Information System Security: An Overview of Emerging Threats and Controls
Autor: nitin.juneja • March 10, 2012 • Research Paper • 1,371 Words (6 Pages) • 2,076 Views
Running Head-Information Systems: Threats and Controls
Information System Security: An Overview of Emerging Threats and Controls
Nitin Juneja
Oklahoma Christian University
Abstract
The term “system security threats” refers to the acts or incidents that can and will affect the integrity of business systems, which in turn will affect the reliability and privacy of business data. Most organizations are dependent on computer systems to function, and thus must deal with systems security threats. This paper identifies and explains the set of top network, host and application layer threats and describes the countermeasures that are appropriate to address each threat. It also explains common attacker methodology and a series of common attacks. The following information will also help understand and categorize threats in preparation for performing threat modeling. While you can mitigate the risk of an attack, you do not mitigate or eliminate the actual threat. Threats still exist regardless of the security actions you take and the countermeasures you apply. The reality in the security world is that you acknowledge the presence of threats and you manage your risks. Threat modeling can help us manage and communicate security risks across our team.
When we incorporate security features into our application's design, implementation, and deployment, it helps to have a good understanding of how attackers think. By thinking like attackers and being aware of their likely tactics, one can be more effective when applying countermeasures.
Information System Security: An Overview of Emerging Threats and Controls
1. Introduction
Computer systems are vulnerable to many threats that can inflict various types of damage resulting in significant losses. This damage can range from errors harming database integrity to fires destroying entire computer centers. The term “system security threats” refers to the acts or incidents that can and will affect the integrity of business systems, which in turn will affect the reliability and privacy of business data.
2. Categories of threat and their countermeasures
Threats faced by the application can be categorized based on the goals and purposes of the attacks.
2.1 STRIDE Threats and their Countermeasures
• Spoofing.
...