7/A. P1: Explain the different security threats that can affect the IT systems of originations.
7/A.M1: Assess the impact that IT security threats can have on organization's IT systems and business whilst taking account of the principles of information security and legal requirements
In today's society data is a very valuable thing companies have to take in to account how to protect that data from the threats, Threats is a way in which the data is vulnerable and therefore rules and regulations have been put in place to stop these potential threats for example all will have adhere to the principles of information security this is a way in which data is protected, I have been working for a start-up company …show more content…
The purpose is solely to gain information about the target and no data is changed on the target.
Some types of passive threats:
Traffic analysis: This is monitoring internet traffic to build data on who is visiting what website this could be used to lead the user to a malicious website which could make them give out sensitive information to prevent this, the users could use a virtual private network which will prevent the intruder from tracing the user. Encryption: Intercepting encrypted information flows and trying to break the encryption this could be harmful to a business as it could allow corporate information to be compromised to prevent companies to make sure to use secure connections to send information and view that is connected to that secure connection.
Tapping: Monitoring unencrypted communications such as emails or telephone calls this could be dangerous when sensitive information is being sent over an unsecure connection to prevent this use trusted websites and a secure …show more content…
People that buy products or services online need to feel that their financial and personal information they have given to businesses is secure.
Legal consequences of data privacy breaches: A company that stores personal data on their computers systems have a legal obligation to keep that data secure. If personal data is stolen during a cyber-attack and the company can be show to have been negligent in terms of keeping the personal data secure. Then the company could face prosecution under the Data Protection Act and receive a large fine. Malware
With these the attacker can use malware to gain or change data malware is software specifically designed to gain access or damage a computer without the user from knowing there are various types of malware such: