Information Security Essay

3489 words - 14 pages

When we think about security we think about doors, bars on windows, guards, alarms and so forth. When we look at information security we think about passwords and permissions. In the past that is all we needed to protect our information. As technology continues to advance, security takes on a whole new roll. We are no longer storing papers in boxes behind a locked door. We are now securing servers and large datacenters with vast amounts of information.  
When we think about security we think about doors, bars on windows, guards, alarms and so forth. When we look at information security we think about passwords and permissions. In the past that is all we needed to ...view middle of the document...

The article by Allen Johnston and Ron Hale examine the planning for information security and enhancing the quality of security.
“A survey conducted by the Computer Security Institute and the Federal Bureau of Investigation found:”
56% of respondents reported unauthorized computer system use during the past year. These unauthorized uses include malicious acts such as theft or destruction of intellectual property, insider abuse and unauthorized access to information that results in a loss of data integrity and confidentiality, as well as malware threats such as viruses, spyware, worms, and Trojans (Johnston and Hale, 2009, p. 126).
To better understand how planning and enhancing security can increase the value in security programs; a survey was conducted of security professionals to see their perception on the quality of their security programs. The results allowed for a comparison between the different businesses and viewing the overall picture how information security plays a role in those businesses.
Information Security Governance (ISG) has a role in creating policies and strategies within a business and protection of information assets. Information Security Governance brings attention to the board and executives, corporations are more effective in addressing and improving security. “In terms of strategic alignment, ISG enables firms to align security with business strategy to support organizational objectives” (Johnston and Hale, 2009, p. 127). Corporations are able to use appropriate measures and reduce risk. When addressing information security as part of the overall strategic plan, policies are easily adopted into the goals and objectives.
In order to validate the value of Information Security Governance, a survey was conducted among managers, auditor and executives that are Certified Information Security Manager. The survey found those who implemented Information Security Governance had higher level of support by upper management over those who did no implement. Thus those that implemented information security had a better relationship between business and information security than those that did not.
The findings from the survey had shown when information security was addressed at a corporate level; employees took greater ownership in protecting the information. Employees did not view security as a barrier but as part of business success. This in turn showed that businesses that used Information Security Governance had a higher level in the quality of protection in information over those who did not.
The study provided support for corporations to include information security planning as part of their operations. Many businesses are not as motivated or have barriers that make it difficult to develop an information security program. There are many benefits for having an Information Security Governance program. Implementers were asked to rate on a scale 1 (low) to 5 (high), “Legal requirements (4.30) were the most influential...

Other Essays Like Information Security

Information Technology/Network Security Threats Essay

1465 words - 6 pages Protecting systems against various systems threats such as passwords and cracking tools with brute force or attacks into the system by gaining authentication for access rights including a password, policy, to educate the users. SECURITY CONSIDERATIONS IN THE INFORMATION SYSTEM DEVELOPMENT LIFE CYCLE. Each information security environments unique, unless modified to adapt to meet the organization’s needs. The System Development Life Cycle

Information Security In Business Organizations Essay

3793 words - 16 pages organization itself.The essay sets off with a critical review of the term security in the context of information systems, which illustrates the treats and risks arising from extensive use of information systems. Then, through a case study of banking giant Citibank, the essay addresses which security measures and how security managements are conducted to subdue threats and risks by Citibank in securing its information system and business. In the end of

Unit 1 - Information Security Policy

2151 words - 9 pages Running Head: UNIT 1 ASSIGNMENT Unit 1 - Information Security Policy Regina Sykes Kaplan University Abstract ------------------------------------------------- This paper will provide information on the purpose of a security policy and components of a security policy. Additionally, this paper contains information on a specific organization and the unique important items the organization choose to establish security policies

A Comparison of Information Security Surveys

3096 words - 13 pages Running Head: A COMPARISON OF INFORMATION SECURITY SURVEYS A Comparison of Information Security Surveys Conducted by the Computer Security Institute and Ernst & Young of Public and Private Sector Organizations University of Maryland University College A Comparison of Information Security Surveys Conducted by the Computer Security Institute and Ernst & Young of Public and Private Sector Organizations Emerging technologies

Chapter 5 - Principles of Information Security

3378 words - 14 pages ITS Chapter 5 Review Questions 1. How can a security framework assist in the design and implementation of a security infrastructure? Answer: Security framework is the overall plan for information security measures. It is a general outline that can easily be altered to an organization security needs. Elements that can protect the infrastructure should be included such as; a security perimeter, which protects the internal systems from

Applying Information Security And Sdlc To Business

2664 words - 11 pages Applying Information Security and SDLC to Business Applying Information Security and SDLC to Business Businesses today have a continually growing need to explore new technologies to help make their businesses more productive and ultimately more profitable. To accomplish this task there are many factors to consider centered on discovering what resources are available, what the user’s needs are, along with how to improve the customers

Information Security and the Areas That Truly Affect It

1623 words - 7 pages With information security now demanding a significant level of attention from organizations, the traditional approach of identifying risk in purely technical terms has proven insufficient. Please consider the areas that truly affect information security and integrate those findings into an overall risk management study to ensure an effective and appropriate technology program. I believe the greatest information security threat is

Principles Of Information Security Chapter 2 Review Questions

1131 words - 5 pages 1. Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and enforce those policies to protect the value of the organization’s data. 2. Data is important to an

Information Systems Security and Ethical Challenges Chapter 13 Activity 8.5

807 words - 4 pages Bob Baumgardner Activity 8.5 06/19/2014 Assignment Module Review 1. What can be done to improve the security of business uses of the Internet? Give several examples of security measures and technologies you would use. There are many measures that can be used and implemented to stop cyber scams. However, the best way is to spread awareness. When people are aware that what they are doing on the Internet can damage their computer

Chapter 7 Principles of Information Security 1-14

1521 words - 7 pages Principles of Information Security, 4th Edition Chapter 7 Review Questions 1. What common security system is an IDPS most like? In what ways are these systems similar? IDPSs are much like burglar alarms. They both will monitor an area for actions that may represent a threat and sound an alarm when those actions are detected. 2. How does a false positive alarm differ from a false negative one? From a security perspective, which is least

Lead Information Security Analyst

950 words - 4 pages ) ]. Strategic Vision: “UPS entered the logistics arena in the mid-1990's, both to satisfy customer requests and to fulfill a strategic vision of operating across the entire stream of commerce, from goods to information to funds. The company's supply chain services also leverage UPS's expertise in building and operating global IT and physical infrastructures and managing

Related Papers

Information Security Essay

3592 words - 15 pages has a demonstrated reputation with its long haul accomplice model, which is intended to profit both sides. The model has been created together with accomplices over 15 years. Our current well being recommendation is centered on six fundamental zones with the taking after demonstrated medical advantages illustrated: •Immune - Improved guard/ resistance/ security - Reduced frosty/ influenza side effects, lessened length of cool/ influenza

Computer Network & Information Security Essay

1478 words - 6 pages Media has focused on computer security of big businesses and how they have been breached, yet individuals do not stop and think about their own personal computer safety. Information can be stolen or damaged, access of personal computers can be gained without permission, viruses and worms can enter creating problems for a user, and our computers may be susceptible to cyber-attacks from hackers. Yet most computer users are new to the technology or

Information Security Threat Mitigation Essay

814 words - 4 pages Information Security Threats Mitigation By Francis Nsofwa Mubanga Keller Graduate School of Management Devry University Professor Sandra Kirkland SE572 July 14th, 2011  Table of Contents Introduction 1 Steps 1 Denial-of-Service attacks (DoS) 1 Distributed Denial-of-Service attacks (DDoS) 1 Masquerading and IP Spoofing attacks 2 Smurf attacks 2 Land .c attacks 2 Man-in-the-Middle attacks 3 Conclusion 3 References

Information Security Article Evaluation Essay

922 words - 4 pages Information Security Article Evaluation CMGT/441 July 10, 2013 Confidentiality As I was looking on the internet trying to locate a website to write my paper about, an article from got my attention. The article was about social media