Você está na página 1de 20

rd

Cyber Security (RUC 501/RUC 601) B TECH 3 Yr., MBA 2nd Yr & B Arch 1st Yr

Unit – 1
History of Information Systems
Information systems are implemented within an organization for the purpose of improving the
effectiveness and efficiency of that organization. Capabilities of the information system and
characteristics of the organization, its work systems, its people, and its development and implementation
methodologies together determine the extent to which that purpose is achieved.

Information System have always plays a crucial role in civilization. For example, over 500 years ago, the
Inca Indians of South America developed comprehensive IS with database and processing models. The
database includes the information regarding number of people in a village, their duties, the amount of
grain in storehouse, business transactions, records of battles and other historical events.

In the mid-eighteenth century the industrial revolution increases the pressure to process data. The
industrial Revolution shifted the basic means of production from the home and small shop to the factory.
With the development of large manufacturing facilities, there arose aneed for the service industry to
market and transport the goods produced by the manufacturing systems. The increased size and
complexities of these organizations made it impossible for a single person to obtain adequate
information.

In the 20th century, the need to record the more data, analyze those data to produce more information
and using it for information-led decision-making have increased further. Business investors need the
details about the financial status and further prospects of the business into which they wish to invest.
Bankers and vendors need information to appraise the performance and financial soundness of a
business before making loans or providing business credit.

When businesses and other organizations try to track of many things, timely and accurate information is
the essential resource to maintain the operations and to remain competitive.

Thus , information is considered as a corporate asset. As with most assets, the security of this corporate
asset, namely information, too becomes crucial. In fact security of information assets is considered to be
one of the success factors for business.

Information Systems
Information Systems is not simply about computers. It’s about how businesses can make the best use of
computer technology to provide the information needed to achieve their goals.

In the same way as your own needs and priorities are unique to you, each organization has different
goals and requirements, and the successful implementation of information systems requires a thorough
understanding of the business issues involved as well as the different technologies that are available.

An information system (IS) is typically considered to be a set of interrelated elements or components


that collect (input), manipulate (processes), and disseminate (output) data and information and provide
a feedback mechanism to meet an objective.

1|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr

An IS is a combination of people, hardware, software, communications networks, and data resources


that collects data, transforms it, and disseminates information for a specific purpose. With the help of IS,
enterprises and individuals are able to use computers to collect, store, process, analyze and distribute
information

Data Vs. Information


Data: Raw unorganized facts
Information: A collection of facts organized in such a way that they have additional value beyond the
value of the facts themselves.
Defining and organizing relationships among data creates information.
The Value of Information: The value of Information is directly linked to how it helps decision makers
achieve their organization’s goals.

Types of Information Systems


1. Transaction Processing System (TPS)
2. Management Information System (MIS)
3. Decision Support System (DSS)
4. Executive Information System (EIS)

2|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Fig: pyramid model of types of IS based on the different levels of hierarchy in an organization

Transaction Processing System (TPS)


TPSs collect, store, modify and retrieve the transactions of an organization. A Transaction is an event that
generates or modifies data that is eventually stored an information system. E.g.: Order entry system,
cheque processing systems, accounts receivables systems, payroll systems and ticket reservation
systems.

These systems help any company to conduct operations and keep track of its activities

TPS Characteristics
A TPS records internal and external transactions for a company. It is a repository of data that is
frequently accessed by other systems.
A TPS performs routine, repetitive tasks .It is mostly used by lower level managers to make
operational decisions.
Transactions can be recorded in batch mode or online. In batch mode the files are updated
periodically. In online mode, each transaction is recorded as it occurs.
There are six steps in processing a transaction. They are data entry, data validation, data
processing and revalidation, storage – output generation and query support

Objectives of TPS
• Process data generated by and about transactions
• Maintain a high degree of accuracy and integrity
3|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
• Avoid processing fraudulent transactions
• Produce timely user responses and reports
• Increase labor efficiency
• Help improve customer service
• Help build and maintain customer loyalty
• Achieve competitive advantage

Management Information System (MIS)


Designates a specific category of information systems serving middle management.
Provides middle managers with reports on organization’s current performance.
Information thus obtained is used to monitor and control the business and predict future

Characteristics of MIS
• MIS is an integrative system
• MIS is Sub System concept
• Provides relevant information to management
• MIS is flexible
• Enhances productivity
• Is a coordinated system
• Feedback system

Decision Support System (DSS)


A decision support system (DSS) is a computer program application that analyzes business data and
presents it so that users can make business decisions more easily. It is an "informational application" (to

4|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
distinguish it from an "operational application" that collects the data in the course of normal business
operation).Typical information that a decision support application might gather and present would be:
Comparative sales figures between one week and the next
Projected revenue figures based on new product sales assumptions
The consequences of different decision alternatives, given past experience in a context
that is described
A decision support system may present information graphically and may include an
expert system or artificial intelligence (AI). It may be aimed at business executives or
some other group of Knowledge workers.

Characteristics of Decision support system


Provides rapid access to information
Handles large amount of data from different sources
Provides report and presentation flexibility
Offer both textual and graphical orientation
Support drill down analysis
Perform complex ,sophisticated analysis and comparisons using advanced s/w

Executive Information System (EIS)

Issues at senior Management level:


What will employment be in 5 yrs?
What are long term industry cost trends, where does our firm fit in?
What products should we be making in next 5 yrs?
What new acquisitions would protect us from cyclical business swings?
5|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr

Characteristics of ESS
Are tailored to individual executives
Are easy to Use
Have drill down abilities
Support the need for the external data
Can help with situations that have high degree of uncertainty
Have a future orientation
Are linked with value added business processes

Information System (IS) Development


1- Project Planning Phase
2- Analysis Phase
3- Design Phase
4- Implementation Phase
5- Maintenance Phase

Project Planning Phase


It involves creating of a set of plans to help guide your team through the execution and closure phases
of the project.

The plans created during this phase will help you to manage time, cost, quality, change, risk and issues.
They will also help you manage staff and external suppliers, to ensure that you deliver the project on
time and within budget.

Summarize of this phase


-Define problem
-Feasibility study
6|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
-Scheduling
-Established team
-Project implementation

Analysis Phase
Analysis should come early in any project, and the most important part of that analysis is the gathering
of business requirements. Learn about product and process requirements and how to effectively
determine and prioritize customer needs.

Main concepts of the analysis phase:


-What business requirements are……..
-How to gather business requirements
-Process modeling (Used Data Flow Diagram: DFD)
-Data modeling (Used Entity-Relationship Diagram: ERD)

Design Phase
Often this phase of the systems development lifecycle is divided into Logical and Physical design. Logical
design maps the conceptual model to a particular DBMS model or a representation of the software.

Physical design is concerned with technical specifications. Hardware and network issued are considered
along with data storage structures for files or databases.

Main concepts of the design phase:


-Approach to systems development
-System architecture design
-Data Based design
-Output design
-Input design
-User interface design
-Prepare the prototype
-Program design

Implementation Phase
This phase takes the user tested system and interaction designs and implements them into working
system ready to go live.

Main concepts of the implementation phase:


-Object oriented design
-User interface integration
-Server Implementation
7|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
-Heuristic evaluations
-User Testing
-Documentation

Maintenance Phase
Maintenance of the system also spans many phases of the systems development lifecycle. Maintenance
includes adjusting the system to meet any altered or additional requirements, adjusting the system
documentation to reflect those changes, and rectifying any problems uncovered in testing.

Why are information systems so important in business today?

Six reasons why information systems are so important for business today include:

1. Operational excellence
2. New products, services, and business models
3. Customer and supplier intimacy
4. Improved decision making
5. Competitive advantage
6. Survival

Here is another answer to this question The emergence of a global economy, transformation of
industrial economies, transformation of the business enterprise, and the emergence of digital firm make
information systems essential in business today. Information system is a foundation for conducting
business today. In many businesses, survival and the ability to achieve strategic business goals is difficult
without extensive use of information technology. There are six reasons or objectives why businesses use
information system:

1. Operational excellence. Business improves the efficiency of their operations in order to achieve
higher profitability. Information systems are important tools available to managers for achieving higher
levels of efficiency and productivity in business operations. A good example is Wal-Mart that uses a
Retail Link system, which digitally links its suppliers to every one of Wal-Mart's stores. as soon as a a
customer purchase an item , the supplier is monitoring the item , knows to ship a replacement to the
shelf.

2. New products, services, and business models. Information system is a major tool for firms to create
new products and services, and also an entirely new business models. A business model describes how a
company produces, delivers, and sells a product or service to create wealth.

Example: Apple inc transformed an old business model based on its iPod technology platform that
included iPod, the iTunes music service, and the iPhone.

3. Customer/supplier intimacy. When a business serves its customers well, the customers generally
respond by returning and purchasing more. This raises revenue and profits. The more a business
8|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
engages its suppliers, the better the suppliers can provide vital inputs. These lower costs. Example: The
Mandarin Oriental in Manhattan and other high-end hotels exemplify the use of information systems
and technology to achieve customer intimacy. They use computers to keep track of guests' preferences,
such as their preferred room temperature, check-in time, and television programs.

4. Improved decision making. Many managers operate in an information bank, never having the right
information at the right time to make an informed decision. These poor outcomes raise costs and lose
customers. Information system made it possible for the managers to use real time data from the
marketplace when making decision. Example: Verizon Corporation uses a Web-based digital dashboard
to provide managers with precise real -time information on customer complains, network performance..
Using this information managers can immediately allocate repair resources to affected areas, inform
customers of repair efforts and restore service fast.

5. Competitive advantage. When firms achieve one or more of these business objectives (operational
excellence, new products, services, and business models, customer/supplier intimacy, and improved
decision making) chances are they have already achieved a competitive advantage. Doing things better
than your competitors, charging less for superior products, and responding to customers and suppliers
in real time all add up to higher sales, and higher profits. Example: Toyota Production System focuses on
organizing work to eliminate waste, making continues improvements, and TPS is based on what
customers have actually ordered.

6. Day to day survival. Business firms invest in information system and technology because they are
necessities of doing business. These necessities are driven by industry level changes. Example: Citibank
introduced the first automatic teller machine to attract customers through higher service levels, and its
competitors rushed to provide ATM's to their customers to keep up with Citibank. Providing ATMs
services to retail banking customers is simply a requirement of being in and surviving in the retail
banking business. Firm turn to information system and technology to provide the capability to respond
to these.

Information systems are the foundation for conducting business today. In many industries, survival and
even existence without extensive use of IT is inconceivable, and IT plays a critical role in increasing
productivity. Although information technology has become more of a commodity, when coupled with
complementary changes in organization and management, it can provide the foundation for new
products, services, and ways of conducting business that provide firms with a strategic advantage.

What are the changing natures of Information System?

In the past decade, the nature of IS has undergone a dramatic change, from mainframe-based IS to
client / server computing to today's web-based information system, with the Internet having made the
revolution.
The four powerful worldwide changes that have altered the business environment are:
1. Globalization;
2. Rise of the information economy;

9|Page
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
3. Transformation of the business enterprise;
4. Emergence of the digital firm.

What is Information
Information is an asset which, like other important business assets, has value to an organization and
consequently needs to be suitably protected.

Information can be created, stored, destroyed, processed, transmitted, used, corrupted, lost, stolen,
Printed or written on paper, stored electronically, Transmitted by post or using electronics means, Shown
on corporate videos, Displayed / published on web, Verbal – spoken in conversations ……Whatever forms
the information takes, or means by which it is shared or stored, it should always be appropriately
protected

What is Information Security


Information security, sometimes shortened to InfoSec, is the practice of defending information from
unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or
destruction. It is a general term that can be used regardless of the form the data may take (e.g.
electronic, physical).

 Security is achieved using several strategies simultaneously or used in combination with one
another

 Security is recognized as essential to protect vital processes and the systems that provide those
processes

 Security is not something you buy, it is something you do

 The architecture where an integrated combination of appliances, systems and solutions,


software, alarms, and vulnerability scans working together

 Monitored 24x7

 Having People, Processes, Technology

 Security is for PPT and not only for appliances or devices


10 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr

People: who use or interact with the Information include:


Share Holders / Owners
Management
Employees
Business Partners
Service providers
Contractors
Customers / Clients
Regulators etc…

Processes: refer to "work practices" or workflow. Processes are the repeatable steps to accomplish
business objectives. Typical process in our IT Infrastructure could include:
Helpdesk / Service management
Incident Reporting and Management
Change Requests process
Request fulfillment
Access management
Identity management
Service Level / Third-party Services Management
IT procurement process etc...

Technology: “what we use to improve what we do”


Network Infrastructure:

Cabling, Data/Voice Networks and equipment

11 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Telecommunications services (PABX), including VoIP services , ISDN , Video Conferencing
Server computers and associated storage devices
Operating software for server computers
Communications equipment and related hardware.
Intranet and Internet connections
VPNs and Virtual environments
Remote access services
Wireless connectivity

Application software:

Finance and assets systems, including Accounting packages, Inventory management, HR


systems, Assessment and reporting systems
Software as a service (Sass) - instead of software as a packaged or custom-made product. Etc...

Physical Security components:


CCTV Cameras
Clock in systems / Biometrics
Environmental management Systems: Humidity Control, Ventilation , Air Conditioning, Fire
Control systems
Electricity / Power backup

Access devices:
Desktop computers
Laptops, ultra-mobile laptops and PDAs
Thin client computing.
Digital cameras, Printers, Scanners, Photocopier etc.

ISO 27002:2005 defines Information Security as the preservation of:


Confidentiality - Ensuring that information is accessible only to those authorized to have access

Integrity - Safeguarding the accuracy and completeness of information and processing methods

Availability - Ensuring that authorized users have access to information and associated assets when
required

Need of Information Security


Information Security Needed Because it :
1. Protects information from a range of threats

12 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
2. Ensures business continuity
3. Minimizes financial loss
4. Optimizes return on investments
5. Increases business opportunities
6. Business survival depends on information security.

Security breaches leads to…


• Reputation loss
• Financial loss
• Intellectual property loss
• Legislative Breaches leading to legal actions (Cyber Law)
• Loss of customer confidence
• Business interruption costs

Threats to Information System


There are many information security threats that we need to be constantly aware of and protect against
in order to ensure our sensitive information remains secure.

1- Unauthorized Access – Enter at your own risk


The attempted or successful access of information or systems, without permission or
rights to do so.
Ensure you have a properly configured firewall, up to date malware prevention
software and all software has the latest security updates.
Protect all sensitive information, utilizing encryption where appropriate, and use strong
passwords that are changed regularly.
2- Cyber Espionage – Hey, get off my network!
The act of spying through the use of computers, involving the covert access or ‘hacking’
of company or government networks to obtain sensitive information.
Be alert for social engineering attempts and verify all requests for sensitive information.
Ensure software has the latest security updates, your network is secure and monitor for
unusual network behavior.
3- Malware – You installed what?!
A collective term for malicious software, such as viruses, worms and trojans; designed to
infiltrate systems and information for criminal, commercial or destructive purposes.
Ensure you have a properly configured firewall, up to date malware prevention and all
software has the latest security updates.
Do not click links or open attachments in emails from unknown senders, visit un-trusted
websites or install dubious software.
13 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
4- Data Leakage – I seek what you leak.
The intentional or accidental loss, theft or exposure of sensitive company or personal
information
Ensure all sensitive information stored on removable storage media, mobile devices or
laptops is encrypted
Be mindful of what you post online, check email recipients before pressing send, and
never email sensitive company information to personal email accounts
5- Mobile Device Attack – Lost, but not forgotten
The malicious attack on, or unauthorized access of mobile devices and the information
stored or processed by them; performed wirelessly or through physical possession.
Keep devices with you at all times, encrypt all sensitive data and removable storage
media, and use strong passwords.
Avoid connecting to insecure, un-trusted public wireless networks and ensure Bluetooth
is in ‘undiscoverable’ mode.
6- Social Engineering – Go find some other mug
Tricking and manipulating others by phone, email, online or in-person, into divulging
sensitive information, in order to access company information or systems.
Verify all requests for sensitive information, no matter how legitimate they may seem,
and never share your passwords with anyone – not even the helpdesk.
Never part with sensitive information if in doubt, and report suspected social
engineering attempts immediately.
7- Insiders – I see bad people
An employee or worker with malicious intent to steal sensitive company information,
commit fraud or cause damage to company systems or information
Ensure access to sensitive information is restricted to only those that need it and revoke
access when no longer required
Report all suspicious activity or workers immediately
8- Phishing – Think before you link
A form of social engineering, involving the sending of legitimate looking emails aimed
at fraudulently extracting sensitive information from recipients, usually to gain access to
systems or for identity theft.
Look out for emails containing unexpected or unsolicited requests for sensitive
information, or contextually relevant emails from unknown senders.
Never click on suspicious looking links within emails, and report all suspected phishing
attempts immediately.
9- System Compromise – Only the strong survive
A system that has been attacked and taken over by malicious individuals or ‘hackers’,
usually through the exploitation of one or more vulnerabilities, and then often used for
attacking other systems.
Plug vulnerable holes by ensuring software has the latest security updates and any
internally developed software is adequately security reviewed.
Ensure systems are hardened and configured securely, and regularly scan them for
vulnerabilities.
10- Spam – Email someone else

14 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Unsolicited email sent in bulk to many individuals, usually for commercial gain, but
increasingly for spreading malware.
Only give your email to those you trust and never post your address online for others to
view.
Use a spam filter and never reply to spam emails or click links within them.
11- Denial of Service – Are you still there?
An intentional or unintentional attack on a system and the information stored on it,
rendering the system unavailable and inaccessible to authorized users.
Securely configure and harden all networks and network equipment against known DoS
attacks.
Monitor networks through log reviews and the use of intrusion detection or prevention
systems
12- Identity Theft – You will never be me
The theft of an unknowing individual’s personal information, in order to fraudulently
assume that individual’s identity to commit a crime, usually for financial gain.
Never provide personal information to un-trusted individuals or websites.
Ensure personal information is protected when stored and securely disposed of when
no longer needed.

Protecting Information System


1- Data security is fundamental
Data security is crucial to all academic, medical and business operations.
All existing and new business and data processes should include a data security review to
be sure data is safe from loss and secured against unauthorized access.
2- Plan ahead
Create a plan to review your data security status and policies and create routine processes
to access, handle and store the data safely as well as archive unneeded data.
Make sure you and your colleagues know how to respond if you have a data loss or data
breach incident.
3- Know what data you have
The first step to secure computing knows what data you have and what levels of
protection are required to keep the data both confidential and safe from loss.
4- Scale down the data
Keep only the data you need for routine current business, safely archive or destroy older
data, and remove it from all computers and other devices (smart phones, laptops, flash
drives, and external hard disks).
5- Lock up!

15 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Physical security is the key to safe and confidential computing.
All the passwords in the world won't get your laptop back if the computer itself is stolen.
Back up the data to a safe place in the event of loss.

Information Assurance
Information assurance (IA) is the practice of assuring information and managing risks related to the use,
processing, storage, and transmission of information or data and the systems and processes used for
those purposes.

Information Assurance (IA) refers to the steps involved in protecting information systems, like computer
systems and networks. There are commonly five terms associated with the definition of information
assurance:

Integrity
Availability
Authentication
Confidentiality
Nonrepudiation

IA is a field in and of itself. It can be thought of as a specialty of Information Technology (IT), because an
IA specialist must have a thorough understanding of IT and how information systems work and are
interconnected. With all of the threats that are now common in the IT world, such as viruses, worms,
phishing attacks, social engineering, identity theft and more, a focus on protection against these threats
is required. IA is that focus.

Integrity involves making sure that an information system remains unscathed and that no one has
tampered with it. IA takes steps to maintain integrity, such as having anti-virus software in place so that
data will not be altered or destroyed, and having policies in place so that users know how to properly
utilize their systems to minimize malicious code from entering them.

Availability is the facet of IA where information must be available for use by those that are allowed to
access it. Protecting the availability can involve protecting against malicious code, hackers and any other
threat that could block access to the information system.

Authentication involves ensuring that users are who they say they are. Methods used for authentication
are user names, passwords, biometrics, tokens and other devices. Authentication is also used in other
ways -- not just for identifying users, but also for identifying devices and data messages.

IA involves keeping information confidential. This means that only those authorized to view information
are allowed access to it. Information needs to be kept confidential. This is commonly found, for example,
in the military, where information is classified or only people with certain clearance levels are allowed
access to highly confidential information.

The final pillar is nonrepudiation. This means that someone cannot deny having completed an action
because there will be proof that they did it.

16 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Cyber Security
Cyber Security or IT security is the protection of information systems from theft or damage to
the hardware, the software, and to the information on them, as well as
from disruption or misdirection of the services they provide. It includes controlling physical access to the
hardware, as well as protecting against harm that may come via network access, data and code
injection, and due to malpractice by operators, whether intentional, accidental, or due to them being
tricked into deviating from secure procedures.

The field is of growing importance due to the increasing reliance of computer systems in most societies.
Computer systems now include a very wide variety of "smart" devices, including Smartphone’s,
televisions and tiny devices as part of the Internet of Things – and networks include not only the Internet
and private data networks, but also Bluetooth, Wi-Fi and other wireless networks.

Security Risk Analysis

 It is a way of determining risks and dangers in work places


 Risk analysis includes analysing the possible hazard that could occur within a workplace and
finding a solution in a safe manner. This avoiding injury to an individuals and damage to property
 If the hazard cannot be avoid in a safe way, then the risk analysis will say that the activity
shouldn’t be carried out

Why do we have Risk analysis?

 They are needed to assess any danger that people could be put in when they are in the lab
 Risk analysis is needed so that the risks of danger happening within the lab is reduced and
eliminated.
 They are in order to protect people within the lab, not only the person carrying out the
practical's but others around
 They help to set out guidelines to what you should and shouldn’t do within a lab for safety

What should a risk analysis cover?

 A risk analysis must include the possible dangers that could occur in the laboratory.
 The risk analysis should include guidelines for protecting people.

How does a risk analysis work?

17 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
 Each laboratory would have their own forms of risk analysis so there isn’t set guidelines on how
the risk analysis should be carried out.

Before a risk analysis is produce the difference between a risk and a hazard must be known

 Hazard: Anything that can cause harm, electricity, hazardous substances and noise are potential
hazards.
 Risks: “The likelihood that damage, loss or injury will be caused by a hazard and how severe the
outcome may be.”

How does a risk analysis work?

When carrying out a risk analysis there are 5 recommended guidelines.

1. Identifying the hazard:


2. Decide who might be harmed and how
3. Evaluate the risks and decide on the precautions
4. Record your findings and put them into place
5. Review you risk analysis and make amendments if needed

A risk analysis should be carried out yearly.

Cyber Bullying

Cyber bullying is the act of harming or harassing via information technology networks in a
repeated and deliberate manner. According to U.S. Legal Definitions, "cyber-bullying could be
limited to posting rumors or gossips about a person in the internet bringing about hatred in
other’s minds; or it may go to the extent of personally identifying victims and publishing
materials severely defaming and humiliating them.

Cyber bullying is bullying that takes place using electronic technology. Electronic technology
includes devices and equipment such as cell phones, computers, and tablets as well as
communication tools including social media sites, text messages, chat, and websites.

18 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr
Examples of cyber bullying include mean text messages or emails, rumors sent by email or
posted on social networking sites, and embarrassing pictures, videos, websites, or fake profiles.
Why Cyber bullying is Different

Kids who are being cyber bullied are often bullied in person as well. Additionally, kids who are
cyber bullied have a harder time getting away from the behavior.
Cyber bullying can happen 24 hours a day, 7 days a week, and reach a kid even when he
or she is alone. It can happen any time of the day or night.
Cyber bullying messages and images can be posted anonymously and distributed quickly
to a very wide audience. It can be difficult and sometimes impossible to trace the
source.
Deleting inappropriate or harassing messages, texts, and pictures is extremely difficult
after they have been posted or sent.

Effects of Cyber bullying


Cell phones and computers themselves are not to blame for cyber bullying. Social media sites
can be used for positive activities, like connecting kids with friends and family, helping students
with school, and for entertainment. But these tools can also be used to hurt other people.
Whether done in person or through technology, the effects of bullying are similar.

Kids who are cyber bullied are more likely to:


Use alcohol and
drugs Skip school
Experience in-person bullying
Be unwilling to attend school
Receive poor grades
Have lower self-esteem
Have more health problems

Cyber Predators
Online predators are individuals who commit child sexual abuse that begins or takes place on
the Internet. Internet-facilitated sex crimes against minors involve deceit and begin with adults
communicating with children over the Internet with the goal of coercing them into illegal sexual
activity. Sometimes the sexual abuse happens face to face.
Chat rooms, instant messaging, Internet forums, social networking sites, cell phones, and
even video game consoles have all attracted online predators

A Cyber predator uses the Internet to hunt for victims to take advantage of ANY way, including
sexually, emotionally, psychologically or financially. Cyber predators know how to manipulate
children, creating trust and friendship where none should exist.
19 | P a g e
Cyber Security (RUC - 501) B TECH 3rd Yr., MBA 2nd Yr & B Arch 1st Yr

Did you know?


73% of children who have offline sexual encounters with offenders do so more than
once.
Online predators tend to fall between the ages of 18 & 55. Their targets tend to be
between the ages of 11 & 15.
Teens are willing to meet with strangers: 16% of teens considered meeting someone
they've only talked to online and 8% have actually met someone they only knew online.

Safety and Legal Issues with Cyber Predators


Although the Internet has become a place for research and scholastic engagement for many
students, it a has also significantly increased the risk at which students can become victims. It
has expanded the opportunities that predators have to meet victims while decreasing
detection. The Internet provides access to many social networks for students, which can be
dangerous due to the anonymity of the Internet; this anonymity allows for predators to easily
target some individuals, especially young teens or children. Because of this increased cyber
danger, it is very important for students to approach the web in a cautious manner.

Tips for Students on the Internet


There should be precautions taken when you engage in any social network
Do not only look out for a certain stereotype of a dangerous person, but certain types of
odd behavior
Never tell anyone personal information about you or your family; privacy is something
that is very important (especially on the Internet)

20 | P a g e

Você também pode gostar