Scribd
Upload
64 views24 pages

EIOT Security History Overview

The document provides an overview of a lesson on security history for enterprise internet of things (EIOT). The lesson covers key topics like the definition of security, risks, threats, and the legal aspects of security policies. The goal is for students to understand security concepts and how policies are created to reduce threats.

Uploaded by

flowerpot321
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
64 views24 pages

EIOT Security History Overview

The document provides an overview of a lesson on security history for enterprise internet of things (EIOT). The lesson covers key topics like the definition of security, risks, threats, and the legal aspects of security policies. The goal is for students to understand security concepts and how policies are created to reduce threats.

Uploaded by

flowerpot321
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Enterprise Internet of Things

(EIOT)
CT121-3-2 & Version VC1

Security History
Topic & Structure of The Lesson

• Security history
• Security Threat

Enterprise Internet of Things Security History


Slide ‹2› of 9 Slide 2 of 23
Learning Outcomes

• At the end of this topic, You should be able


to

 Explain Security
 Identify legal aspect of security

Enterprise Internet of Things Security History Slide 3 of 23


Key Terms You Must Be Able To
Use
• If you have mastered this topic, you should be able to use the following
terms correctly in your assignments and exams:

– Security History
– IoT Security

Enterprise Internet of Things Security History Slide 4 of 23


Lecture Content

i. What is security?
ii. What is risk?
iii. What is Thread?
iv. Security Threats
v. Legal aspect of security

Enterprise Internet of Things Security History Slide 5 of 23


History and Overview of Security

Using one word, explain the growth of


computers and of information technology?

Explosive

Enterprise Internet of Things Security History Slide 6 of 23


History and Overview of Security

What is Security?

Enterprise Internet of Things Security History Slide 7 of 23


History and Overview of Security

• Security can be defined as:


– The state of being free from danger and not exposed
to damage from accidents or attack, or it can be
defined as the process for achieving that desirable
state.

• The objective of information system security is to


optimize the performance of an organization with respect
to the risks to which it is exposed.

Enterprise Internet of Things Security History Slide 8 of 23


History and Overview of Security

• What is Risk?
• Risk is defined as the chance of injury, damage,
or loss. Thus, risk has two elements:

(1) chance—an element of uncertainty


(2) loss or damage.

Enterprise Internet of Things Security History Slide 9 of 23


History and Overview of Security

The evolution of information systems


has:
• Caused a parallel evolution of Information
System Security (ISS)
• Increased the importance of anticipating the
impact of technical changes yet to come.

Enterprise Internet of Things Security History Slide 10 of 23


History and Overview of Security

What is Threat?
• What we are trying to protect against, e.g. data,
Information and etc.
• In computer security, a threat is a possible danger
that might exploit a vulnerability to
breach security and therefore cause possible
harm.

Enterprise Internet of Things Security History Slide 11 of 23


Security Threats
Intentional vs. unintentional

• Accidents
– Work related accidents
• Human errors
– Theft, lost, improper documentation
• Natural disasters
– Fire, flood, earthquakes
• Crime
– Civil, economic, white collar, street, cyber
Financial crime by banks, tax evasion, etc. (e.g.
embezzlement – theft the funds belong to other employer)

Enterprise Internet of Things Security History Slide 12 of 23


Security Threats (cont.)
• Environment disaster
– Nuclear accidents, terrorism, radiological
• Civil liability
– Individual was harmed through the action/inaction of
another.
– E.g. murder responsible to pay damages to the surviving
family.
• Abuse
– Drugs, riot
e.g. driving under the influence of alcohol or drugs.
e.g. a violent offense against public order involving three or
more people.

Enterprise Internet of Things Security History Slide 13 of 23


Legal Aspect of Security

An Internet of Things policy (IoT policy) is a document that


provides a comprehensive guide to help an organization promote
the development of the IoT and/or deal with the complex issues
related to that development.

Policies are created to reduce threats:

– Security Policies
– Technical Policies
– End User Policies

Enterprise Internet of Things Security History Slide 14 of 23


Legal Aspect of Security

Security Policies

• Written document in an organization outlining how to


protect the organization from threats, including computer
security threats, and how to handle situations when they
do occur.

• E.g. Memory sticks and other portable media must be


encrypted or have password protection when sensitive
data is being transported outside secure offices.

Enterprise Internet of Things Security History Slide 15 of 23


Legal Aspect of Security
Technical Policies

• Polices that allow or deny users from doing something,


polices that configures system.

• Related to technical implementation of security related to


specific services, such as use of e-mail. It can be
defined as operations of spam filters or the
Adding/deletion of spam email addresses.

• E.g. Email and internet use will be governed in accordance


with the Email and Internet policy.
Enterprise Internet of Things Security History Slide 16 of 23
Legal Aspect of Security
End-User Policies

• The user understands their obligation on accessing


network resources and services.

• E.g. users who have access to network, must not leave


their computers logged in when they leave their desk.

• E.g. they should not pass on their credentials (i.e. user


name and password) to any others apart from, when
requested by a system administrator.

Enterprise Internet of Things Security History Slide 17 of 23


Question 1

• You work in a highly secured company where


data cannot be brought out from the company by
any electronic devices.

• Write a company policy in a short sentence.

Enterprise Internet of Things Security History Slide 18 of 23


Defense in Network Model

Enterprise Internet of Things Security History Slide 19 of 23


Summary

• History and Overview of Security


• Users, Systems and Data
• Security Threats
• Security Policies

Enterprise Internet of Things Security History Slide 20 of 23


Quick Review Question

• Briefly describe security


• Explain legal aspect of security

Enterprise Internet of Things Security History Slide 21 of 23


Summary of Main Teaching Points

• Security history

Enterprise Internet of Things Security History Slide 22 of 23


Question and Answer Session

Q&A
Enterprise Internet of Things Security History Slide 23 of 23
What we will cover next class

• Chapter 2
Security history

Enterprise Internet of Things Security History Slide 24 of 23

You might also like