to verifier proving its identity from a distance

Question 23

What is password authentication and the benefits

Answer 23

Reusable Passwords
– Strings of characters typed to authenticate the use of a username (account) on a computer.
– They are used repeatedly and so are called reusable passwords.
Benefits
– Ease of use for users (familiar)
– Inexpensive because built into operating systems

Question 24

Why are passwords often guessed/ reason for concern? How can protection be enhanced

Answer 24

People use weak and easily guessed passwords
Constant password changes enhance protection, but people cannot remember them.
Word and name passwords are never adequately strong.- need to be complex and long which can cause problems as people often tend to write them down.

Question 25

How does the speed of computers influence passwords

Answer 25

Faster computers make it easier to break passwords so we need longer more complex passwords than would have sufficed in the past.

Question 26

What is 2 factor authentication

Answer 26

Adds another layer other than just the traditional password
Ex: Text your phone when you change PW
Phone app verification

Quite a usual method now but what happens if you lose your phone

Question 27

What are some other forms of authentication other than password

Answer 27

Access acrds
Biometrics - uses body measurements
ex: fingerprint scanning, iris scanning, facial scanning

Question 28

Bring your own device - What are the issues with this?

Answer 28

Data theft, malware, lost or stolen devices, Improper mobile management, Insufficient employee training, shadow IT

Question 29

Explain the UCD networks and firewalls

Answer 29

UCD wireless firewall is quite restrictive, UCD Eduroam wireless has fewer
restrictions and UCD staff wired network less again, because in the latter cases there is a record of who is generating the traffic

Question 30

Explain how does a firewall work

Answer 30

A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules.

Question 31

What is cryptography give an example fo its application IT security

Answer 31

The art of writing or solving codes. Ex: Message integrity - can tell if message has been altered on route

Question 32

What are the stages of responding to an attack

Answer 32

– Detecting the attack
– Stopping the attack
– Repairing the damage
– Punishing the attacker?

Question 33

What is key to incident response

Answer 33

Response should be in line with a plans. You need a plan when you have time to think about it, and then merely modify it when there is an actual attack.

Question 34

What classifies a major incident response

Answer 34

Major incidents are incidents the on-duty security staff cannot handle.
Company must convene a computer security incident response team (CSIRT)
A major IT problem is not only a technical issue, it needs a response from the
entire organisation.

Question 35

What does IT disaster recovery usually consist of

Answer 35

Dedicated backup sites and transferring personnel
or
Having two sites mutually back up each other

Question 36

What does business continuity recovery involve

Answer 36

Business continuity recovery
– Getting the whole firm back into operation
– IT is only one concern

Question 37

Why are rehearsals for incident response necessary

Answer 37

Serious incidents are infrequent, fortunately. However, you need to rehearse or simulate the event in advance to make sure that your continuity arrangements work.

Question 38

What are some recent IT threats to be aware of as an individual

Answer 38

• Password-stealing Web sites will increase
• Hackers will target video files
• Mobile phone attacks will become more prevalent
• Identity theft and data loss will continue to be a
  public issue
• More Adware
• Ransomware

Question 39

How to manage internet threats

Answer 39

• Use of firewalls
• Adopt procedures for internet usage
• Establish a protocol for incoming mail
• Keep all virus checkers and OS software up to
  date
• Harden new machines before connecting to
  Internet

Question 40

What problems digital money presents and how to overcome it?

Answer 40

Digital information has the following property - easy to duplicate and could copy digital money and double spend it
To a solve double-spending - using a peer to peer network, a public ledger using blockchain data structure will also protect