1.Why has there been a dramatic increase in the number of computer related security incidents (in Information Technology) In recent year?(Ethic in information technology 2 edition by George Reynolds p.68)
2.What are same characteristics of common computer criminals.Include there objective.
1. Security of information technology is of utmost importance
Protect confidential data
2. Safeguard private customer and employee data
Protect against malicious acts of theft or disruption
Must be balanced against other business needs and issues
3. Number of IT-related security incidents is increasing around the world
4. Computer Emergency Response Team Coordination Center (CERT/CC)
Established in 1988 at the Software Engineering Institute (SEI)
Charged with
Coordinating communication among experts during computer security emergencies
Helping to prevent future incidents-To be sure, some computer criminals are mean and sinister types. But many more wear business suits, have university degrees, and appear to be pillars of their communities. Some are high school or university students. Others are middle-aged business executives. Some are mentally deranged, overtly hostile, or extremely committed to a cause, and they attack computers as a symbol. Others are ordinary people tempted by personal profit, revenge, challenge, advancement, or job security. No single profile captures the characteristics of a "typical" computer criminal, and many who fit the profile are not criminals at all.
3.What action must be taken in response to a security incidents.
- organizations learn how to respond to security incidents only after suffering attacks. By this time, incidents often become much more costly than needed. Proper incident response should be an integral part of your overall security policy and risk mitigation strategy.
There are clearly direct benefits in responding to security incidents. However, there might also be indirect financial benefits. For example, your insurance company might offer discounts if you can demonstrate that your organization is able to quickly and cost-effectively handle attacks. Or, if you are a service provider, a formal incident response plan might help win business, because it shows that you take seriously the process of good information security.
Monday, December 13, 2010
Firewall
firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.
Monday, December 6, 2010
Subscribe to:
Posts (Atom)