Category Archive Beginner

ByJayanthi

Don’t cry….

….just remain vigilant about security issues surrounding you! The ‘Wanna Cry’ ransomware is the talk of the world having affected 150 countries including India, Spain, Britain, parts of Europe and crippling 2,00,000 systems globally.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Definition: Risk analysis

Risk analysis is a tool to implement risk management. Before we go onto see the definition of risk analysis, recall that a vulnerability is “weakness” in the system and the “risk” is the threat agent exploiting the vulnerability.

Some examples of the three concepts working together are when a vulnerability like an unpatched application is exploited by a threat agent like a malicious user to create risk. This risk can only be reduced by applying the patch to the application.

Risk analysis is done by the following steps:

a. understanding the vulnerabilities within the organization

b. assessing the value of the assets in the organization

c. calculating the value of safeguards that have to be implemented

d. Is the value of safeguard greater than the value of asset? If so, look for cheaper safeguards but equally effective safeguards.

While risk can only be reduced/mitigated or transferred, it cannot be entirely avoided. It is always good to remember that there is no such thing as 100% security!

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Definitions: Top-down approach to security

The top-down approach to security is when an information security program moves ahead with management approval. The appropriate security funding is secured and there is a proper plan and direction towards the program. This approach is more efficient and generates better results. In short, the top-down approach is a more active and serious approach to security.

In contrast, the bottom-up approach to security is a reactive approach to solving information security concerns. Only after there has been a data breach or several hacking incidents does the company decide to act. This approach will only generate “stop gap” results and not long term results.

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Introduction to Java

We see programming languages all around our digital lives and there have been a few languages that have stood the trials and tribulations of time. Each language is created with a different purpose and sometimes, the whole motive behind it erodes with new technologies.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Defense in depth

Each year we hear of numerous security breaches or incidents. Name any organization/social media site and there is a possibility, that you too would have received a message “that there was a security breach but your information may have been compromised or your information is safe”. Given the magnanimity of today’s security scenario, wherein even non-security professionals can understand the repercussions of a security incident, it is but necessary to enforce additional security measures to bolster a home or business environment. It is here that the concept of ‘Defense in depth’ comes to the rescue of novice and experienced security practitioners alike. The meaning of ‘Defense in depth’ and the various components of ‘Defense of depth’ approaches forms the basis of discussion in this post.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Security definitions

As a newbie to the world of Information security, we are often bowled by the various security definitions that we encounter in various security posts. We will see the various security terms followed by an in-depth explanation of Vulnerability in this post.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

CIA triad

Security is an integral part of our digital ecosystem.  From simple tasks like installing anti-virus software on personal or professional systems, or ensuring that our systems are not hacked, or even more complicated tasks like pen-testing, security is omnipresent and is all pervasive.  Data warehousing, databases, social media or new kid on the block(like Big Data, Digital marketing) all need security consultants to make sure that their business is running smoothly.

Read More

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂