By Frances Gollahon
Before I can begin to explain the differences, it’s important to get the term straight:
• SOC, Security Operations Center, which is an organization that delivers Information Technology (IT). It offers continuous risk analysis and guarantees protection against intrusion. (More on the ability to “guarantee” anything later). The SOC also monitors and analyzes firewall activity, IDS (Intrusion Detection Systems). These technologies are ever-changing and require techs to keep abreast of the latest developments.
• IT, Information Technology, the study, design, development and implementation of computer systems, software and hardware. According to the Information Technology Association of America (ITAA), “IT deals with the use of electronic computers and computer software to convert, store, protect, process, transmit and securely retrieve information.
• IDS, Intrusion Detection Systems, which is an application that monitors network or system activity which are violations or imminent threats to computer security policies or standard security policies, and deterring individuals from violating security policies. Intrusion Detection Systems have become a necessary part of the security infrastructure of most organizations.
• Vulnerability Assessment – searches for known weaknesses within the computer systems and/or software installed. Risk assessment.
• Penetration Test – is performed to isolate and expose known or unknown weaknesses in systems, services and web applications.
• Technical Assistance/Internet tech/computer tech can provide assistance for any issue regarding the computer system, any violations, updates to hardware and software.
• Trojan – is a malware that the user doesn’t see and therefore unknowingly allows unauthorized access to the their computer system. The term is derived from the Trojan Horse story in Greek mythology. It allows a hacker remote access to another’s computer.
• Malware – malicious software designed to become part of your computer system without your consent and includes viruses, worms, trojans, spyware, adware, crimeware and root-kits, to name a few.
• Worm - is a self-replicating malware. It independently networks itself to other computers and causes some type of harm or corruption.
• Spyware – a type of malware that collects information about the user without their knowledge or consent and collects various types of personal information; installs software and redirects browser activity; changes computer settings. Is also known as “privacy-invasive” software.
• Adware – Advertising-Supported software – it automatically plays or downloads advertisements to your computer. Some are also privacy-invasive software.
• Crimeware is used to steal identities through “social engineering”. Most often associated with identity theft in order to gain access to online accounts at financial companies. Crimeware is best described by security consultant Kevin Mitnick (former computer criminal) who points out “it is much easier to trick someone into giving a password for a system than to spend the effort to hack into the system.” He claims it was the single most effective method in his arsenal. He coined the term “social engineering.”
• Zombie – just as the name describes, a computer that’s been hacked in to and is used for malicious tasks under remote control. The computer owner is unaware, which led to the name “zombie.” Used extensively with email scams and spams and helps spread trojan horses, since they are not self-replicating.
• Botnet – a collection of zombies that run autonomously and automatically, usually for damaging and malicious use.
• Rootkit – is a means of access to your computer for control over your system. Rootkits take a lot of skill and effort to be completely removed from a system.
• Keylogging or keystroke logging – tracking keystrokes so personal data can be accessed. There are many keylogging modalities, including electromagnetic and acoustic analysis.
• Computer forensics - a branch of forensic science that deals with examining information on computer systems for use as legal evidence or to recover data lost due to failure, or to analyze how a hacker gained access.
• Computer Security Audit – technical assessment of a system which may include interviewing staff, reviewing operating system access controls, running vulnerability scans, analyzing physical access to the system…just to name a few.
Now for that word “guarantee.” Bruce Schneier, American cryptographer, computer security specialist and author (he has written several books on computer security and cryptography) criticized computer security approaches that try to prevent or guarantee any malicious intrusion and instead argues that we might be better off focusing on designing systems that “fail well”.
A system that fails badly is a catastrophic failure. One single failure can bring down the whole system.
A system that fails well compartmentalizes or contains failure. For example, the hulls of watercraft are compartmentalized ensuring that a breach in one compartment will not flood and sink the entire vessel.
This is the best we can “guarantee.”
Computer technology specialist vs. Internet security specialist
A computer technologist – are non-degree certifications given to those who have achieved qualifications specified by a certifying body. The certification qualifies the holder to obtain certain types of positions within the field of study.
IT, Information technology, is the study of computer-based information systems, focusing on software application and computer hardware. According to the Information Technology Association of America (ITAA). IT deals “with the use of electronic computers and computer software to convert, store, protect, process, transmit and securely retrieve information.”
Today’s IT professionals are highly training and skilled individuals with a variety of duties including in designing computer networks and databases to data management, networking, software design, application installations, database design, management and administration of entire systems.
Computer science has many sub-fields, but is basically the study of theory and practical application of that theory in computer systems. Computer science is the study of understanding the “properties of the programs used to implement software.” (Wikipedia)
In researching Information Technology Degrees that can be studied online I found that this is the foundational pursuit that leads to other subfields for IT professionals.
The higher degrees of Bachelor of Information Technology with concentration in Internet Security or a Master’s degree is required to pursue careers used in business today to examine, define and develop policies to maintain security and manage Internet security risks in a business environment. Security practices that should be in place in any organization to comply with federal and state regulations and laws.
So the difference between the two is education. For a business to assume their highly skilled and greatly valued IT techs can keep them in compliance with federal regulations like the Red Flags Rule is like playing Russian roulette with 5 chambers filled.
Visit her blog at: cybercrimandsecuritytaskforce.blogspot.com
Posts
No comments:
Post a Comment