Achieving Business Information Security in Cyberspace
According to Pesante (2008) there are three basic security concepts that are important to information on the Internet. Those are: confidentiality, integrity, and availability. In addition, she indicates that there are three additional concepts relating to the people who use information which are authentication, authorization, and nonrepudiation. Please read the full article that explains these concepts.
Pesante, L. (2008). Introduction to Information Security. Retrieved from the World Wide Web on 05/20/09 from http://www(dot)us-cert(dot)gov/reading_room/infosecuritybasics.pdf
Solutions to achieve information security are multi-faceted and require collaborations from multi-parties. It is not easy to assure information security, such as in the dimensions mentioned above. The following article broadens one's views on security. Even though it focuses on the protection of infrastructure, one can learn from its methods of approaching security to solve other kind of security problems. It is a long article. You don't need to read word-by-word. Please focus on the key concepts.
White House. (2009). Cyberspace Policy Reivew: Assuring a Trusted and Resilient Information and Communications Infrastructure. White House.
The following essays are much shorter and easier to read. They offer different perspectives and especially with unique views on the role of the government.
Schneier, B. (2012), The Big Question: Bruce Schneier. February 2012.
Gonsalves, A. (2012), RSA 2012: Three Greatest (and Surprising) Internet Security Dangers, CRN.
Case Assignment:
Prepare a 3-4 page paper addressing the question:
"How to Achieve Business Information Security in Cyperspace?"
Assignment Expectations:
Use information from the modular background and case readings as well as any good quality resource you can find. Please cite all sources and provide a reference list at the end of your paper.
The following items will be assessed in particular:
- Your ability to consolidate ideas from reading materials.
- Your demonstration of your understanding of various dimensions of IT securities and available IT security solutions.
- Your ability to apply your understanding in national security policy in cyberspace to a business or an organization.
Name
Institution Affiliation
Course
Date of Submission
Introduction
In the day to- day life activities and economic vitality, security on business information is dependent upon on a safe, stable and resilient cyberspace. Today, many people and not only those in the business sector have come to rely on this vast array of networks in cyberspace in communicating, travelling, running businesses and the economy, powering homes and for other services. However, cyber space attacks and intrusions have dramatically increased at an alarming rate and therefore, disrupting essential operations, threatening the security of business operations as well as negatively affecting the economy in general (Guttman, and Swanson, 2008).
Cyberspace security threats are in various forms and each type has its seriousness level that also requires different solution levels. The higher the level of the threat posed, the more complicated the strategy to be deployed in implementing safety measures in protection of cyberspace. For instance, the threats may in the forms of a more simpler malevolent codes identified as spyware and malware to serious viruses that can severely damage the whole contents in a computer. Further, there are cyberspace hackers who are able to access the computer and utilize or temper with personal information and data for ulterior motives. These are some of the dangers, which business entities need take into consideration and address them accordingly in order to achieve cyberspace security. Essentially, cyberspace security involves taking measures to keep documents and data from any unwarranted intrusion (Gonsalves, 2012). In the subsequent part, we will evaluate on how we can achieve business information security in cyberspace.
How to Achieve Business Information Security in Cyberspace
In this age of technological advancement, a business entity with no network is typical of a city without roads. Businesses including small ones have seen the need to incorporate information systems and connections to facilitate their day-to-day operations. Businesses rely on information systems for various reasons including customer service, database and communication. Organizations are both morally and lawful required protecting their customer’s data and information at all costs. The financial information safeguard regulation requires companies to come up with an information security plan in written form which describes how they will protect consumer information. This plan ought to be in relation to the complexity, nature, size and scope of the business operations (MacLean, and Kimball, 2008).
Among the measures that an entity can use to achieve cyberspace information security is to establish management governance in their IT systems. These governance management systems should define who harbors the right to decisions and input in specific domains. Further, these governance arrangements should be extended to incorporate security. The security policy domain established by the organizational management also ought to include acceptable and unacceptable behaviors ...