the third landscape refers to the overall landscape or environment in which threats to
information systems and data exists it encompasses the various type of threats their sources
methods and potential impact on organizations security posture so the threat landscape is
constantly evolving as a new vulnerabilities are discovered and
threat actors adapt their tactics so understanding the threat landscape is crucial for
organizations to assess risk and Implement appropriate measures and respond effectively to
emerging threats
so here are the key elements of the threat landscape so first we have the
threat actors- these are individuals, groups or organizations that pose a threat to information
systems and data they can include hackers, cyber criminals, nation states insiders, hacktivists,
or even unintentional threats caused by human error each threat actor may be different motives
may have different motives capabilities and targets
next one is attack vectors- attack vectors are paths or means through which threat threats
exploit vulnerabilities in Information Systems this can include the phishing emails, social
engineering, malware infections, Network attacks, software vulnerabilities, or physical attacks
understanding the various attack vectors health organizations to identify potential weaknesses
and Implement appropriate countermeasures so some of these terms may be familiar already
as it was discussed already in the previous subject
Here are some examples of attack vectors:
Malware- Viruses, worms, trojans, and ransomware can infect systems through email
attachments, malicious websites, or compromised software.
Social engineering
Techniques like phishing, pretexting, baiting, and tailgating exploit human psychology
to gain access.
Active attacks
Methods that disrupt or alter system operations, such as distributed denial-of-service
(DDoS) attacks.
Passive attacks
Techniques that gain access without affecting system resources, such as phishing and
email spoofing.
The combination of all attack vectors available to an attacker is called the attack
surface. Organizations can reduce their attack surface by eliminating attack vectors
wherever possible
�we have malware and malicious software- so this refers to malicious software designed to
disrupt damage or gain an authorized access to computer systems or data so this includes the
viruses worms Trojans ransomware spyware and other forms of malicious code the thread
landscape includes the analysis of emerging strains their distribution methods and potential
impact on systems
Types of Malware:
Adware is unwanted software designed to throw advertisements up on your screen,
most often within a web browser. Typically, it uses an underhanded method to either
disguise itself as legitimate, or piggyback on another program to trick you into installing it
on your PC, tablet, or mobile device.
Spyware is malware that secretly observes the computer user’s activities without
permission and reports it to the software’s author.
A virus is malware that attaches to another program and, when executed—usually
inadvertently by the user—replicates itself by modifying other computer programs and
infecting them with its own bits of code.
Worms are a type of malware similar to viruses. Like viruses, worms are self-replicating.
The big difference is that worms can spread across systems on their own, whereas
viruses need some sort of action from a user in order to initiate the infection.
A Trojan, or Trojan horse, is one of the most dangerous malware types. It usually
represents itself as something useful in order to trick you. Once it’s on your system, the
attackers behind the Trojan gain unauthorized access to the affected computer. From
there, Trojans can be used to steal financial information or install other forms of
malware, often ransomware.
Ransomware is a form of malware that locks you out of your device and/or encrypts your
files, then forces you to pay a ransom to regain access. Ransomware has been called
the cybercriminal’s weapon of choice because it demands a quick, profitable payment in
hard-to-trace cryptocurrency. The code behind ransomware is easy to obtain through
online criminal marketplaces and defending against it is very difficult. While ransomware
attacks on individual consumers are down at the moment, attacks on businesses are up
365 percent for 2019. As an example, the Ryuk ransomware specifically targets high-
profile organizations that are more likely to pay out large ransoms. For more, check out
the Malwarebytes Labs Ransomware Retrospective.
Rootkit is a form of malware that provides the attacker with administrator privileges on
the infected system, also known as “root” access. Typically, it is also designed to stay
hidden from the user, other software on the system, and the operating system itself.
A keylogger is malware that records all the user’s keystrokes on the keyboard, typically
storing the gathered information and sending it to the attacker, who is seeking sensitive
information like usernames, passwords, or credit card details.
� Malicious crypto mining, also sometimes called drive-by mining or crypto jacking, is an
increasingly prevalent malware usually installed by a Trojan. It allows someone else to
use your computer to mine cryptocurrency like Bitcoin or Monero. So instead of letting
you cash in on your own computer’s horsepower, the crypto miners send the collected
coins into their own account and not yours. Essentially, a malicious crypto miner is
stealing your resources to make money.
Exploits are a type of malware that takes advantage of bugs and vulnerabilities in a
system in order to give the attacker access to your system. While there, the attacker
might steal your data or drop some form of malware. A zero-day exploit refers to a
software vulnerability for which there is currently no available defense or fix.
vulnerabilities- so these are weaknesses or flaws in software Hardware or system configurations
that can be exploited by threat actors so these vulnerabilities can result from programming
errors misconfigurations outdated software or unpatched systems monitoring and understanding
vulnerabilities in the threat landscape can help organizations prioritize patching and security
updates
Vulnerabilities can be classified into six broad categories:
1. Hardware- Any susceptibility to humidity, dust, soiling, natural disaster, poor encryption, or
firmware vulnerability.
2. Network- Unprotected communication lines, man-in-the-middle attacks, insecure network
architecture, lack of authentication, default authentication, or other poor network security.
3. Personnel- Poor recruiting policy, lack of security awareness and training, poor adherence to
security training, poor password management, or downloading malware via email attachments.
then we have advanced persistent threats so these are sophisticated targeted attacks launched
by well-funded and highly skilled threat actors these attacks often / a long-term presence within
a target targeted system or Network with the intention of stealing data conducting spoilage or
achieving other malicious objectives so these are a significant concern in the threat landscape
as they can evade traditional security measures and remain undetected for extended periods
then we have emergent the threats landscape is dynamic with new threats continuously
emerging the scan include a new attack technique zero day vulnerability um evolving malware
or emerging technologies that introduce new security challenges taking a risk of emerging
threats is crucial to organizations to proactively adapt their security measures
then we have industry-specific threats- certain industries May face specific threats and risks
for example financial institutions may be targeted for financial fraud or theft while um Healthcare
organizations May face threats related to Patient data breaches understanding industry-specific
threats allows organizations to tailor their security strategies accordingly then
we have geopolitical factors the threat landscape can be influenced by geopolitical factors such
as Nation State cyber warfare political tensions or conflicts nation-state actors May engage in
�cyber Espionage sabotage or disruption of critical infrastructure leading to a more complex and
heightened threat landscape you've seen these cases in movies and most of this actually exists
monitoring and analyzing the threat landscape enables organizations to assess their risk as
exposure identify potential vulnerabilities and Implement security controls by staying Vigilant
and proactive organizations can better protect their information systems and data from evolving
threats in the dynamic threat landscape security breaches can have significant and far-reaching
impact on organizations individuals and society as a whole here are some common impacts of
security breaches
first we have Financial losses security breaches can result in substantial Financial losses for
organizations these losses can stem from various factors including the cost associated with
incident response investigation and legal actions system restoration customer compensation
and damage to organization's reputation in some cases Financial impact can be severe enough
to cause long-term damage or even bankruptcy for the affected organization damage to
reputation security breaches can erode trust and damage the reputation of organizations when
customers partners and stakeholders learn about the bridge they may lost they may lose
confidence in the organization's ability to protect their data their loss of trust can lead to a
decline in Customer Loyalty this decreased sales and potential business relationships being
severed Regulatory and legal consequences security breaches can trigger legal and Regulatory
consequences especially if sensitive or personal information is compromised organizations May
face fines penalties and legal actions for failing to protect customer data in accordance with
applicable laws and regulations such as data protection and privacy laws compliance with these
regulations becomes critical to mitigate legal risks then we have identity theft and fraud if
personal information is compromised in a security breach it can lead to identity
theft and fraud cyber criminals can use stolen personal information to conduct fraudulent
activities such as opening an authorized accounts making an authorized transactions or
committing financial fraud this can be sought in financial loss damaged credit score s and
significant personal hardship for the individual individuals affected we also have operational
disruptions so security breaches can disrupt an organization's operations causing downtime
system and availability or impaired functionality you may recall
08:14
the case of globe and land bank for some cases were in the operation were disrupted because
of some issues on security Bridge this can lead to productivity losses delays in business
processes and customer dissatisfaction in some organizations may need to suspend operations
temporarily to address the bridge resulting in further Financial losses and reputational damage
loss of intellectual property Bridges can lead to the theft or exposure of valuable intellectual
property Trade Secrets or proprietary information
09:00
this can have severe consequences for organizations particularly in Industries relying heavily on
Innovation and competitive Advantage these loss of intellectual property can result in reduced
Market position decreased revenue and diminished Competitive Edge psychological and
emotional impacts security security breaches can have a psychological and emotional impact on
�individuals whose personal information is compromised victims may experience stress anxiety
fear and a sense of violation due to invasion of privacy
09:43
restoring trust and providing support to affected individuals becomes crucial for organizations
and we have social economic consequences large-scale security breaches can have broader
social economic consequences they can lead to a loss of public trust and digital and online
services negatively impacting the overall digital economy consumers may become reluctant to
engage in online transactions undermining e-commerce growth and digital transformation efforts
it is important for organizations to
10:26
recognize the potential impact of security breaches and take proactive measures to prevent
detect and response respond to such incidents implementing robust security measures
conducting risk assessments training employees on security best practices and having an
incident response plan can mitigate the potential impacts of security breaches so this is very
important for organizations to realize the impact of possible security breaches without such they
may not address well the incident that that might happen
11:08
several Frameworks and standards exist to guide organizations in implementing effective
information assurance practices these Frameworks provide a structured approach to managing
information security and ensuring the confidentiality integrity and availability of information here
are some prominent information assurance Frameworks and standards you could also consider
one of these in your Capstone project this ensures the availability of security measures in your
system first we have the iso ISC 27001
11:49
this standard is an international standard that provides a systematic approach to managing
information security it outlines a comprehensive information security management system that
includes policies procedures controls and risk management processes the standard focuses on
establishing a framework for managing security risk and protecting valuable information asset
we also have cyber security framework this one is developed by the National Institute of
Standards and technology in the US it offers a risk-based approach
12:26
to managing cyber security it provides organizations with a set of guidelines standards and best
practices for assessing and improving their cyber security posture the framework compromises
five the core functions which are identity protect detect respond and recover we also have gobit
or the control objectives for information and related Technologies cobit is a framework
developed by isaka or information systems audit and control associations that provides a
governance and management framework for it processes it
13:05
offers guidance on aligning it activities with business objectives and ensuring the effective use
of it resources so it includes control objectives management guidelines and maturity model to
assess and improve it governance and control we have next CIS controls CIS is a center for
�Internet Security these are a set of best practices for cyber security developed by a community
of experts they provide a prioritized list of security actions that organizations can take to
enhance their security posture the controls over
13:48
various aspects of cyber cyber security include Asset Management Access Control incident
response and security awareness training next we have ethyl or information technology
infrastructure Library this is a widely adapted framework for IT service management although it
is not solely focused on information assurance it includes guidance on managing and delivering
security ID services it will provides a comprehensive set of best practices for services strategy
design transition operation and continual service improvement
14:28
next we have Suns Sun's critical security controls are a prioritized set of security measures
designed to defend against common attack vectors they provide specific recommendations for
implementing technical control and security best practices to protect Information Systems then
we have pcid SS or a payment card industry data security standard pcid SS is a security
standard developed by major credit card companies to protect card holder data it applies to
organizations that handle process or store payment card information
15:15
PCI DSS provides a set of requirements for securing payment card data including network
security access controls encryption and regular security testing these Frameworks and
standards serve as a valuable references for organizations seeking to establish a robust
information assurance program they provide guidance on risk management security controls
compliance requirements and best practices for protecting information assets organizations can
adapt and adapt these Frameworks based on their specific
15:54
needs industry requirements and regular obligations so you could actually choose among these
as a framework for your security feature as I mentioned earlier focus on the term applicability
because it would matter in your choice of framework okay so we come now to the last part of
this lesson which is to summarize the key points discussed so first we have information
assurance is the discipline that focuses on safeguarding information and ensuring its availability
Integrity confidentiality and non-repudiation
16:38
so in today's internet interconnected Digital World the security and protection of information are
of Paramount importance information assurance and Compasses policies procedures
Technologies and practices designed to protect information from authorized access disclosure
alteration and destruction then we have the importance also discussed in this lesson the
importance of information assurance is evident in the degree the increasing Reliance on
Information Systems the proliferation of sensitive data the evolving threat
17:14
landscape and legal and regulatory requirements next we have four organizations information
assurance is crucial for protecting sensitive data ensuring business continuity and complying
�with regulations and standards individuals also benefit from information assurance by protecting
personal data preserving privacy and mitigating risks associated with digital Technologies
unless we have understanding information assurance empowers individuals and organizations
to make informed decisions adapt security practices and mitigate
17:53
the risk associated with cyber threats okay so we come now to the part where you will be giving
your participation in the class so I will be assigning a task which you will be doing within this
week for a submission okay so the test is write a research paper analyzing notable security
breaches that have occurred in various companies identify a company that have experienced
significant security breach in recent years conduct in-depth research and provide a
comprehensive analysis of each breach so you will be guided by this
18:38
information that must be available in your paper I use the term research paper because you will
be researching for information about this topic this is not actually a journal and legal article or
research paper project per se okay so your paper should include the company background and
Industry context all of these are available in the internet so don't worry much about this you will
not be going into actual companies to get information all of these are available online because
all of this are documented
19:14
next is the date and scope of the security breach uh third attack vector and Method employed
by the hackers impact and consequences of the bridge on the company and its stakeholders
response and mitigation measures taken by the company Lessons Learned From the bridge
and recommendations for improving security practices so this information must be available on
your paper so for submission you will submit your individual work through Vu LMS for our
course where you were recently added to ensure that each
19:56
student would get a unique case a topic from the indicators discussed here will be assigned my
purpose for doing this uh unique cases is for us to cover all the necessary components
necessary necessary Concepts in information assurance before we dwell into the application of
this um information assurance and security measures so our due date is June 16 2023. um I've
mentioned this before that this is a summer term so we'll be doing everything fast we have
enough time to do this okay so ju is June 16 2020 that's tomorrow so
20:42
for the presentation create a simple slide presentation summarizing the content of your
submission focusing on the topic assigned so you will be presenting this in class and you will be
given 10 minutes to discuss the topic um okay let's just make it simple again uh our purpose is
to learn from these cases so let's be comfortable sharing this information because if I will be
discussing each of these topics one by one we won't be able to cover everything all we could do
is just to present uh or all that I could do is introduce the
21:20
�matter uh I believe that if you've actually analyzed the case you would learn more so if each one
of you would be doing that and sharing that in class so we'll get um a deeper understanding of
each of these cases and again the the main purpose of this is for you to get an idea on how this
would be implemented in your Capstone project
Damage to Reputation: The Impact of Security Breaches
When a company or organization experiences a security breach, one of the most significant
and long-lasting impacts can be the damage to its reputation. While the immediate effects of a
�breach, such as financial losses or data theft, are often the first to be noticed, the damage to
reputation can be far more devastating in the long run.
Here's how a security breach can harm a company's reputation:
1. Loss of Trust with Customers
Consumer Trust is essential for any business. When customers feel that their personal
or financial data is compromised, they may lose trust in the company’s ability to protect
their information. For example, breaches like the Equifax data breach in 2017, which
exposed the personal data of millions of people, caused significant distrust in the
company.
Impact: Customers may stop doing business with the company or move to competitors.
They may also share negative experiences on social media, further damaging the
company’s image.
2. Negative Media Attention
When a breach happens, it’s often covered by news outlets, especially if the attack
affects large numbers of people or organizations. This media coverage tends to focus on
the vulnerabilities that allowed the breach to happen and the company's failure to protect
data.
Impact: Continuous media attention can erode public perception of the company’s
competence, and the story can dominate headlines for weeks or even months, lingering
in the public consciousness.
3. Public Perception of Carelessness or Negligence
A breach can make an organization appear negligent in its handling of sensitive
information or lax in its security practices. This can create a perception that the company
doesn’t care about the security of its customers, employees, or stakeholders.
Impact: People expect businesses to take cybersecurity seriously. When they don’t, it
can hurt not only the company’s reputation but also its brand value and future growth
prospects. Consumers and investors may view the organization as untrustworthy,
especially if the breach was preventable with basic security measures.
4. Long-Term Brand Damage
Rebuilding a damaged reputation can take years, especially if the company fails to act
quickly or transparently after a breach. Customers and potential business partners may
be wary of doing business with a company that has experienced a significant data
breach.
Impact: The company may face reduced sales, difficulty attracting new customers, or
even a loss of business partnerships. Competitors may capitalize on the breach to
highlight their superior security measures.
5. Regulatory and Legal Repercussions
In many cases, data breaches also lead to legal actions or regulatory penalties,
especially if sensitive customer data (such as financial information or healthcare records)
� was exposed. For example, the General Data Protection Regulation (GDPR) in
Europe imposes significant fines for breaches involving personal data.
Impact: Legal costs, fines, and settlements can further harm the company’s reputation.
The company may be forced to publicly disclose the breach, which adds to the damage
to its public image.
6. Loss of Competitive Advantage
A strong reputation is often a competitive advantage in the market. A security breach
can significantly undermine this advantage, particularly for businesses that rely on trust,
such as financial institutions, healthcare organizations, or tech companies that manage
user data.
Impact: Companies in competitive markets may see customers switch to rivals that they
perceive as more trustworthy, especially if those rivals have not been involved in data
breaches. A breach may diminish the company’s competitive edge and impact future
growth prospects.
7. Impact on Stock Prices
Publicly traded companies often experience a drop in stock value following a breach.
The drop can be significant, as investors may perceive the company as being vulnerable
or at risk of future breaches, especially if it is perceived as not taking proper security
measures.
Impact: The company’s financial position could be weakened, affecting investor
confidence and shareholder trust. This may also affect the company’s ability to secure
future investment or loans.
