Cyber criminals are constantly coming up with creative new ways to compromise your data, as seen in....

Software Insurance reported how many stolen laptops in 2003?

Computer items must be protected only until they loose their value. They must be protected to a degree consistent with their value.

3 Main Types of Threats

3 other categories of software modification

5 other definitions of threats according to different organizations. Write on paper

Changing a bit or two can convert a working program into a failing one.

Natural Threats

It is a program that overtly does one thing while covertly doing another.

Why is that software is vulnerable to modifications?

Is an act of exploiting a bug, design flaws or configuration oversight in an operating system or software application to gain elevated access to resources from an application or users. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

Some of the biggest breaches in U.S. history occurred when?

Physical Damages

Hardware Level: FABRICATION

An example of this is when a disgruntled employee may modify a crucial program so that it accesses the system date and halts abruptly after July 1. The employee might quit on May I and plan to be at a new job miles away by July.

Integrity prevents what?

7 Possible Signs of Identity Theft. Write on paper

a situation in which a person or program successfully identifies as another by falsifying data, to gain an illegitimate advantage

Data Level: INTERRUPTION

It is done so that software cannot be deleted, destroyed, or replaced accidentally.

Compromise of Functions

responsible for risk management and determine the appropriate funding level for this activity.

Availability prevents what?

4 Types of Identity Theft plus 1

The first step in managing your risk

Voluntary Machine Slaughter is also called what?

Certain measures, help you assess threats regularly

5 key aspects to consider when developing your risk management strategy

Because of software's high value to a commercial computing center, access to software is usually carefully controlled through a process called...

When used, an old version or release can be replaced with a newer version only when it has been thoroughly tested to verify that the improvements work correctly without degrading the functionality and performance of other functions and services.

Software Level: INTERRUPTION

The biggest attack of its kind in 2017.

Testing for vulnerabilities is critical to ensuring the continued security of your systems. By identifying weak points, you can develop a strategy for?

Stealing, buying, finding, or hearing data requires no computer sophistication, whereas modifying or fabricating new data requires some understanding of the technology by which the data are transmitted or stored, as well as the format in which the data are maintained.

In this case, it may be very hard to detect that the software has been changed, let alone to determine the extent of the change.

A deliberately modifying, destroying, manipulating, editing of data through unauthorized channels.

It's when a criminal misrepresents himself as another person during arrest to try to avoid a summons, prevent the discovery of a warrant issued in his real name or avoid an arrest or conviction record

Conduct penetration testing by modelling real-world threats in order to discover vulnerabilities.

defined as the potential for loss or damage when at threat exploits vulnerability

When a team member resigns and you forget to disable their access to external accounts, change logins, or remove their names from company credit cards, this leaves your business open to

Examples of risk

How would you reduce your potential for risk?

It is a more widespread and serious problem than either a software or hardware attack. Thus, data items have greater public value than hardware and software because more people know how to use or interpret data.

Software is easy to ______ and vulnerable to ______.

Threat Classifications according to the Open Group

a possible danger that might exploit a vulnerability to breach security and cause possible harm.

Because data are often available in a form people can read, the confidentiality of data is a major concern in computer security.

It is usually the concern of a relatively small staff of computing center professionals.

accidental acts not intended to do serious damage to the hardware involved

Although such attacks might be intentional, most are not; this abuse might be considered what?

What is the 2nd principle of computer security?

Most vulnerability is exploited by what?

occurs when someone uses your personal identifying information and pretends to be you in order to commit fraud or to gain other financial benefits.

ensure that the appropriate end users are informed of any and all changes.

A more serious attack, usually involves someone who actually wishes to harm the computer hardware or software.

Natural Events

Intentional Threats

A cyber attack in which the perpetrator seek to make a machine or network resources unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet.

Computer programs are written in a dialect intelligible primarily to computer professionals~ so a "leaked" source listing of a program might very well be meaningless to the general public.

Sometimes the security of hardware components can be enhanced greatly by simple physical measures such as ______ and _____?

Stakeholders include the business owners as well as employees, customers, and even vendors. All of these players have the potential to negatively impact the organization (potential threats) but at the same time they can be assets in helping to mitigate risk.

In particular, deliberate attacks on equipment, intending to limit availability, usually involve what?

Examples of intentional threats other than hacking

Loss of Essential Services

There were ____ reported data breaches in ____, according to the _______________________________________________. That represents a __% increase over 2018.

This attack includes unauthorized copying of software.

10 ways on how to help protect yourself against identity theft. Write your answers.

How does identity theft happen?

Compromise of Information

Employee mistakenly accessing the wrong information.

Technical Failures

Questions to ask in determining your security vulnerabilities. Write on paper

The sources of risk are ever-changing, which means your team must be prepared to make any necessary adjustments to the framework. This can also involve incorporating new monitoring tools and techniques.

In what way worms and viruses could harm organizations?

Furthermore, it is possible to change a program so that it does all it did before, and then some.

The list of the kinds of human attacks perpetrated on computers is almost endless

An example of this is a program that ostensibly structures a listing of files belonging to a user may also modify the protection of all those files to permit access by another user.

It is a specific type of Trojan horse that can be used to spread its "infection" from one computer to another

A malicious intruder can ______ the software to enable it to perform functions you may not find desirable.

A more complicated process is trying to reprocess used data items. With the proliferation of telecommunications among banks, a fabricator might intercept a message ordering one bank to credit a given amount to a certain person's account.

A threat can be either what?

Data are especially vulnerable to modification. Small and skillfully done modifications may not be detected in ordinary ways. For instance, we saw in our truncated interest example that a criminal can perform what is known as....

What are some 5 examples of what identity thieves might do with your sensitive personal information? Write on paper

These threats may be uncontrollable and often difficult or impossible to identify in advance.

When was WannaCry Ransomware began bombarding computers and networks?

What happens to my information after identity theft?

Hardware Level: INTERRUPTION

It happens when an application or system does not adopt controls to properly track and log users' actions, thus permitting malicious manipulation or forging the identification of new actions.

This determines the best approaches to protecting a system against a specific threat, along with assessing different types of threats.

It refers to a newly discovered incident that has the potential to harm a system or organization overall.

It's a program that has a secret entry point information leaks in a program: code that makes information accessible to unauthorized people or programs

Confidentiality prevents what?

In data confidentiality, data can be gathered by many means...

refers to a known weakness of an asset (resource) that can be exploited by one or more attackers. In other words, it is a known issue that allows an attack to succeed.

When it comes to designing and implementing a risk assessment framework, it is critical to prioritize the most important breaches that need to be addressed. Although frequency may differ in each organization, this level of assessment must be done on a regular, recurring basis.

Examples of unintentional threats other than computer malfunction and natural disasters

Why are worms and viruses categorized as threats? because they can also cause a ____________________

Hardware Level: INTERCEPTION

It is a larger problem, extending to all programmers and analysts who create or modify programs.

The crook shaves a little from many accounts and puts these shavings together to form a valuable result.