When a computer connects to a network and begins communicating with other computers, it is essentially taking a risk. Internet security involves the protection of a computer’s Internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computer’s data.
Security concerns are in some ways peripheral to normal business working, but serve to highlight just how important it is that business users feel confident when using IT systems. Security will probably always be high on the IT agenda simply because cyber criminals know that a successful attack can be very profitable. This means they will always strive to find new ways to circumvent IT security, and users will consequently need to be continually vigilant. Whenever decisions need to be made about how to enhance a system, security will need to be held uppermost among its requirements.
The four major aspects in which the internet security professional should e fluent are as follows: Penetration Testing
Penetration testing is a predefined step-by-step procedure to test the vulnerability of the system. For this, the security professional should have good knowledge and experience of conducting such testing. The thorough idea of how these tests are performed, the steps needed and the outcomes expected of such testing is vital for any security professional required to do such penetration testing. The professional should also have good idea about the system being tested and its potential weaknesses.
Intrusion Detection
Intrusion detection is the process of identifying the unlawful entry into the system or an attempt for such entry. For timely detection of such unwanted entry, the security professional should have good idea of the symptoms and signs of such intrusion. He or she should also have clear idea about where to look for such symptoms and signs. It is also necessary to have idea about the remedial action to be performed in case of identification of such incidents.
Incidence Response
Whenever a security incidence such as a system breach, network breach, data loss or identity theft etc happens and is reported or identified, the security personnel should be able to respond appropriately. He should have idea about the steps or actions to be performed for each kind of known incidents. It is good to have a good and well-audited documentation to guide the actions to be performed in response to in incident. For unknown incidents, the security professional should have appropriate judgment and presence of mind to take necessary actions, consult teams, alert management and take external help if needed.
Legal / Audit Compliance
Security incidences are related to legal provisions and actions. Hence, the security personnel should also be aware of the existing legal provisions related to security incidents related to information systems and related assets. The security personnel should also regularly follow up on the findings
of system audit and the issues identified therein. Based on that the team should be able to take corrective action so that the issues and incidents are not encountered again.