 It is the management and protection of knowledge, information, and data.

It combines two fields:

1. Information assurance, which focuses on ensuring the availability, integrity,
authentication, confidentiality, and non-repudiation of information and systems.
These measures may include providing for restoration of information systems by
incorporating protection, detection, and reaction capabilities.
2. Information security, which centers on the protection of information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide confidentiality, integrity, and
availability.
 Set of integrated elements or components that collect, manipulate, store and
disseminate data and information and provide feedback mechanism.
 Input
- input is a piece of data which is embed in the system by the user for some use.
- It is the activity of capturing and gathering of data.
 Process
- This phase is used after input phase and take place in the internal pat of the
system.
- Main purpose it serve is to take inputted data and convert it into something
usable.
- What we see in today’s computer world is what we see is what we get
 Output: Process/display useful information.
 Feedback: used to make adjustment on output.
 These components are configured to collect, manipulate, store and process data
and information.
1. HARDWARE- Consist of computer equipment used to perform input, processing
to output activities.
2. SOFTWARE- Consist of computer programs and instruction given to the
computer and user.
3. PEOPLE- It is the most important element. It includes personnel who manage,
run program and maintain the computer system.
4. DATABASE- Organize collection of facts and information.
5. TELECOMMUNICATION- Allows organizations to link computer and user.
6. PROCEDURE- Include strategies, methods and rules that humans use to operate
CBIS
 It is considered as the foundation of information security.

1. CONFIDENTIALITY- Allowing only authorized subjects to view sensitive

information.
2. INTEGRITY- Maintaining the accuracy and trustworthiness of data.
3. AVAILABILITY- Insuring data is available when and where it is needed for
business operation.
 AUTHENTICATION
- Verifying the identity of subject.
 AUTHORIZATION
- Determining what a subject can access after authorization.
* Course (example Application Process)
* Fine (example, functions accessible within the application)
 ACCOUNTABILITY
- What subject did what, where and when.
Malware (malicious software)
- Malware, or malicious software, is any program or file that is harmful to a
computer user.
TYPES OF MALWARES
 A virus is the most common type of malware which can execute itself and spread by
infecting other programs or files.
 A worm can self-replicate without a host program and typically spreads without any
human interaction or directives from the malware authors.
 A Trojan horse is designed to appear as a legitimate program in order to gain access
to a system. Once activated following installation, Trojans can execute their malicious
functions.
 Spyware is made to collect information and data on the device user and observe their
activity without their knowledge.
 Theft of intellectual property means violation of intellectual property rights like
copyrights, patents etc.
 Identity theft means to act someone else to obtain person’s personal information or to
access vital information they have like accessing the computer or social media account
of a person by login into the account by using their login credentials.
 Theft of equipment and information is increasing these days due to the mobile
nature of devices and increasing information capacity.
 Sabotage means destroying company’s website to cause loss of confidence on part of
its customer.
 Information extortion means theft of company’s property or information to receive
payment in exchange. For example ransomware may lock victims file making them
inaccessible thus forcing victim to make payment in exchange. Only after payment
victim’s files will be unlocked.