Open in app

Sign in

Write

Sign in

Introduction to Information Security

Ammar Javed
4 min readApr 23, 2022

--

Introduction to Information Security

The protection of information and information systems from unauthorized access, use, or disruption.”‏

The History of Information Security

  • Begun immediately after the development of the first mainframes.
  • Designed to do code-breaking calculations.
  • During the Second World War.
  • Multiple tiers of security were put in place.
  • Controls on the physical level.
  • Helping to fight physical theft, espionage, and sabotage.

The 1960s

  • Mailing tapes were used for original communication.
  • ARPA (Advanced Research Project Agency) investigated the viability of redundant networked communications.
  • Larry Roberts was the architect of the ARPANET from its conception.
  • Connect computers.
  • Sharing of resources.
  • 17 Computer Research Centers are linked together.
  • It cost 3.4 million dollars.
  • ARPANET is the Internet’s predecessor.

The 1970s and 80s

  • ARPANET’s popularity grew.
  • The potential for abuse increased.
  • ARPANET security has fundamental flaws.
  • Individual remote sites were vulnerable to illegal access.
  • Password structure and format vulnerabilities
  • There have been no safety protocols in place for dial-up ARPANET connections.
  • There is no user identity or authorization to the system.
  • R-609 Rand Report
  • The paper that sparked the interest in computer security
  • The scope of computer security has expanded beyond physical security to include:
  • Data security
  • Preventing illegal data access
  • Involvement of individuals from various levels of an organization

The 1990s

  • Computer networks become more common.
  • The need for network interconnection has increased.
  • The Internet was the first instance of a worldwide network of networks.
  • Initially, de facto standards were used.
  • Security was a low priority in early Internet deployments.

2000 to Present

  • Millions of computer networks connect with one another.
  • Many of the communications are unencrypted.
  • The ability of a computer to protect its data is impacted by the security of every computer to which it is linked.
  • The growing threat of cyber attacks has raised the demand for enhanced security.

What is Security?

The characteristic or state of being safe, absence of risk. In actuality, 100% security is impossible to achieve.
A successful business should have several levels of security in place, including:

  • Physical security
  • Operational security
  • Communication security
  • Network security
  • Information security

People have long attempted to protect their assets. Most records, such as credit cards, online banking, travel cards, and video-on-demand, are now electronic. Protecting information from harmful or unintentional access is critical right now.

Why is Security Important?

Everyone, by nature, wants to protect their future. Organizations and governments have a wealth of information that is important to their activities. The loss of this information to third party results in the waste of whole investments and years of effort. This may need a restart of their activities, potentially with a new way of thinking.

The major purpose of security is to secure valuable business information. We must ask ourselves, Can we risk disclosing user information that we hold or have access to? If the answer is “no,” we’ve utilized basic Risk Management to establish the necessity for security. The rate at which we develop new technology is also a source of concern for security.

What if You Do Not Care About Security?

At this moment, no person or business can afford to neglect or take its own security lightly. If you don’t care about security, your very survival will be risked. We have seen or heard of cases of hackers gaining access to financial accounts and beginning transactions, as well as hackers gaining access to computer systems.

Phishing attacks are common, as are cases of credit or debit card cloning. Social engineering attacks, in which attackers befriend someone and then exploit the information, are becoming more widespread. Exploiting technological flaws in apps, protocols, web browsers, web servers, or utilities is another well-known phenomenon.

How well is information secured?

Not very good. The majority of the time, there is a false sense of security.

Typical Security Breach Cases

  • In 2007, HMRC loses (unencrypted) CDs holding personal information for 25 million people.
  • In 2013, Hackers get access to 40 million Target customers’ details, including credit card information.
  • In 2013, Sony’s PlayStation Network was breached, and around 100 million customer details (including credit card information, e-mail addresses, and passwords) were obtained.
  • In 2014, Hackers steal 21 million people’s personal information from the Office of Personnel Management.

What is Information Security?

Information security protects sensitive data against illegal access, alteration, interruption, or destruction. Information security is concerned with assuring the following:

Basic Principles of Information Security

Confidentiality:
Confidentiality limits access to information. Only those who are authorized should be able to access information.
As an example of confidentiality, consider losing discs containing sensitive data.

Integrity:
Integrity prevents unauthorized data change.
As an example of integrity, consider students breaking into a university computer and changing grades.

Availability:
Availability refers to ensuring that information is available when requested by an authorized person.
As an example of availability, consider a system that has been destroyed by a natural disaster.

Components of Information System

  • People
  • Hardware
  • Networks
  • Software
  • Data
  • Procedures

Information Security as Art

There are no hard and fast guidelines for installing various security methods.

Information Security as Science

Understanding and measuring the risk associated with information security risks requires a scientific basis and analytic methodologies.

Information Security as Social Science

Interacting with the system, whether knowingly or accidentally, is an important aspect of information security, as are the people in the organization.

What are Threats?

A threat is a person or entity that can do you damage. A threat might be malicious or malignant in nature.
Malicious: with the intention of hurting you.
Malignant: dangerous, yet with no intent to hurt you.

What is Vulnerability?

A vulnerability is a flaw that allows a threat to take advantage of you.

What is Risk?

Risk evaluates your exposure to danger.

Information Security
Cybersecurity
Ammarjaved

--

--

Ammar Javed

Written by Ammar Javed

21 Followers

I possess a unique combination of skills in web, desktop, and mobile apps. I am a strategic thinker and have problem-solving abilities. #FlutterDeveloper

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams