What is Information Security ?

Protecting organization assets from:

  • Theft
  • Unauthorized access
  • Disclosure
  • Accidental destruction
  • Intentional destruction.
What assets are we protecting ?
  • Employees
  • Software
  • Documentation
  • Networks
  • Information
  • Hardware
  • Facilities
Why are we trying to protect these assets?
  • Personnel safety
  • Due diligence
  • Legal requirements (State, Federal, Local, etc.)
  • Financial loss
  • Loss of the business or service
  • Protect sensitive or confidential information
  • Promote ethical behavior
What are typical Daily Threats to State?

Examples of typical incidents

  • e-mail viruses
  • scans/probes attempts (internal/external users scanning the network for unauthorized access)
  • web defacements attempts
  • Computer Hi-jack attempts (Remote Control/Trojans)
  • Illegal/Inappropriate Activity
  • Copyright violations
  • Pirated software, music, and movies
  • SPAM (sent) – Visiting inappropriate websites (gambling, pornography)