security and control soetam rizky. why systems are vulnerable ?
TRANSCRIPT
![Page 1: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/1.jpg)
Security and Control
Soetam Rizky
![Page 2: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/2.jpg)
Why Systems Are Vulnerable ?
![Page 3: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/3.jpg)
Vulnerability• Citigroup: Customer losses from hack attack reaches $2.7M – 2011• Hacked in April to June 2011, Sony reportedly lost almost $171 million• Money stolen from the hacked business accounts was used by a group
related to Al Qaeda to fund terrorist attacks in Asia. According to reports, refunding costumers cost AT&T almost $2 million.
• $1 million was stolen from stock brokerages Fidelity Investments, Scottrade, E*Trade, and Charles Schwab. The rest of the money was taken from fraudulent tax refunds, with the stolen identities of more than 300 people.
• News Corporation made a loss of $1.6bn (£1.2bn) in the last quarter as it absorbed $2.8bn in charges related to a plan to spin off its ailing publishing businesses.
![Page 4: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/4.jpg)
Vulnerability
By People ?
By Accident ?
![Page 5: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/5.jpg)
Before we continue…..• Suppose you’re a CEO which policy
would you choose :–Very strict–Moderate–Full of freedom
![Page 6: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/6.jpg)
That’s why We Need Security & Control
Inadequate security and control may create serious legal liability.
Businesses must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so can lead to costly litigation for data exposure or theft.
A sound security and control framework that protects business information assets can thus produce a high return on investment.
![Page 7: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/7.jpg)
Security Aspects for Management
Electronic Records Management• Policies, procedures
and tools for managing the retention, destruction, and storage of electronic records
Electronic Evidence• Computer data stored
on disks and drives, e-mail, instant messages, and e-commerce transactions
Computer Forensics• Scientific collection,
examination, authentication, preservation, and analysis of computer data for use as evidence in a court of law
![Page 8: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/8.jpg)
Security Aspects for Management
Risk Assessment• Determines the
level of risk to the firm if a specific activity or process is not properly controlled
Acceptable Use Policy (AUP)
Authorization policies
Identifying acceptable
security goals
![Page 9: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/9.jpg)
Quick Summary
Security aspects for
management
Security is important
Security Authorization
Assess the risk control
![Page 10: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/10.jpg)
Before we continue……
Suppose that your company involve in serious fraud, and you got the electronic evidence, what would you do ?
![Page 11: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/11.jpg)
Security Ensuring Business Continuity
Downtime: Period of time in which a system is not operational
Fault-tolerant computer systems: Redundant hardware, software, and power supply components to provide continuous, uninterrupted service
High-availability computing: Designing to maximize application and system availability
![Page 12: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/12.jpg)
Security Ensuring Business Continuity
Load balancing: Distributes access requests across multiple servers
Mirroring: Backup server that duplicates processes on primary server
Recovery-oriented computing: Designing computing systems to recover more rapidly from mishaps
![Page 13: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/13.jpg)
Security Ensuring Business Continuity
Disaster recovery planning: Plans for restoration of computing and communications disrupted by an event such as an earthquake, flood, or terrorist attack
Business continuity planning: Plans for handling mission-critical functions if systems go down
![Page 14: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/14.jpg)
Quick Summary
Ensuring Business
Continuity
Fault tolerant high availability,
downtime
Recovery oriented Load
balancing, mirroring
Disaster Recovery Planning
![Page 15: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/15.jpg)
Before we continue……
As customer, can you mention which company is really care about ensuring business continuity ?
![Page 16: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/16.jpg)
Before we continue……
What is the real disaster for digital firm ?
![Page 17: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/17.jpg)
Opportunities & ChallengesCreation of secure, reliable Web sites and
systems that can support e-commerce and e-business strategies
Designing systems that are neither overcontrolled nor undercontrolled
Implementing an effective security policy
![Page 18: Security and Control Soetam Rizky. Why Systems Are Vulnerable ?](https://reader038.vdocument.in/reader038/viewer/2022110303/5517addd55034645368b5e70/html5/thumbnails/18.jpg)
Questions /Comments ?