Security threat

       

                      Security threat



Computer security, also known as cybersecurity or security of information technologies, is the area related to computer science and telematics that focuses on the protection of the computer infrastructure and everything related to it and, especially, the information contained in it. a computer or circulating computer networks.1 For this there are a series of standards, protocols, methods, rules, tools and laws designed to minimize potential risks to infrastructure or information. Cybersecurity includes software (databases, metadata, files), hardware, computer networks and everything the organization values ​​and means a risk if this confidential information reaches the hands of other people, becoming, for example, privileged information.

The definition of information security should not be confused with that of "computer security", since the latter only deals with security in the computer environment, but the information can be found in different media or forms, and not only in media computer

Computer security is the discipline that is responsible for designing standards, procedures, methods and techniques aimed at achieving a safe and reliable information system.

Put simply, security in a network environment is the ability to identify and eliminate vulnerabilities. A general definition of security must also pay attention to the need to safeguard organizational advantage, including information and physical equipment, such as the same computers. No one in charge of security must determine who and when can take appropriate actions on a specific item. When it comes to the security of a company, what is appropriate varies from organization to organization. Regardless, any company with a network should have a security policy that addresses convenience and coordination.

 Imagen relacionada

Security threat– any action/inaction that could cause disclosure, alteration, loss, damage or unavailability of a company’s/individual’s assets

 

There are three components of threat: 

 Targets: organization’s asset that might be attacked  information (its confidentiality, integrity, availability), software, hardware, network service, system resource, etc.

Agents: people or organizations originating the threat – intentional or non-intentional  employees, ex-employees, hackers, commercial rivals, terrorists, criminals, general public, customers  


Events: type of action that poses the threat  misuse of authorized information, malicious / accidental alteration of information, malicious / accidental destruction of information, etc.


https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-executive-summary-en.pdf
https://www.youtube.com/watch?v=dVW1FNWSaTg

Comentarios