Threats to Information System
Threats to Information System
Anything which has the potential to cause harm to the information system is called a Threat. Threats exploit the vulnerability of the information systems by breaching the security and provide a clear idea of how to make a system more secure and efficient. In other words, we can say that a threat is anything that can disrupt the operation, functioning, integrity, or availability of a network or system.
Vulnerabilities
Vulnerability is an inherent weakness in the design, configuration, or implementation of a network or system that renders it susceptible to a threat. Most vulnerability can usually be traced back to one of three sources:
1. Poor Design
Hardware and software systems that contain design flaws that can be exploited. In essence, the systems are created with security holes.
2. Poor Implementation
Systems that is incorrectly configured, and therefore vulnerable to attack. This type of vulnerability usually results from inexperience, insufficient training, or sloppy work.
3. Poor Management
Inadequate procedures and insufficient balances. Security measures cannot operate in a vacuum; they need to be documented and monitored. Even something as simple as the daily backup of a system needs to be verified. There also needs to be delineation of responsibility for some functions and dual custody for others.
In this manner, an organization can ensure that procedures are being followed and that no one person has total control of a system.
Identification
Identification is simply the process of identifying one’s self to another entity or determining the identity of the individual or entity with whom we are communicating.
Availability
This refers to whether the network, system, hardware, and software are reliable and can recover quickly and completely in the event of an interruption in service. Ideally, these elements should not be susceptible to denial of service attacks.
Attack
The use or exploitation of vulnerability. This term is neither malicious nor benevolent. A bad guy may attack a system, and a good guy may attack a problem.
Attacker
The person or process that initiates an attack. This can be synonymous with threat.
Exploit
The instantiation of vulnerability; something that can be used for an attack. A single vulnerability may lead to multiple exploits, but not every vulnerability may have an exploit.
Target
The person, company, or system that is directly vulnerable and impacted by the exploit. Some exploits have multiple impacts, with both primary targets and secondary targets.
Attack Vector
The path from an attacker to a target. This includes tools and techniques.
Defender
The person or process that mitigates or prevents an attack.
Compromise
The successful exploitation of a target by an attacker.
Risk
A qualitative assessment describing the likelihood of an attacker/threat using an exploit to successfully bypass a defender, attacks a vulnerability, and compromise a system.
Threats models are used for optimizing information security and the security of systems. A good threat model exploits the vulnerability of the system and the information and in this way we get a clear idea of what are the weak points of the system that are vulnerable to attacks and we can build a secure and efficient system.
Right Understanding
Right Understanding We all know that the Human Desire is to be in continuous happiness which is the need of I (self). But do you know, from where Continuous happiness will come? No, right! So continuous happiness is to be in Right Understanding, Right Feeling, and Right Thought that is Activity of I (Self). Do…
Where We Are
Where We Are (Self-Evolution) We exist as human being. We want to live a fulfilling life. We have some desires and we have some programs for the fulfilment of it. We need to understand our basic aspiration and program for its fulfillment correctly and comprehensively. Only then, we can ensure fulfillment. We should explore ourselves…
Highway Construction
Highway Construction Embankment Construction Materials and General Requirements The materials used in embankments, subgrades, earthen, shoulders, and miscellaneous backfills shall be soil, moorum, gravel, a mixture of these. Clay having liquid limit exceeding 70 and plasticity index exceeding 45; shall be considered unsuitable for embankment. Sub-grade and top 500mm portion of the embankment just below…
Special Concretes
Special Concretes Concrete is most vital material in modern construction. In addition to normal concrete, other varieties in use are, high strength and high-performance concrete, self-compacting, lightweight, high density, fiber reinforced, polymer, colored concrete, etc. The making of concrete is an art as well as a science. Special types of concrete are those with out-of-the-ordinary…
Marketing Practices
Marketing Practices Success in the world of business, no matter how you earn it, you have to rule on the marketplace. Although luck plays a role in the outcome of the market strategies. In the business decisions, there should be the understanding of market otherwise the failure will take place by the marked decisions. While…
Risk Analysis
Risk Analysis The risk that remains after the implementation of controls is called the residual risk. All systems will have residual risk because it is virtually impossible to completely eliminate risk to an IT system. In other words, we can say that there are two main parts of the security risk analysis known as Quantitative…
Recent Comments