IT

Smartphones, computers and laptops are an integral part of day-to-day life these days. However, along with their usage comes the danger of sensitive information – including photos and documents – being comprised. This course is ideal for those wanting to enhance their knowledge of digital information security from individuals to security consultants, administrators and analysts working in the IT sector.

The Certificate of Information Security will help you recognise vulnerabilities, implement security and manage risks when it comes to protecting data. You will learn how to understand the different types of threats, back up data and undertake security initiatives. You will also study how to develop a disaster recovery plan, implement a security policy and understand the legal and ethical issues facing IT professionals.

Learning Outcomes

Outcomes achieved by undertaking a course in the fundamentals of information security include:

• Learning about basic security concepts and the need for security
• Exploring security breaches and intrusions, the types of threats and threat assessment
• Gaining an understanding of a vulnerability assessment
• Studying security through obscurity
• Gaining insights into hackers, crackers and the difference between them
• Examining IP and blind spoofing
• Understanding a Man in the Middle Attack
• Learning about denial of service, distributed denial of service and phishing
• Exploring how to defend against spoofing
• Studying botnets, the types and their malicious use
• Gaining insights into information security ethics
• Examining ethical and legal issues facing IT professionals
• Understanding intellectual property rights
• Learning about data integrity and data back ups
• Exploring protection, detection and correction
• Studying full, incremental, mirror, offsite, onsite and online backups
• Gaining insights into disk based versus tape based backups
• Examining vulnerabilities of software and operating and information systems
• Understanding how to run virus protection software and update security patches
• Learning about approved software
• Exploring FTP vulnerability
• Gaining an understanding of trojan horses, who is at risk and how to protect against them
• Studying risk management, the key roles in the process and risk assessment
• Gaining insights into characterising the system, identifying threats and control analysis
• Examining how to determine likelihood ratings and analysing the impact
• Understanding how to determine the risks and controls recommendations
• Learning about risk mitigation and risk evaluation
• Exploring information security technologies, developments and initiatives
• Gaining an understanding of VPNs (Virtual Private Networks) and their features and benefits
• Studying the components of remote access VPN and the protocols used in VPN connections
• Gaining insights into the advantages and disadvantages of VPN
• Examining firewalls and their main functions
• Understanding packet filtering, circuit relay, application gateways and firewall rules
• Learning about Intrusion Detection Systems (IDS) and IDS versus firewalls
• Exploring physical security including natural disasters and controls
• Studying lighting, power loss, fire, earthquakes, liquid leakage and the human factor

And more!

Top 10 cyber security trends for 2021

According to the World Economic Forum’s Global Risks Report of 2020, cyber threats have become the new norm across both the public and private sectors. In fact, the 2019 Targeting Scams report by the Australian Competition and Consumer Commission (ACCC) identified that Australians lost more than $634 million to scams in 2019 alone.

One of the fundamentals of information security is understanding how to adapt to the changing threat landscape and knowledge is power! Here are ten current cyber attack statistic trends that will provide food for thought.

1. Growth of Cybercrime Costs

If we measure cyber crime as a country, it can be considered as the world’s third-largest economy after the USA and China! It is even larger than the damage caused annually as a result of natural disasters. In Australia, cybercrime costs amount to $29 billion each year and over 50 per cent of these are incurred on detection and recovery. The average cost of a single breach to a business is also around $276,000.

2. Increase in Cyber Security Attacks

According to a State of Cybersecurity Report, small and medium businesses globally showed alarming statistics:

• 71 per cent had faced a cyber-attack in their lifetime and 66 per cent had suffered an attack in the last twelve months.
• 82 per cent reported evasion of their anti-virus programs and 69 per cent suffered attacks that evaded their intrusion detection systems.
• 68 per cent reported that their employee passwords were lost or stolen during the past year.

The attacks faced by small businesses most commonly included phishing and social engineering attacks, compromised or stolen devices and credential theft.

3. Severity of Cyber Attacks

Regardless of the severity of a cyber attack, it will always have a consequences, whether it is reputational damage, legal liability problems or financial, productivity or business continuity losses. Of the most impactful threats is Ransomware attacks which have increased by 25 per cent globally in the past year.

A 2020 Global Security Attitude Survey revealed that Australia is one of the world’s biggest targets for ransomware, with 67 per cent of respondents claiming their organisation had suffered an attack that year.

4. Industry-wide Attacks

Although any industry can suffer a data breach, ones that deal closely with customers and people are the most at risk. These companies hold sensitive customer data and are desirable targets for hackers. Organisations and industries that are the most vulnerable to cyber attacks globally include:

• Financial institutions and banks including credit card data and bank account details.
• Healthcare industry including research data, health records and patient records like insurance claims, social security numbers and billing information.
• Educational institutions including financial records and student data such like enrolment details.
• Enterprises – including product concepts, intellectual property, marketing plans, contract deals and and client and employee details.

In Australia, the sectors for the 2019/2020 financial year that were most affected in order of targeting were the Federal Government, State Governments, health and education.

5. Data Breaches

According to a report by IBM, an organisation becomes aware of a breach incident after around 190 days and is able to contain it in around 70 days. Slow response to a data breach can cause more loss to an organisation in the form of customer distrust, fines and loss of productivity. A critical operational aspect of business these days is designing an Incident Response Plan. It allows an organisation to deal proactively with an incident, and respond quickly during the detection, investigating, containing, remediation and recovery phases.

6. Information Security Expenditure

According to the AustCyber Digital Census, Australians spent over $5.6 billion on cyber security in 2020. This figure is predicted to increase to $7.6 billion by 2024. There are also more information security providers in Australian than ever before and numbers are increasing (which is why undertaking a fundamentals of information security course is a great career option!)

7. Phishing Emails and Email Security

According to Scamwatch, phishing was one of the most reported scams in Australia in 2020. There were over 44,000 reported attacks which was 75 per cent higher than the incidents reported in the previous year. The most profitable method that scammers used was phone calls and emails. There were over 103,000 phone call attacks in 2020 and over 47,000 email attacks, and the amount of money stolen was over $34 million.

8. Malware Attacks

A 2020 report by the Australian Cyber Security Centre (ACSC) showed that ransomeware is a prevalent threat all over the world, and that an attack typically occurs after malicious activity like a phishing campaign is conducted. However, the CSC is against the practice of paying ransom to the hackers as they believe paying a ransom will increase an organisation’s vulnerability and make them more prone to future incidents.

9. Online Payment Fraud

According to a study by Juniper Research, E-commerce losses due to online payment fraud will exceed $25 billion annually by 2024. This is partly due to our increased dependency on online shopping making e-commerce an attractive target for cyber criminals. Businesses must adopt measures like secure payment gateways and multi-factor authentication to ensure that all security requirements are effectively implemented.

10. Remote Work Challenges

A 2020 Global Risk Report on Cybersecurity in the Remote Work Era found that the security effectiveness of the organisations that responded was significantly reduced due to the remote workforce model which increased with the advent of COVID-19.  And it’s not surprising, given that many organisations still don’t require their remote workers to use any form of authentication. Around 31 per cent of respondents said their organisations don’t require any authentication method.  For those that do, only 40 per cent used two-factor authentication. And only 35 per cent used multi-factor authentication for improving remote access security.

Gain a broad understanding of information security and be able to implement solutions and initiatives to keep data and hardwaresafe with a fundamentals of information security course such as our Certificate of Information Security.