Professional Documents
Culture Documents
Critical infrastructure
SECURITY OF CYBERSPACE : RISKS
Critical infrastructures such as telecommunications ,
transportation, energy and finance can get affected by attacks on
information infrastructures.
Crimeware
◦ Targeting personal information for financial frauds
◦ Information Stealing through social networking sites
8
GLOBAL ATTACK TREND
GLOBAL TREND
• The current threat environment is characterized by an increase
in data theft, data leakage, and the creation of malicious code that
targets specific organizations.
• Attackers are refining their methods and consolidating assets to
create global networks that support coordinated criminal activity.
• Increased inter-operability between diverse threats.
• Year of the zero-day, targeted malicious code and the exploitation
of medium severity vulnerability.
• High levels of malicious activity across the internet with increases
in bot networks,phishing,spam and Trojans.
Spam
SPAM
originating in India accounted for one percent
of all spam originating in the top 25 spam-producing
countries making India the eighteenth ranked
country worldwide for originating spam.
Each group has skills and expertise that should complement but often conflict
with that of the other group.
◦ AUTOMATIC SCANS
◦ MANUAL SCANS
FIREWALLS
When anyone or anything can access your computer at any time, your
computer is more susceptible to being attacked. You can restrict
outside access to your computer and the information on it with a
firewall.
View the internet as a novel, not a diary - Make sure you are
comfortable with anyone seeing the information you put online.
Be careful what you advertise - When deciding how much
Install the software in phases
concern
With every new application, newervulnerabilities crop up, posing
immense challenges to those who are mandated to protect the IT assets
Coupled with this host
of legal requirements and international business
compliance requirements on data protection and privacy place a huge
demand on IT/ITES/BPO service organizations
We need to generate ‘Trust & Confidence’
CYBER SECURITY STRATEGY-INDIA
• Security Policy, Compliance and Assurance – Legal
Framework
– IT Act, 2000
– IT (Amendment) Bill, 2006 – Data Protection & Computer crimes
– Best Practice ISO 27001
– Security Assurance Framework- IT/ITES/BPO Companies