Computer Crime and Information Technology Security

Basic principles

confidentialtiy

data integrity

availability

Physical security controls

locks

security guards

badges

alarms

Administrative security controls

security policies and procedures

security awareness and training

adequate superision of employees

security reviews and audits

Technical security controls

firewalls

encryption

access control software

antivirus software

Script kiddies

Hackers

Cyber-criminals

Organized crime

Corporate spies

Terrorists

Insiders

7 information criteria

Effectiveness

Efficiency

Confidentiality

Integrity

Availability

Compliance

Reliability of information

Accountability Framework

Stakeholders

Board of Directors

IT and information security management

Internal audit

External audit

Audit committee

Fraud

Error

Service interruption and delays

Disclosure of confidential information

Intrusions

Information theft

Information maniputlation

Malicious software

Denial-of-service attacks

Web site defacements

Extortion