ISACA Malta Chapter sheds light on unethical access to information systems and data

Malta Independent Friday, 25 January 2013, 14:24 Last update: about 11 years ago

Irrespective of their size, businesses face a daily risk of falling prey to illegal hacking which, in turn, may result in loss of important data and disruption to information systems.

As part of its drive to raise awareness on the risks related to inadequate information systems, the local Chapter of ISACA – formerly known as the Information Systems Audit and Control Association – organised an educational session for its members entitled “Compromised! How hackers gain access to your systems and steal your data”.

Mr Ian Attard, an information security practitioner, delivered a presentation on the large number of methods that hackers employ to penetrate IT systems at the core of modern businesses. Enterprises run applications in client-facing front-offices, manage customer billing, accounts, and purchasing software, all of which are subject to hacker attack at any time of day or night. Any software and technology implemented have vulnerabilities and without proper systems management aimed at preventing hacker attacks, businesses continue to place their operations, and possibly their profitability, at risk.

The educational event included a hands-on demonstration on the “art of the possible” - what a hacker can do, covering his/her tracks, possibly operating from abroad. Indeed, a hacker only pokes-and-peeps, while crackers do worse - they steal data, leaving “backdoors” through which they may enter time-and-time again, and with less effort. NASA, the US Department of Defence, Microsoft and LinkedIn have all been hacked in the recent past. Fortunately, they are aware of these breaches but for many other businesses, hacking or cracking occurs without detection.

“Industry best practices are available to help reduce risks of breaches and enhance chances of detection. This is a shifting landscape – IT Assurance Managers, Risk Managers, Information Security Managers and Boards who take IT Governance responsibly can act-now-and-play-safe. ISACA promotes values of enlightened self-interest, good business, and good corporate governance through proper information systems management” said Mr Vladimiro Comodini, President of the ISACA Malta Chapter.

The ISACA Malta Chapter holds monthly educational sessions on subjects related to information security and IT governance, and is also organising a half-day conference on 27 February. The conference theme is “An introduction to COBIT 5”.