INFORMATION SYSTEM SECURITY
The protection of information systems against
unauthorized access to or modification of
information, whether in storage, processing or
transit, and against the denial of service to
authorized users, including those measures
necessary to detect, document, and counter
such threats.
The 3 Information Security Triad:
 Confidentiality
 Integrity
 Availability (CIA)
E-Business Models with e-Commerce Strategy
E-commerce is a key component of e-business,
and there are several e-business models that
companies can adopt to drive their e-
commerce strategy. Here are some of the most
popular e-business models:
. Business to Consumer (B2C): This is
the most common e-commerce
model, where businesses sell
products or services directly to
consumers through online platforms.
Examples include Amazon, Alibaba,
and eBay.
. Business to Business (B2B): This
model involves businesses selling to
other businesses through online
marketplaces or platforms. Examples
include Alibaba, ThomasNet, and
TradeKey.
 Confidentiality
When protecting information, we want to be able
to restrict access to those who are allowed to see
it; everyone else should be disallowed from
learning anything about its contents.
 Integrity
Integrity is the assurance that the information
being accessed has not been altered and truly
represents what is intended.
 Availability
Availability means that information can be
accessed and modified by anyone authorized to do
so in an appropriate timeframe.
Internet of Things (IoT)
The Internet of Things (IoT) is a network of physical
objects with sensors, software, and connectivity
capabilities that collect and exchange data over the
internet. These objects can be everyday devices,
machines, vehicles, appliances, or people with
unique identifiers.
Impact of IoT in Human and Business Life
 Enhanced Connectivity
 Improved Efficiency
 Data-driven Insights
 Enhanced Safety and Security
 Healthcare and Well-being
 Smart Transportation
 Business Opportunities
Seven domains of a typical IT infrastructure
 User Domain
This domain includes any end-user accessing
information at the organization.
 Workstation domain
The Workstation Domain includes any computing
devices used by end-users and represents how the
users connect to the actual IT infrastructure.
 LAN domain
The LAN Domain includes all the equipment that
makes up the local area network, including
switches, hubs, access points and WiFi, and
routers.
 LAN to WAN domain
The LAN-to-WAN Domain is where the corporate
LAN connects to the Internet (in this case, the
WAN).
 WAN domain
The WAN Domain is represented by the Internet
and stands for wide area network.
 Remote access domain
The Remote Access Domain is represented by any
employee, vendor, or contractor that works in the
field or from home, instead of within the office
environment, and accesses the corporate LAN.
 System and application domains
The System/Application Domain includes all system
and application software-related issues.
IT security framework
An IT security framework is a series of documented
processes that define policies and procedures
around the implementation and ongoing
management of information security controls.
These frameworks are a blueprint for managing risk
and reducing vulnerabilities. Frameworks provide a
starting point for establishing processes, policies
and administrative activities for information
security management.
  Consumer to Consumer (C2C): This model
involves individuals selling products or
services to other individuals through
online platforms. Examples include eBay,
Craigslist, and Etsy.
 Consumer to Business (C2B): This model
involves individuals selling products or
services to businesses through online
platforms. Examples include Upwork,
Fiverr, and Freelancer.
 Business to Administration (B2A): This
model involves businesses providing
products or services to government
agencies or institutions through online
platforms. Examples include GSA
Advantage, FedBid, and eBuy.
IP Mobility
IP mobility refers to the ability of a device, like a smartphone or
laptop, to move between different networks or locations while
maintaining a continuous and stable internet connection.
Challenges Created by IoT
● Security Concerns: IoT devices can be vulnerable to
hacking, leading to privacy breaches and potential
misuse of data.
● Interoperability Issues: Devices from different
manufacturers may use different standards, making
it challenging for them to communicate effectively.
● Data Privacy: The vast amount of data generated by
IoT devices raises concerns about how this data is
collected, stored, and used, often without users' full
awareness or consent.
● Scalability: As the number of connected devices
increases, managing and scaling the infrastructure
becomes complex and may require significant
resources.
● Reliability: IoT devices need to be dependable to
ensure their proper functioning, especially in critical
applications like healthcare or industrial systems.
● Power Consumption: Many IoT devices operate on
battery power, so optimizing energy efficiency is
crucial to extend their lifespan and reduce
environmental impact.
Several e-commerce strategies that companies can
adopt to drive sales and growth:
 Direct-to-consumer (DTC): This strategy
involves companies selling products or services
directly to consumers through their own
online stores, rather than through third-party
retailers.
 Omnichannel: This strategy involves
integrating various channels (such as online,
mobile, brick-and-mortar, and social media) to
create a seamless shopping experience for
customers.
Malicious Attacks, Threats and Impact in the IT
Infrastructure
Malicious Attacks
Encompasses many specific types of attacks such as
ransomware, spyware, command and control, and more.
Malware
Short for malicious software, is a term that encompasses
any software designed with the intent to cause harm to a
user’s computer, server, or network.
Types of Malware:
 Ransomware
Disables victim's access to data until ransom is paid.
Is software that uses encryption to disable a target’s
access to its data until a ransom is paid.
 Keyloggers
Monitors users' keystrokes
Tools that record what a person types on a device.
 Fileless Malware
Makes changes to files that are native to the OS
It makes changes to files that are native to the operating
system, such as PowerShell or WMI.
 Subscription: This strategy involves offering
products or services on a recurring basis, such
as monthly or annual subscriptions, to
generate predictable and recurring revenue.
 Marketplace: This strategy involves creating
an online platform where multiple sellers can
offer their products or services to customers.
Examples include Amazon Marketplace, Etsy,
and eBay.
 Personalization: This strategy involves
tailoring the shopping experience to individual
customers based on their preferences,
behaviors, and purchase history to increase
engagement and retention.
 Spyware
Collects user activity data without their knowledge.
Worms
Spreads through a network by replicating itself
Target vulnerabilities in operating systems to install
themselves into networks.
 Bots
Launches a broad flood of attacks
A software application that performs automated tasks on
command.
 Adware
Serves unwanted advertisements
That information can be shared or sold to advertisers
without the user’s consent
 Trojans
Disguises itself as desirable code
 Rootkits
Gives hackers remote control of a victim's device.
  Mobile Malware
Infects mobile devices
 Wiper Malware
Erases user data beyond recoverability
A wiper is a type of malware with a single purpose: to
erase user data and ensure it can’t be recovered.
Threats
Threat is a malicious act that aims to corrupt or steal
data or disrupt an organization's systems or the entire
organization.
 Insider threats
An insider threat occurs when individuals close to an
organization who have authorized access to its network
intentionally or unintentionally misuse that access to
negatively affect the organization's critical data or
systems.
 Viruses and worms
malicious software programs (malware) aimed at
destroying an organization's systems, data and network.
Information systems security: its effect on people and
businesses
Information security
Information security covers the tools and processes that
organizations use to protect information.
Types of information security
 Application security
This infosec approach is designed for safeguarding
applications and application programming interfaces. It
stops and blocks vulnerabilities and data breaches from
affecting applications.
 Infrastructure security
Infrastructure security focuses on safeguarding intranet
and extranet networks, as well as labs, data centers,
servers, desktop computers, cloud assets and mobile
devices.
 Botnets
a collection of Internet-connected devices, including PCs,
mobile devices, servers and IoT devices that are infected
and remotely controlled by a common type of malware.
 Drive-by download attacks
In a drive-by download attack, malicious code is
downloaded from a website via a browser, application or
integrated operating system without a user's permission
or knowledge.
 Phishing attacks
type of information security threat that employs social
engineering to trick users into breaking normal security
practices and giving up confidential information, including
names, addresses, login credentials, Social Security
numbers, credit card information and other financial
information
 Distributed denial-of-service (DDoS) attacks
multiple compromised machines attack a target, such as a
server, website or other network resource, making the
target totally inoperable.
 Cloud security.
This approach is geared toward securing, building and
hosting apps in the cloud.
 Cryptography.
Cryptography is the process of converting plaintext data
into secure data by encrypting it.
• Vulnerability management
Every year, thousands of new vulnerabilities are
discovered that require organizations to patch their
operating systems and applications and reconfigure the
security settings of their network
• Incident response plan
An incident response plan is a set of information security
processes that are used to identify, contain and recover
from security breaches.
 ransomware attack
the victim's computer is locked, typically by encryption,
which keeps the victim from using the device or data
that's stored on it.
 Exploit kits
a programming tool that enables a person without any
experience writing software code to create, customize
and distribute malware.
 Advanced persistent threat attacks
An advanced persistent threat (APT) is a targeted
cyberattack in which an unauthorized intruder penetrates
a network and remains undetected for an extended
period of time.
 Malvertising
technique cybercriminals use to inject malicious code into
legitimate online advertising networks and web pages.
RISKS AND VULNERABILITIES
Risk management
the process of identifying, analyzing, evaluating, and
treating the potential or actual threats to an
organization’s objectives, assets, or stakeholders.
Approaches of Risk Management
 Risk avoidance
This approach aims to eliminate or reduce the exposure
to risks by avoiding the activities or decisions that create
them
 Risk transfer
This approach involves shifting the responsibility or
burden of risks to another party, such as an insurer, a
contractor, or a partner.
 Risk retention
This approach accepts the risks and bears the
consequences, either voluntarily or involuntarily.
 Risk reduction
This approach attempts to minimize the likelihood or
impact of risks by implementing controls, mitigation
strategies, or contingency plans.
 Risk sharing
This approach distributes the risks among multiple
parties, such as stakeholders, customers, or suppliers.
Some examples of common IT risks are:
• Data breaches: unauthorized access to
sensitive or confidential information,
such as personal, financial or health data.
• Ransomware: malicious software that
encrypts your files or systems and
demands a ransom for their decryption.
• Phishing: fraudulent emails or messages
that trick users into revealing their
credentials or clicking on malicious links
or attachments.
• Denial-of-service: attacks that
overwhelm your network or servers with
traffic or requests, preventing legitimate
users from accessing your services or
resources.
• Malware: any type of malicious software
that can infect your devices or systems
and perform harmful actions, such as
stealing data, deleting files, spying, etc.
Some possible impacts are: Weaknesses in OT Environments
• Financial losses: costs of 1. Lack of Network Segmentation
recovery, investigation, legal fees, 2. DDoS Attacks
fines, compensation, etc. 3. Web Application Attacks
• Reputation damage: loss of trust, 4. Malware
credibility, customer loyalty, 5. Command Injection
brand value, etc. 6. Parameters Manipulation
• Operational disruption:
downtime, delays, errors,
inefficiencies, etc.
• Regulatory compliance: violations
of laws, regulations, standards,
contracts, etc.
• Legal liability: lawsuits, claims,
disputes, etc.