Security Threat is defined as a risk that which can potentially harm computer systems and organization. The cause could be physical such as someone stealing a computer that contains vital data or could be non-physical such as a virus attack.
In these tutorial, we will define a threat as a potential attack from a hacker that can allow them to gain unauthorized access to a computer system.
A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems.
The following list classifies the physical threats into three (3) main categories;
- Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
- External: These threats include Lightning, floods, earthquakes, etc.
- Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
To protect computer systems from the above mentioned physical threats, an organization must have physical security control measures.
The following list shows some of the possible measures that can be taken:
- Internal: Fire threats could be prevented by the use of automatic fire detectors and extinguishers that do not use water to put out a fire. The unstable power supply can be prevented by the use of voltage controllers. An air conditioner can be used to control the humidity in the computer room.
- External: Lightning protection systems can be used to protect computer systems against such attacks. Lightning protection systems are not 100% perfect, but to a certain extent, they reduce the chances of Lightning causing damage. Housing computer systems in high lands are one of the possible ways of protecting systems against floods.
- Humans: Threats such as theft can be prevented by use of locked doors and restricted access to computer rooms.
A non-physical threat is a potential cause of an incident that may result in;
- Loss or corruption of system data
- Disrupt business operations that rely on computer systems
- Loss of sensitive information
- Illegal monitoring of activities on computer systems
- Cyber Security Breaches
The non-physical threats are also known as logical threats. The following list is the common types of non-physical threats;
- Key loggers
- Denial of Service Attacks
- Distributed Denial of Service Attacks
- Unauthorized access to computer systems resources such as data
- Other Computer Security Risks
To protect computer systems from the above-mentioned threats, an organization must have logical security measures in place. The following list shows some of the possible measures that can be taken to protect cyber security threats
To protect against viruses, Trojans, worms, etc. an organization can use anti-virus software. In additional to the anti-virus software, an organization can also have control measures on the usage of external storage devices and visiting the website that is most likely to download unauthorized programs onto the user’s computer.
Unauthorized access to computer system resources can be prevented by the use of authentication methods. The authentication methods can be, in the form of user ids and strong passwords, smart cards or biometric, etc.
Intrusion-detection/prevention systems can be used to protect against denial of service attacks. There are other measures too that can be put in place to avoid denial of service attacks.
A threat is any activity that can lead to data loss/corruption which continues to disruption of normal business operations.
Tell us how you feel about this article in the comment box below.