Information Security is the concept of securing the information in the system, or in transit in the connected/unsecured network. If this information gets into the wrong hands this causes enormous damage to finances, reputation, and the organization's customers.
Elements of Information Security
- Confidentiality:- Make sure that the information is only accessed by authorized people.
- Integrity:- Prevention of improper and unauthorized changes to the data.
- Availability:- Responsible for providing, storing, and processing the information that is requested by the authorized user.
- Authenticity:- Ensures the quality of being genuine/real.
- Non-repudiation:- A guarantee that none of the parties can deny having sent the message by the sender and receiving the message by the recipient. We use digital signatures to ensure non-repudiation.
ATTACK = MOTIVE + METHOD + VULNERABILITY
Hackers generally attack individuals/organizations to bring them down, gaining some personal satisfaction or abusing the security that they are providing to their customers. Finding the best possible method that allows the attackers to gain privileged access to the systems by exploiting the vulnerabilities that are present in the target systems.
Comments
Post a Comment