Slide 1

Slide 2 SECURITY AND INFORMATION SYSTEMS THE EVOLUTION OF SECURITY SYSTEMS Created By: Jamere Hill Instructor: Kyhia Bostic Section 19653 University of Houston Slide 3 TABLE OF CONTENTS Introduction . Slide 3 Defining Information Systems Security. Slide 4 Threats to Information Systems. Slide 5 A Growing Concern. Slide 6 . Slide 7 Security Collage Slide 8 Consequences of Hacked Systems. Slide 9 Current Solutions & Defenses. Slide 10 New Approaches to Information Security . Slide 11 . Slide 12 Slide From Another Presentation. Slide 13 Source Credits. Slide 14 End Slide 15 Slide 4 My name is Jamere Hill. I was born and raised in Peoria, IL and moved to Houston after completing my first degree in 2011. I received my B.S. in Marketing at Southern Illinois University and got my first REAL job as a Recruiter a few months after. Although I do love what I do, I cant see myself recruiting for the next 30 years or so which is why Im back in school. I have a very strong interest in computer programming and coding and have taught myself some very basic principles. My short term goal is to get a job in the field after graduating but eventually, I hope that I can become skilled enough to start my own business. My Introduction Slide 5 WHAT IS INFORMATION SYSTEMS SECURITY? Computer Information Security is multidisciplinary area of study and professional activity which is concerned with the development and implementation of security mechanisms of all available types in order to keep information in all its locations and, consequently, information systems, where information is created, processed, stored, transmitted and destroyed, free from threats Source: http://en.wikipedia.org/wiki/Information_security#Definitionshttp://en.wikipedia.org/wiki/Information_security#Definitions Slide 6 THREATS TO INFORMATION SYSTEMS Though there have always been major risks, there has been increasing concern regarding the safety of personal data in computer and information systems. With some of the worlds largest and most influential organizations experiencing more and more data breaches, people are starting to look for answers. There are multiple types of security threats that companies and individuals should be aware of. These threats include: Trojans Viruses and worms Denial of service Malware Payloads Rootkits Keyloggers Eavesdropping Slide 7 A GROWING CONCERN This is a video about Targets recent data breach. Target is just one of many organizations who have had their information systems infiltrated Slide 8 A GROWING CONCERN CONT Multiple organizations have experienced major data breaches in the past few years. These breaches consequently affect the personal and financial data of their customers and clients. Companies that have experienced recent data breaches include: Home Depot Target Corporation TJX Companies Adobe Systems Zappos Slide 9 Slide 10 CONSEQUENCES OF HACKED INFORMATION SYSTEMS Loss of access to computer, or other systems Loss of personal information on computer or other systems Bank Accounts and other financial data Photos Videos High volume traffic which will slow down the whole system Infection of other systems Illegally distributing music, movies, software and other illegal media This could be interpreted as he user of computer conducting these acts Spam and Phishing Emails Slide 11 CURRENT SOLUTIONS AND DEFENSES Access Control Systems Antivirus Software Secure Coding Security by design Secure Operating Systems Authorization Firewalls Intrusion detection system Intrusion prevention system Mobile secure gateway Slide 12 NEW APPROACHES TO SECURITY According to Energy.Gov, Todays approach to information security is not as effective as it once was and is not sustainable. Information systems are rapidly growing and mobile due to technologies like cloud servers. Your information is everywhere and anyone with skills at hacking can gain access to it. Improving security will be difficult because hardware and software supply chains are not centralized and there are no paths to detect-free systems, but it is still possible. Slide 13 NEW APPROACHES TO SECURITY CONT. According to Energy.Gov, we need to get away from trying to protect entire networks and protect critical missions. This involves: Knowing the network and activities in full-scale and real-time Predicting network behaviors Adapting threat protection to specific activities and environments Slide 14 Slide 15 SOURCE CREDITS http://en.wikipedia.org/wiki/Information_security#Definitions http://en.wikipedia.org/wiki/Data_breach http://it.ucmerced.edu/security/information-security-awareness-training/what-computer-security http://energy.gov/sites/prod/files/Brase-LLNL-SEAB.10.11.pdf Slide 16 THE END