part 1

[Virtual Presenter] We will discuss current (I-T ) security threats information security and legal requirements affecting the security of (I-T ) systems. We will focus on different types of threats including internal threats external threats physical threats social engineering and software-driven threats. Let’s begin with internal threats. It is important to note that internal threats originate from within an organization. Despite being unlikely they are a very common source of security breaches. In recent weeks we have seen several examples of internal threats such as the loss of confidential military information found on a park bench and the leak of sensitive C-C-T-V images to the media. Internal threats can come in many forms including accidental loss unsafe practices and bring your own device (B-Y-O-D-). Accidental loss can occur when important or confidential files and materials are lost or misplaced or when laptops or U-S-B sticks are misplaced. Unsafe practices such as the use of U-S-B flash drives to store and transport sensitive information without sufficient encryption or visiting dubious websites can also lead to internal threats. B-Y-O-D where users may not have the required/appropriate security settings and software installed is another common internal threat. All of these threats are avoidable through the use of employee education and monitoring and enforcement of security procedures. By understanding and mitigating these internal threats we can help to ensure the security of our (I-T ) systems and protect sensitive information. Thank you for joining us..

[Audio] We will discuss the common sources of internal threats that can lead to security breaches. Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats we can focus on employee education and implementing security procedures. We will also discuss external threats. External threats are those that originate from outside of the business. These include data theft disruption to systems or withholding of access and destruction of data. Without appropriate backup policies businesses are at risk of data loss through the destruction of data. Intentional data destruction could be intended to hide information or simply to cause as much inconvenience and disruption to the company as possible. Moving on to physical threats even with a well-behaved workforce there are still risks to a company’s data security. Threats can take the form of theft of data or equipment malicious damage to data or equipment and fire flood or terrorism. These are the so-called ‘acts of god’: things that the user can’t prevent from happening but can have mitigations in place to protect against or lessen the impact..

[Audio] Employees can pose a threat to security due to unintentional data loss unsafe practices and the use of personal devices (B-Y-O-D-). Social engineering refers to all instances where a user is manipulated into divulging access credentials or executing actions that aid an attacker. Examples of social engineering attacks include phishing and spear phishing. Malware infections are a type of software-based threat and examples include viruses Trojans ransomware spyware adware and rootkits. To safeguard against these threats organizations should implement security protocols such as regular backups and malware scans. By prioritizing employee training and implementing security safeguards we can decrease the likelihood of internal threats resulting in security breaches..

[Audio] We will discuss common sources of internal threats that can lead to security breaches. Passive attacks such as tapping encryption scanning and traffic analysis are difficult to identify and monitor due to lack of physical action. These attacks can be prevented with strong security procedures and employee education to avoid unsafe practices like B-Y-O-D-. By staying vigilant and taking proactive measures we can minimize the risk of internal threats leading to security breaches..

[Audio] Active threats are those that involve intentional attacks on a network or system. These threats can be very powerful and difficult to detect as they often involve multiple computers from different locations. Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats we can focus on employee education and implementing security procedures. One common active threat is a denial of service (DoS) attack. These attacks involve sending repeated requests to a server very rapidly with the aim of stopping the server from responding. Firewalls can easily detect and block repeated traffic from an individual location. However by escalating to a distributed denial of service (DDoS) attack it becomes much more powerful as thousands of computers from different locations are used to attack the server. DDoS attacks can be very difficult for firewalls to detect as the heavy traffic is coming from many locations. Another common active threat is spoofing which involves faking your IP address or M-A-C address using software tools in order to circumvent network restrictions. Spoofing can be used to bypass geographical restrictions or device management restrictions which can be used to limit access to network resources. Listening in on WiFi communication can also be used by attackers to collect data depending on the level of security applied to the connection. Man in the middle attacks are directed at H-T-T-P-S connections and can intercept and steal confidential information like credentials bank information and other communications..

[Audio] Employee education and implementing security procedures are essential in preventing security breaches due to internal threats accidental breaches resulting from unsafe practices and Bring Your Own Device (B-Y-O-D-) risks posed by cloud computing including the potential for cyber criminals to gain access to sensitive data stored in the cloud intellectual property theft compliance violations and regulatory actions. Organizations must educate employees on security best practices and implement appropriate security measures to minimize the risk of data breaches..

[Audio] We must implement security policies and procedures that ensure employees comply with them. This includes using strong passwords multi-factor authentication and conducting regular security audits. The consequences of a data breach are severe including the loss of customer trust which can lead to a loss of business and revenue. Disclosure and notification to victims can result in legal fines lawsuits and reputational damage. Finally increased customer churn can lead to a loss of revenue for the company. To mitigate these risks we must focus on employee education and security procedures visibility into cloud services and regular security audits. We should implement security controls such as strong passwords multi-factor authentication and regular security audits. By taking these steps we can reduce the risk of a data breach and protect our customers' data..

[Audio] In this slide we will focus on the principles of confidentiality in information security. Confidentiality pertains to personal information and measures taken to safeguard it. Organizations must adhere to GDPR/Data Protection Act when dealing with personal data and may also have a confidentiality policy that outlines acceptable uses of data. It is essential to remember that confidentiality extends beyond protecting personal information to safeguarding intellectual property. Organizations must establish proper procedures to guarantee the confidentiality of intellectual property..

[Audio] To prevent unauthorized access or modification of information we should implement strong security measures such as a rigorous authentication policy configuring user accounts according to the principle of minimum access implementing two-factor authentication implementing physical access control to machines hosting sensitive information and monitoring user-account activity. It is important to stay up-to-date with the latest best practices and regularly review and update our security policies to ensure that they are effective in protecting our sensitive information..

[Audio] 1. Common sources of internal threats that can lead to security breaches are accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). Employees can unintentionally cause security breaches through these sources. To avoid these threats focus on employee education and implementing security procedures. 2. One such security procedure is the principle of minimum access. This principle states that users and applications should have only the bare minimum of privileges to support their intended roles. For example an administrator would be able to install software on a system. A data entry operator should not be installing software and should only be running the program required to complete their job. 3. Ensure that applications are only accessing resources on our system that we consent to. For example an anti-virus package needs to run with privileges that allow it to view the entire contents of the computers storage device. However we would question whether a contact management system or web server should have those rights. 4. Deliberate or accidental loss of information is another common internal threat. This can lead to data breaches and severe consequences such as penalties under G-D-P-R and data protection laws. To mitigate this risk notify the Information Commissioner Office detailing the breach and how it occurred take steps to prevent the risk from being exploited and conduct an investigation into the circumstances leading up to the breach. 5. Intellectual property protection is also important. Companies should take steps to protect their intellectual property such as registering assets with the appropriate authorities implementing strong access controls and regularly monitoring for potential infringement. By taking these measures companies can help prevent internal threats from leading to security breaches and protect their assets..

[Audio] 1. Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats we can focus on employee education and implementing security procedures. In addition to data protection legislation we also need to consider computer misuse legislation. This legislation protects personal data held by organisations from unauthorised access and modification. The Computer Misuse Act makes the following illegal: 1. Unauthorised access to computer material. 2. Unauthorised access to computer materials with intent to commit a further crime. 3. Unauthorised modification of data. 4. Making supplying or obtaining anything which can be used in computer misuse offences. Failure to comply with the Computer Misuse Act can lead to fines and potentially imprisonment..

[Audio] We need to focus on educating employees and implementing security procedures to avoid security breaches. Educating employees on the risks of internal threats including accidental loss unsafe practices copyright infringement and weak passwords and encryption is essential. Providing employees with the necessary resources and tools to protect their information can prevent these threats. It’s important to educate employees on the risks of using personal devices for work purposes and implementing security measures to prevent unauthorized access to sensitive information..

[Audio] We have identified significant operational and financial impacts of security breaches as major concerns. Ransomware can infiltrate the network and lock the systems leading to a loss of 40 million dollars. Damage to reputation can result in a loss of trust in the company and customer base while legal consequences can be severe including hefty fines and legal action. Forensics research requirements can also be a concern being time-consuming and expensive..

[Audio] We can discuss the common sources of internal threats that can lead to security breaches. Employees unintentionally cause security breaches through accidental loss unsafe practices and B-Y-O-D-. To avoid these threats we can focus on employee education and implementing security procedures. Data protection legislation provides rules about what can and can’t be done with individuals’ data and covers various laws that can differ in different parts of the world..

[Audio] Discuss common sources of internal threats that can lead to security breaches. One of these sources is employee error. Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats focus on employee education and implementing security procedures. Discuss one of these procedures which is Cryptographic techniques and processes for data protection. Cryptographic principles are the foundation of encryption which is a widely used technique for data protection. Encryption can be categorized as either symmetric encryption or public key encryption (asymmetric). Understand principles and uses of encryption as well as legal and ethical issues surrounding it. Computational hardness assumption is an important principle of encryption which states that it is impossible to solve certain mathematical problems. This makes it difficult for attackers to decrypt encrypted data. H-T-T-P-S is a common use for encryption in the H-T-T-P-S protocol. H-T-T-P-S ensures that even if the traffic is intercepted it will be meaningless to all but the intended recipient. H-T-T-P-S is the technology that has enabled the vast majority of what we use on the Internet. Applications of cryptography in more detail in the next section..

[Audio] It is crucial to protect personal information through modern technology. Many technological processes use encryption to secure user data such as web browsing online shopping subscription TV and cryptocurrencies. Encryption is not just a way to secure information it is also a moral and legal issue. The right to privacy is a fundamental human right and it is essential to ensure that our digital space is secure. Governments may wish to access communications for national security but this can put individuals' privacy and security at risk. The question of whether applications promoting security should have a backdoor built-in to allow governments to access communications is complex and can be exploited by hackers. It is essential to consider the potential consequences of implementing a backdoor and to find alternative solutions that can balance privacy and national security. In conclusion encryption is a vital aspect of modern technology and it is critical to comprehend its moral and legal implications. We must prioritize the protection of personal information and find solutions that can balance privacy and national security. For more information please refer to the following links: Encryption ethics: are email providers responsible for privacy? (theconversation.com) Legal Issues with Cryptography | Cryptography with Java | InformIT View of The ethics of unbreakable encryption: Rawlsian privacy and the San Bernardino iPhone | First Monday..

[Audio] Discuss the common sources of internal threats that can lead to security breaches. Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). However there are ways to mitigate these threats through employee education and implementing security procedures. Computational hardness assumption is a hypothesis that a given problem cannot be solved in efficiently. In cryptography it is vital to prove that an algorithm is secure and provides a safe means of encrypting transmitting and storing sensitive information. Computational security essentially works on the proviso that the attacker is computationally limited. By implementing security procedures and educating employees on the importance of computational security we can mitigate the risk of internal threats and protect our sensitive data..

[Audio] We will discuss the sources of internal threats that can lead to security breaches. One of the main sources is employees who can unintentionally cause security breaches through accidental loss unsafe practices and B-Y-O-D-. To avoid these threats we can focus on employee education and implementing security procedures. In terms of cryptography methods there are several types of encryption algorithms and primitives that can be used to secure data. One type of encryption is symmetric key cryptography which uses a single common key that is shared by both the sender and the receiver of a message. Another type is public-key cryptography also known as asymmetric cryptography which uses a pair of keys—a public key and a private key. These keys are used to encrypt and decrypt messages securely. Additionally there are several cryptographic primitives that can be used to secure data including one-way hash functions and symmetric key cryptography. These primitives and algorithms are designed to be secure and should not be compromised. By focusing on employee education and implementing security procedures we can help prevent internal security breaches and protect sensitive data..

[Audio] We discussed common sources of internal threats that can lead to security breaches. Our focus was on employee accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats we emphasized employee education and implementing security procedures. We also talked about the importance of encryption including the use of cryptographic salt as a necessary feature of encryption algorithms. This helps to prevent data breaches by introducing a random element into the algorithm. We discussed various encryption algorithms and their strengths and weaknesses enabling organizations to make informed decisions about which to use to protect their data..

[Audio] Employees can unintentionally cause security breaches through accidental loss unsafe practices and Bring Your Own Device (B-Y-O-D-). To avoid these threats we can focus on employee education and implementing security procedures. One of the most common techniques used to protect data is cryptography. Cryptography involves the use of encryption algorithms to scramble data making it unreadable to anyone without the correct decryption key. There are two main types of encryption: symmetric key encryption and public key encryption. Symmetric key encryption uses one private key in order to encrypt and decrypt information. This means that both the encryptor and the decryptor need to have the key but this key can’t be made publicly available. In other words the recipient of the encrypted information must already have a copy of the correct key to decrypt it. Despite being an older technique that asymmetric encryption symmetric encryption is still widely used as it is: faster to perform (requires fewer C-P-U cycles in order to complete) smaller network utilisation as less data is produced (no need to include key blocks with transmissions) Key exchanges are a critical component of symmetric key encryption ensuring that both parties involved in encryption and decryption have the same key. Digital certificates are used to verify the identity of both the encryptor and decryptor and H-T-T-P-S protocol is used to encrypt data in transit. Virtual Private Networks (VPNs) and Generic Routing Encapsulation (G-R-E--) tunnels are used to create secure tunnels for data transmission while encryption of data on WiFi networks is used to protect data from unauthorized access. We can also apply cryptography in various ways such as encryption of the contents of a database and encryption of computer drives which ensures that if the hard drive is removed from a computer or laptop its contents will be unreadable by third parties. The computer itself stores the key securely and is therefore the only device able to decrypt and access the drive’s contents..

[Audio] Discussing internal threats and security breaches caused by employees through accidental loss unsafe practices and B-Y-O-D-. Focus on employee education and security procedures to avoid these threats. Moving on to Public Key Encryption it's a system using pairs of keys one is private and known only to its owner and the other is public and sharable to anyone. Anyone with the public key can create and encrypt a message but only the private key owner can decrypt it. This is an asymmetric encryption. Consider a server and client communicating. The client can send its public key to the server which generates a key for symmetric encryption and encrypts it using the client’s public key. Once the client decrypts the key it can begin communicating with the server using symmetric encryption. Public Key Encryption widely used for secure communication and protecting sensitive information. WhatsApp uses it for end-to-end encryption. Messages encrypted with recipients’ public keys delivered and finally decrypted with users’ private key. In summary Public Key Encryption a powerful tool for securing communications and protecting sensitive information. Allows secure communication over insecure networks and provides high level of security and privacy. Implementing Public Key Encryption in your organization can protect data from internal threats and ensure secure communication..

[Audio] Discuss key exchange. Key exchange is the process of exchanging cryptographic keys securely over an insecure medium such as the Internet. This process happens before encryption has been initialized which means it takes place in plain text. The steps involved are as follows: Parties A and B have a common starting value. Party A has its own secret value which is secret. Party B has its own secret value which is secret. Party A takes the common starting value and processes it with its secret value. Party B takes the common starting value and processes it with its secret value. At this point A and B exchange their processed values. They will currently be different. Once the exchange has taken place A and B both process the newly received values with their private values. This results in both A and B now possessing the same value – the key for communication between them. Key exchange is used anywhere that requires keys to be exchanged such as internet communications..

[Audio] HTTPS and digital certificates are critical for secure communication on the internet. Certificates are issued by Certification Authorities (CAs) and are used to verify the identity of clients and ensure secure data transfer. Accidentally entered data and other security threats can be prevented through secure communication. Implementing security procedures and focusing on employee education can help prevent security breaches and protect sensitive data online..

[Audio] 1. H-T-T-P-S Handshake poses a threat to internal security. 2. Upon establishing connection with an H-T-T-P-S server the server responds with its certificate. 3. The browser verifies the authenticity of the certificate. 4. If the certificate is invalid the user receives an alert. 5. H-T-T-P-S Connection Sequence diagram is shown. 6. H-T-T-P-S Connection Sequence diagram is shown. 7. Implementing security protocols can minimize the risk of security breaches. 8. Employee training and secure processes are critical to protecting against internal security threats..

[Audio] We have presented on security procedures and measures to prevent unintentional security breaches. It is crucial that employees understand the importance of security procedures and take necessary measures to prevent such breaches. One such measure is the use of Virtual Private Networks (VPNs). V-P-Ns create a private network that allows only you and the endpoint to view data being transmitted and received. They are commonly used to hide activity spoof location or provide additional security such as accessing confidential information from outside of a work network. The typical steps involved in using a V-P-N include establishing a connection encrypting data traffic sending it via an internet service provider to a V-P-N server through a secure connection decrypting the data by the V-P-N server and sending it on to the internet and receiving a reply meant for the user. Another security procedure that can be implemented is G-R-E Tunnelling. G-R-E Tunnelling takes the principle of encapsulation and goes further by encapsulating data within another packet making it invisible to firewalls and allowing rules to be easily bypassed..