Strategies for managing the processes

Assignment Help Management Information Sys
Reference no: EM131615244 , Length: 3

Rewrite this file in professional way and good expression

the rewrite must depend on the understanding the whole paragraph and then make the rewriting

don't use sentense by sentense rewrite

must be zero plagirisim

3 Pages

Information security

Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.

Infosec programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties when requested (availability).

Many large enterprises employ a dedicated security group to implement and maintain the organization's infosec program. Typically, this group is led by a chief information security officer. The security group is generally responsible for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The value of an organization lies within its information -- its security is critical for business operations, as well as retaining credibility and earning the trust of clients.

Threats to sensitive and private information come in many different forms, such as malware and phishing attacks, identity theft and ransomware. To deter attackers and mitigate vulnerabilities at various points, multiple security controls are implemented and coordinated as part of a layered defense in depth strategy. This should minimize the impact of an attack. To be prepared for a security breach, security groups should have an incident response plan (IRP) in place. This should allow them to contain and limit the damage, remove the cause and apply updated defense controls.

Information security processes and policies typically involve physical and digital security measures to protect data from unauthorized access, use, replication or destruction. These measures can include mantraps, encryption key management, network intrusion detection systems, password policies and regulatory compliance. A security audit may be conducted to evaluate the organization's ability to maintain secure systems against a set of established criteria.

Jobs within the information security field vary in their titles, but some common designations include IT chief security officer (CSO), chief information security officer (CISO), security engineer, information security analyst, security systems administrator and IT security consultant.

A Brief History of Computer Security Threats

The headlines offer up a grim picture: major corporations getting hacked, revealing personal information about tens of millions of customers; bugs exploited in millions of servers; foreign nations spying on others by stealing passwords and email addresses. It's enough to cause more than a few headaches. Security threats are nothing new, but these days they appear to be causing far more damage than ever before. While the methods have changed, attackers still aim to cause as much damage as possible. A look at a brief history of computer security threats shows the evolution of the risks and hazards.

Computer Threats

Viruses and worms were the next big cyber culprits, though they were at first harmless. For example, the first worm was developed in 1979 at a Xerox research station; its goal was to actually help make more efficient computers. Later on, hackers took the worms, modified them, and began using them to destroy or alter data.

Eventually, the first PC virus named "Brain" was developed in 1986, but it was not destructive in nature. In fact, the men behind it actually included their names and contact information buried within the code. More harmful viruses eventually followed, including "Form" and "Michelangelo." Self-modifying viruses were first created in 1990, but rapid infection rates didn't take off until several years later.

Rise of the Hackers

Starting in 1995, viruses were spreading at an alarming pace, starting with the first Microsoft Word-based virus. Eventually, hackers took centerstage. In 1998, an incident known as "Solar Sunrise" occurred, where teenage hackers gained control of hundreds of computer systems used by the military, government, and private sectors. Two years later, other hackers used distributed denial of service (DDOS) attacks to shut down Yahoo, eBay, Amazon and others. In 2001, the Code Red worm was unleashed, infecting tens of thousands of systems and causing around $2 billion in damage. The harm brought about by hacking was becoming very costly.

Increase in Infections

More viruses continued to spread over the following years. In 2006, up to one million computers were infected with the Nyxem virus, which was spread through email attachments. The Storm Worm virus accounted for 8% of all infections only three days after it was released. Other worms and viruses quickly spread-the Koobface virus (spread through email and social media), the Conficker worm (millions infected), and the Stuxnet virus (in development for ten years).

Millions Infected, Billions Lost

Problems continued to spread all over the world. The Heartbleed bug was discovered in 2012, giving attackers access to passwords, communications, and sensitive data. Millions of servers were infected due to this bug. In 2013, hackers were able to infiltrate Target's servers, stealing the personal information of 70 million customers. The cost of the data breach is estimated to be more than $200 million. A few months later, 81 million Yahoo email customers became the victims of cyber criminals. Auction site eBay was likewise hit with a breach, forcing the company to advise its 145 million customers to change their passwords. More recently, Home Depot reported a breach that may end up being the largest computer network breach that a retail company has ever experienced.

It's now a common sight to see a business report a large data breach. According to some of the latest statistics, more than 200 new viruses are being discovered every month worldwide. For this reason, businesses are making security a higher priority, whether it becomputer, IT, or network security. With so much sensitive data now going onto the internet, customers are also urged to use more caution and take preventative measures to secure their information. As this look at the history of computer security threats shows, the need to protect against these risks is greater than ever.

Reference no: EM131615244

Questions Cloud

An important task that faces every it security leader : Presenting an enterprise security plan to senior management is an important task that faces every IT security leader.
Examine web accessibility for a couple web sites : Create a PowerPoint presentation that includes 10-12 slides with voice recording that presents your recommended improvements.
Role that leadership plays in motivating retail employees : Relate the motivation techniques described in the case to those covered in this chapter. What have you tried already? What do you think should still be tried?
Analyze how three-pl services are used in your company : Analyze how 3PL services are used in your company and how these could be or are used to improve the supply chain for your chosen company.
Strategies for managing the processes : Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document.
What is the median lifetime of a light bulb : The time to failure of Easting home light bulbs is Wei bull distributed with v = 1.8 x 103 hours, ß = ½, and a = 1/3 x 103 hours.
Explain what are legal or regulatory factors that team needs : Explain what are the legal or regulatory factors that the team needs to consider for the interns to be employed in the United States?
Determine the best practices or exemplary programs : Select a program area and explore to determine the best practices or exemplary programs operated by correctional systems
What is the median temperature : High temperature in Biloxi, Mississippi on July 21, denoted by the random variable X, has the following probability density function, where X is in degrees_ F.

Reviews

Write a Review

Management Information Sys Questions & Answers

  What is the need or challenge of the organization

What is the need or challenge of the organization? What are potential ways to address that need or challenge? How can it be improved?

  Research the role of social media in the professional world

Research the role and purposes of social media in the professional world and investigate the media presence of a company, political campaign, organization, or governmental agency related to your field of study.

  Create a time-phased budget containing cost estimates

Using Microsoft® Excel® and the project schedule, WBS, and scope statement, create a time-phased budget containing cost estimates. Include direct and indirect costs for labor, machinery, equipment, supplies, and other elements applicable to the pr..

  Keep your organizations is secure

Keeping Information Secure - Describe what you would do as a CIO of an organization to keep your organizations IS secure.

  Retailer profits supplier profits supply chain totalsyou

retailer profits supplier profits supply chain totalsyou are a retailer. you buy a part at the wholesale price of 6.00

  Company''s standards in relation to technology

technology usage policies - Being considered an ethical company by consumers can help a company to increase its market share. How can a company's standards in relation to technology help them to be seen as ethical?

  Plot a graph - trend series and moving averages

Plot a graph: Trend Series and Moving Averages - plot the above data on a graph. Observe any trend, cycles, or random variations?

  Assess the value of touch screen devices

Assess the value of touch screen devices related to human-computer interaction systems

  What is a potential drawback of the given kind of media

What is a potential drawback of this kind of media? What is potential drawback of this kind of media? Describe the experience of participating in this exercise.

  1 analyse one or more strategic problems in a modern

1. analyse one or more strategic problems in a modern business organisation and produce a comprehensive report

  What is your top challenge in identify risk management

Assume you are a project manager managing an IT project. You are a project manager managing an IT project. What is your top challenge in identify risk management? And why?

  Rick auto enterprises rae project planning execution and

rick auto enterprises rae project planning execution and closureyour company rick auto enterprises rae is upgrading its

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd