Information Security Management - Hansa Edirisinghe
-
Upload
hansa-edirisinghe -
Category
Education
-
view
488 -
download
3
description
Transcript of Information Security Management - Hansa Edirisinghe
![Page 1: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/1.jpg)
MSc CIS7027 Information Security Management
ASSIGNMENT 2012
Critique the employment of ethical hacking as a way of reviewing and strengthening the security of
information systems
Hansa EdirisingheBSc (Hons) University of Portsmouth, UK
MSc IT - Cardiff Metropolitan University, UK
![Page 2: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/2.jpg)
Why did I selected this topic ?
• Hacking is a major security threat in IT
• Organizations find solutions to prevent their system from hackers
• Employment of Ethical Hacker (EH) is becoming popular to prevent attacks
![Page 3: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/3.jpg)
How critical the Hacking is?(According to hackmageddon.com, hacking attacks in the month of October 2012)
Source : http://hackmageddon.com/2012-cyber-attacks-timeline-master-index/
![Page 4: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/4.jpg)
Hackers
White Hat
People who specialized
hacking check the
faults of the system
Grey Hat
Exploit a security to the
attention of the owners
Black Hat
People who break into
networks and harm to the network and
property
White Hat is known as Ethical Hacker
![Page 5: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/5.jpg)
Strengthening the security through EH
• Ensuring the protection of company confidential information (i.e. Finance, Production, Marketing, R & D )
• Protect the system from malware/hacking• Analyze risk assessment and control
vulnerable areas• Ensure that sensitive information of clients
does not go to wrong hands
![Page 6: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/6.jpg)
Barriers to EH
• Heavy dependence of employee, because EH has all the company secret information
• Finding a competent and specialist person
• Frequent employee turnover may cause problems to the organization
![Page 7: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/7.jpg)
“The employment of ethical hacking as a way of reviewing and strengthening the security of information systems”
1. Introduction to EH2. Discussions on,
a) Ensuring the protection of company confidential informationb) Protect the system from malware/hackingc) Risk assessment and control vulnerable areasd) Ensuring sensitive information of clients does not go to wrong handse) Barriers to EH
3. Evaluation & Recommendation 4. Conclusion
Framework of my Report
![Page 8: Information Security Management - Hansa Edirisinghe](https://reader036.fdocuments.us/reader036/viewer/2022082704/5590447b1a28ab5b4a8b4744/html5/thumbnails/8.jpg)
Thank You