THE PRIVACY AND SECURITY ISSUES RELATING TO INFORMATION
- Slides: 12
THE PRIVACY AND SECURITY ISSUES RELATING TO INFORMATION MAJED BASAMAD DATE: FEBRUARY 6, 2017
PRIVACY AND INFORMATION SECURITY ISSUES RELATING TO TECHNOLOGY • ADOPTION OF COMPUTERS IN VARIOUS ORGANIZATIONS AND BUSINESSES MAKES THE ENVIRON VULNERABLE TO DATA BREACH AND PRIVACY ISSUES. • THE CONTINUOUS STRUGGLE TO ENSURE ACCESSIBILITY IS FOSTERED WITHIN INSTITUTION POSES A GREATER RISK TO VITAL INFORMATION. • HACKERS ABILITY TO EMPLOY SOPHISTICATED ATTACK VECTORS ON ORGANIZATIONAL NETWORKS AGAINST THE ALREADY LAYED DATA SECURITY PARAMETERS THAT ARE WEAK TENDS TO COMPROMISE INFORMATION SECURITY.
ONLINE PRIVACY AND THE LAW • THERE EXISTS VARIOUS GLOBALLY ADOPTED POLICIES THAT GOVERN ONLINE PRIVACY OF INDIVIDUALS AND DATA. • THE COEXISTING PRIVACY LAWS PROVIDES ALL INDIVIDUALS WITH A LEGAL FRAMEWORK WITHIN WHICH THEY ARE ADEQUATELY PROTECTED. • COMPUTER AND DATA PRIVACY LAWS ARE ENACTED AND ENSHRINED IN THE MODERN DAY CONSTITUTIONS AS THEY ARE DEEMED AS PART OF THE CONVENTIONAL HUMAN RIGHTS.
CHALLENGES ASSOCIATED WITH ONLINE DATA PRIVACY ENACTMENT IN THE SOCIETY • THE BIGGEST CHALLENGE IN PRIVACY ENACTMENT IS THE RIGHTS ACQUAINTED TO EACH INDIVIDUAL WITH REGARDS TO KNOW WHAT KIND OF DATA IS MAINTAINED ON THEM. • THE DYNAMICS INVOLVED IN THE PROVISION OF THE REQUIRED SECURITY PARAMETERS SO AS TO ENSURE SECURE AUTHORIZATION IS GRANTED TO THE SYSTEM ARE COMPLEX AND SOPHISTICATED. • THE MODERN DAY TECHNOLOGY INDUSTRY HAS WITNESSED A SHARP INCREASE IN ATTACKS INVOLVING COMPUTER APPLICATIONS THAT ALLOW BACKDOORS TO BE INSTALLED IN SOPHISTICATED SYSTEMS HENCE MAKING IT VULNERABLE TO DATA BREACHES AMIDST POLICY ENACTMENT
SYSTEMS SECURITY • INFORMATION CONTAINED IN SYSTEMS REQUIRES IMPLEMENTATION OF PROPER SECURITY PARAMETERS WITH REGARDS TO DATA SECURITY AND SECURITY OF THE SYSTEMS WITHIN WHICH DATA IS STORED. • TO GUARANTEE INFORMATION SECURITY ENTAILS THAT ONE LAYS STRATEGIC MEASURES IN PLACE PREVENTING MALICIOUS CYBER ATTACKS. • THE ABILITY TO MAINTAIN A CONSISTENT DATA LIFECYCLE PLAYS A CENTER ROLE IN ENSURING AN EVOLUTION IN THE SYSTEMS AND SECURITY CONTROLS THAT EFFECTIVELY PROMOTE INFORMATION AVAILABILITY.
EVOLUTION OF HACKERS • AS THE CONTEMPORARY SOCIETY TENDS TO RELY MORE ON SMARTPHONES AND PORTABLE TECHNOLOGY HACKERS ARE CONTINUALLY FINDING IT EASIER TO PENETRATE LARGE ORGANIZATIONS. • HACKERS CONTINUALLY TARGET SMALL AND MEDIUM ENTERPRISES AS THEY HAVE WEAK OR LACK PROPER SECURITY PARAMETERS IN PLACE TO PREVENT INSTANCES OF DATA BREACHES. • THE LACK OF AWARENESS ON TROJAN HORSES AND MALWARE USED AS BACKDOORS IN MAJOR SYSTEMS AMONG USERS WHO USE THEIR DEVICES ON PUBLIC AND PRIVATE NETWORKS WITH SENSITIVE DATA SHOWCASES THE MANNER BY WHICH HACKERS POSE A THREAT TO DATA AND PRIVACY • IN 2015 ALONE STUDY SHOWS THAT HACKERS HAVE TARGETED HEALTHCARE BREACHES
METHODS USED BY HACKERS • BLACK HAT HACKERS CONTINUE TO INDULGE IN VARIOUS HACKTIVITIES ONLINE SUCH AS DATA BREACHES AND LATER ON SELL THE SENSITIVE DATA IN UNDERGROUND BLACK-MARKETS. • DATA BROKERS AND HACKERS CONTINUE TO EMPLOY VARIOUS SOPHISTICATED TECHNIQUES SUCH AS NETWORK SUBNETING AND CARRYING OUT MASSIVE DDOS ATTACKS. • HACKERS CREATE HONEY POTS AND CREATIVELY COVER THEIR DIGITAL FOOTPRINTS HENCE MAKING IT HARD TO BE TRACED.
MEASURES TAKEN BY ORGANIZATIONS TO CURB HACKING AND FOSTER PRIVACY • AS HACKERS CONTINUALLY TARGET MEDIUM ORGANIZATIONS SUCH AS HEALTHCARE INSTITUTIONS THE ORGANIZATIONS CONTINUE TO TAKE VARIOUS MEASURES GEARED TOWARDS PREVENTING SUCH ATTACKS. • THE ABILITY TO ENSURE ORGANIZATIONS PRIVATE NETWORKS ARE SEPARATION FROM USER NETWORK ENSIURES THE ATTACKS ON SENSITIVE NETWORK IS MINIMIZED • MOST ORGANIZATIONS ARE HIRING INDEPENDENT IT FIRMS TO CARRY OUT PENETRATION TESTING PROCEDURES ON THEIR NETWORKS HENCE MINIMIZING THE ATTACK WINDOW.
MEASURES TAKEN BY ORGANIZATIONS TO CURB HACKING AND FOSTER PRIVACY • ORGANIZATIONS ENSURE THE UNDERLYING DATA IS STORED IN RELIABLE SERVERS AND DATA CENTERS WHICH ARE STORED IN DIFFERENT LOCATIONS UPON INSTANCES OF A HACK ATTACK. • ENSURING ALL THE EMPLOYEES ARE ACQUAINTED WITH THE APPROPRIATE KNOW HOW OF THE VARIOUS ATTACK VECTORS ENSURES THE ATTACKS ARE MINIMIZED. E. G ALL EMPLOYEES ARE EDUCATED ON SCANNING THEIR DEVICES BEFORE JOINING THE ORGANIZATIONS NETWORK. THIS ENSURES ALL MALWARE THAT HAS BEEN INSTALLED OVER PUBLIC NETWORKS CANNOT BE SPREAD OVER THE ORGANIZATIONS NETWORK. • HAVING A CLEAR AUTHENTICATION KEY FOR EACH LEVEL OF EMPLOYEES ENSURES LIMITED ACCESS TO CONTENT WITH CLEARANCE HENCE PREVENTING INSTANCES OF INSIDER ATTACKS.
CONCLUSION • IN THIS PRESENTATION THE MAIN AIM WAS TO GIVE A CRYSTAL PERSPECTIVE ON THE ATTACK VECTORS AND PRIVACY POLICIES DEPLOYED IN PLACE TO FOSTER DATA BREACH ACTIVITIES. • THE ABOVE SLIDES POINT OUT THE VARIOUS LAWS ENACTED IN TO PLACE AND THE MOST USED ATTACK VECTORS THAT HAVE OVERTIME BEEN UTILIZED BY HACKERS. • STATED ABOVE ARE THE VARIOUS STRATEGIES THAT ORGANIZATIONS CAN USE IN PLACE TO ENSURE THEY ARE ACTIVELY PROTECTED FROM SUCH ATTACKS HENCE PREVENTING SEVERAL INSTANCES OF DATA BREACHES AND SENSITIVE USER PRIVACY BREACH.
REFERENCES • ORR, T. (2008). PRIVACY AND HACKING. NEW YORK: ROSEN CENTRAL. • LEVY, S. (2010). HACKERS. SEBASTOPOL, CA: O'REILLY MEDIA. • ERICKSON, J. (2008). HACKING: THE ART OF EXPLOITATION. SAN FRANCISCO, CA: NO STARCH PRESS.
Thank You