Chapter 10: Information Security Management

What is the goal of information systems security?

• Threat/Loss Scenario: Major elements of IS security

• Threat – person or organization seeks to obtain data or other assets illegally, without owner’s permission and often without owner’s knowledge

• Vulnerability – opportunity for threats to gain access to individual or organizational assets; for example, when you buy online, you provide your credit card data, and as data is transmitted over Internet, it is vulnerable to threats

• Safeguard – measure individuals or organizations take to block threat from obtaining an asset; not always effective, some threats achieve their goal in spite of safeguards

• Target – asset desired by threat

•    Human error examples: (1) employee misunderstands operating procedures and accidentally deletes customer records; (2) employee inadvertently installs an old database on top of current one while doing backing up; (3) physical accidents, such as driving a forklift through wall of a computer room

•    Computer crime – intentional destruction or theft of data or other system components

•    Natural disasters – fires, floods, hurricanes, earthquakes, tsunamis, avalanches, other acts of nature; includes initial loss of capability and service, and losses recovery costs

•    Unauthorized Data Disclosure

•    Pretexting

•    Phishing

•    Spoofing

•    IP spoofing

•    Email spoofing

•    Drive-by sniffers

•    Wardrivers

•    Hacking & natural disasters

•    Procedures incorrectly designed or not followed

•    Increasing customer’s discount or incorrectly modifying employee’s salary.

•    Placing incorrect data on company Web site.

•    Cause

•    Improper internal controls on systems.

•    System errors.

•    Faulty recovery actions after a disaster.

• Viruses

• playload

• trojan horses

• worms

• spyware

• adware

• 
  

What are the sources of threats?What types of security loss exists?Incorrect Data Modification

Goal of Information Systems Security•Find appropriate trade-off between risk of loss and cost of implementing safeguards.•Protective actions–Use antivirus software.–Delete browser cookies?–Make appropriate trade-offs to protect yourself and your business.Average Computer Crime Cost and Percent of Attacks by Type (5 most expensive)How should you respond to security threats?Security safeguards and the five components

How can technical safeguards protect against security threats?
Use of multiple firewalls
•Organizations normally use multiple firewalls. Perimeter firewall sits outside organizational network; is first device that Internet traffic encounters.•Packet-filtering firewall examines each part of a message and determines whether to let that part pass. To make this decision, it examines source address,  destination address(es), and other data. Packet-filtering firewalls can prohibit outsiders from starting a session with any user behind firewall, prohibit traffic from legitimate, but unwanted, addresses, such as competitors’ computers, and filter outbound traffic.•No computer should connect to the Internet without firewall protection. Many ISPs provide firewalls for their customers. By nature, these firewalls are generic. Large organizations supplement such generic firewalls with their own. Most home routers include firewalls, and Microsoft Windows has a built-in firewall as well. Third parties also license firewall products.
Malware types and spyware and adware symptoms
How should organizations respond to security incidents?
•Every organization should have an incident-response plan as part of the security program. No organization should wait until some asset has been lost or compromised before deciding what to do.
•The plan should include how employees are to respond to security problems, whom they should contact, the reports to make, and steps to reduce further loss.•Identify critical personnel and their off-hours contact information

Chapter 9: Business Intelligent Systems

How do organizations use business intelligence (BI) systems?

• BI systems are information systems that process operational and other data to identify patterns, relationships, and trends for use by business professionals and other knowledge workers.
• Five standard IS components are present in BI systems: hardware, software, data, procedures, and people.
• The boundaries of BI systems are blurry

• Use BI for all four of the collaborative tasks described in Chapter 2.

Falcon Security could use BI to determine whether it could save costs by rerouting its drone flights.

Typical Uses for BI

•Identifying changes in purchasing patterns

–Important life events change what customers buy.

•Entertainment

–Netflix has data on watching, listening, and rental habits.

–Classify customers by viewing patterns.

•Predictive policing

–Analyze data on past crimes - location, date, time, day of week, type of crime, and related data.

Just-in-Time Medical Reporting

•Example of real time data mining and reporting.

•Injection notification services

–Software analyzes patient’s records, if injections needed, recommends as exam progresses.

•Blurry edge of medical ethics.

What are the three primary activities in the BI process?

• These activities directly correspond to the BI elements in Figure 9-1.
• The four fundamental categories of BI analysis are reporting, data mining, BigData, and knowledge management.
• Push publishing delivers business intelligence to users without any request from the users; the BI results are delivered according to a schedule or as a result of an event or particular data condition. Pull publishing requires the user to request BI results.

Using business intelligence to find candidate parts at Falcon Security

• Identify parts that might qualify.
• Provided by vendors who make part design files available for sale.
• Purchased by larger customers.
• Frequently ordered parts.
• Ordered in small quantities.
• Used part weight and price surrogates for simplicity.

Acuire Data: Extracted Order Data

• Query

Sales (CustomerName, Contact, Title, Bill Year, Number Orders, Units, Revenue, Source, PartNumber)

Part (PartNumber, Shipping Weight, Vendor)

How do organizations use data warehouses and data marts to acquire data?

• Functions of a data warehouse
• Obtain data from operational, internal and external databases.
• Cleanse data.
• Organize and relate data.
• Catalog data using metadata.

Components of a data warehouse

Data Warehouses vs Data Marts

• The data analysts who work with a data warehouse are experts at data management, data cleaning, data transformation, data relationships, and the like. However, they are not usually experts in a given business function.
• A data mart is a subset of a data warehouse. A date mart addresses a particular component or functional area of the business.

How do organizations use reporting applications?

• Create meaningful information from disparate data sources.
• Deliver information to user on time.
• Basic operations:
• Sorting   
• Filtering
• Grouping   
• Calculating 
• Formatting

Unsupervised Data Mining

• No a priori hypothesis or model.
• Findings obtained solely by data analysis.
• Hypothesized model created to explain patterns found.
• Example: Cluster analysis.

Supervised Data Mining

• Uses a priori model.
• Prediction, such as regression analysis.
• Ex: CellPhoneWeekendMinutes

  = (12 + (17.5*CustomerAge)+(23.7*NumberMonthsOfAccount)

  = 12 + 17.5*21 + 23.7*6 = 521.7 minutes

What is the role of knowledge management systems?

• Knowledge Management (KM)
• Creating value from intellectual capital and sharing knowledge with those who need that capital.
• Preserving organizational memory
• Capturing and storing lessons learned and best practices of key employees.
• Scope of KM same as SM in hyper-social organizations.