Chapter 8
Securing Information
Systems
VIDEO CASES
Case 1: Stuxnet and Cyber Warfare
Case 2: Cyber Espionage: The Chinese Threat
Case 3: UBS Access Key: IBM Zone Trusted Information Channel
Instructional Video 1: Sony PlayStation Hacked; Data Stolen from 77 million users
Instructional Video 2: Zappos Working To Correct Online Security Breach
Instructional Video 3: Meet the Hackers: Anonymous Statement on Hacking SONY
6.1
Copyright © 2014 Pearson Education, Inc.
�Management Information Systems
Chapter 8: Securing Information Systems
Learning Objectives
• Explain why information systems are
vulnerable to destruction, error, and abuse.
• Describe the business value of security and
control.
• Describe the components of an organizational
framework for security and control.
• Describe the tools and technologies used for
safeguarding information resources.
8.2
Copyright © 2016 Pearson Education Ltd.
�Management Information Systems
Chapter 8: Securing Information Systems
“MiniDuke” Exposes EU Cybersecurity Gaps
• Problem: Massive data breach; new sandboxevading techniques
• Solution: Initiative to implement a common
cybersecurity strategy.
• Demonstrates the lack of a centralized approach to
cybersecurity that leaves nations vulnerable to
national security breaches
8.3
Copyright © 2016 Pearson Education Ltd.
�Management Information Systems
Chapter 8: Securing Information Systems
System Vulnerability and Abuse
• Security:
– Policies, procedures, and technical measures used to
prevent unauthorized access, alteration, theft, or
physical damage to information systems
• Controls:
– Methods, policies, and organizational procedures
that ensure safety of organization’s assets; accuracy
and reliability of its accounting records; and
operational adherence to management standards
8.4
Copyright © 2016 Pearson Education Ltd.
�Management Information Systems
Chapter 8: Securing Information Systems...