Information Security Management - Hansa Edirisinghe

8
MSc CIS7027 Information Security Management ASSIGNMENT 2012 Critique the employment of ethical hacking as a way of reviewing and strengthening the security of information systems Hansa Edirisinghe BSc (Hons) University of Portsmouth, UK MSc IT - Cardiff Metropolitan University, UK

description

The presentation for "Critique the employment of ethical hacking as a way of reviewing and strengthening the security of information systems" prepared by Hansa Edirisinghe. (MSc IT - Cardiff Metropolitan University, UK )

Transcript of Information Security Management - Hansa Edirisinghe

Page 1: Information Security Management - Hansa Edirisinghe

MSc CIS7027 Information Security Management

ASSIGNMENT 2012

Critique the employment of ethical hacking as a way of reviewing and strengthening the security of

information systems

Hansa EdirisingheBSc (Hons) University of Portsmouth, UK

MSc IT - Cardiff Metropolitan University, UK

Page 2: Information Security Management - Hansa Edirisinghe

Why did I selected this topic ?

• Hacking is a major security threat in IT

• Organizations find solutions to prevent their system from hackers

• Employment of Ethical Hacker (EH) is becoming popular to prevent attacks

Page 3: Information Security Management - Hansa Edirisinghe

How critical the Hacking is?(According to hackmageddon.com, hacking attacks in the month of October 2012)

Source : http://hackmageddon.com/2012-cyber-attacks-timeline-master-index/

Page 4: Information Security Management - Hansa Edirisinghe

Hackers

White Hat

People who specialized

hacking check the

faults of the system

Grey Hat

Exploit a security to the

attention of the owners

Black Hat

People who break into

networks and harm to the network and

property

White Hat is known as Ethical Hacker

Page 5: Information Security Management - Hansa Edirisinghe

Strengthening the security through EH

• Ensuring the protection of company confidential information (i.e. Finance, Production, Marketing, R & D )

• Protect the system from malware/hacking• Analyze risk assessment and control

vulnerable areas• Ensure that sensitive information of clients

does not go to wrong hands

Page 6: Information Security Management - Hansa Edirisinghe

Barriers to EH

• Heavy dependence of employee, because EH has all the company secret information

• Finding a competent and specialist person

• Frequent employee turnover may cause problems to the organization

Page 7: Information Security Management - Hansa Edirisinghe

“The employment of ethical hacking as a way of reviewing and strengthening the security of information systems”

1. Introduction to EH2. Discussions on,

a) Ensuring the protection of company confidential informationb) Protect the system from malware/hackingc) Risk assessment and control vulnerable areasd) Ensuring sensitive information of clients does not go to wrong handse) Barriers to EH

3. Evaluation & Recommendation 4. Conclusion

Framework of my Report

Page 8: Information Security Management - Hansa Edirisinghe

Thank You