The paper "Information Security Contemporary Issues" is a wonderful example of a literature review on information technology. The aim of this project is to look at contemporary issues in information security with the purpose of discussing threats and developments that have been witnessed in information security. The report dwells in the technology industry and covers literature review concerning the topic, narrows down on government sector as a case study, and offers recommendations on how the government can address the issue of information security. Information security is the protection of information systems and information against the modification, unauthorized access, whether in transit, processing, or storage, and against service denial to users who are authorized.
Information security comprises of those measures which are required to document, detect, and counter such threats (Rö ssler, 2005). It is made up of communications and computer security. Information security can also be defined simply as the safeguarding of data in the organization from unauthorized modification or access so as to ensure its availability. Information in an organization has to be protected from destruction and disruption. The terms information insurance, computer security, and information security are often applied interchangeably. Literature review: the fundamental security and privacy Information security professionals have to understand the legal and ethical responsibilities of an organization.
Information security professionals are very crucial in the approach of the organization in managing liability for security and privacy risks. In the modern world that is litigious, laws are duly enforced in civil courts whereby huge damages have been awarded to plaintiffs who bring lawsuits against firms or organizations. These damages are punitive and widely viewed as a deterrent.
To reduce risks and minimize liability from physical and electronic threats, and avoid losses from lawsuits, information security practitioners have the responsibility of thoroughly understanding the prevailing legal environment, be up to date in regard to laws and regulations, and be alert concerning news and emerging issues (Bennett & Raab, 2006). Through education to the employees and management of an organization on their ethical and legal obligations and the proper application of information security and information technology, security professionals can assist in keeping the organization focus on its objectives. Generally, people chose to trade some elements of personal freedom for the course of social order.
The rules that are created to strike a balance between the rights of the individual to self-determination and the needs of the entire society are referred to as laws. Laws prohibit or mandate certain behavior and they are derived from ethics. Laws are important when it comes to information security. Boundaries are drawn to indicate the accessibility of certain private or confidential information (Bidgoli, 2006). The same accessibility and speed that results in the remarkable benefits of the computer era can, if not controlled properly, allow organizations and organizations to interfere with computer operations or inexpensively eavesdrop from remote locations for malicious or mischievous purposes, including sabotage or fraud. Technologies’ ubiquity such as searchable on-line data repositories and wireless communication has resulted in new challenges as far as protection of information and data sources’ privacy is concerned.
There is an urgent need to come up with new models of confronting these challenges. Enormous effort has been dedicated to these issues in recent years, and a significant activity has been fundamental limits on information privacy and security that assist in guiding the development of new ways for securing wireless networks and making sure that the privacy of online data sources is protected.
Information security has steadily grown over the years and turn out to be very important in modern times. More professions have been created in the area of information security (Acquisti & Grossklags, 2005). Some of these specialty areas include information systems auditing, security testing, network, application, security and database, digital forensic science, and business continuity planning.
Acquisti, A. & Grossklags, J. (2005). Privacy and Rationality in Decision Making, IEEE Security and Privacy, 3(1): 26–33.
Bennett, C. J. & Raab, C. D. (2006). The Governance of Privacy: Policy Instruments in Global Perspective. MIT Press, Cambridge.
Bejtlich, R. (2004). The Tao of Network Security Monitoring: Beyond Intrusion Detection. London: AddisonWesley.
Bidgoli, H. (2006). Handbook of Information Security, Key Concepts, Infrastructure, Standards, and Protocols, New York: John Wiley and Sons.
Gifford, N. (2009). Information Security: Managing the Legal Risks, Sydney: CCH Australia Limited
Fitzgerald, T. (2012). Information Security Governance Simplified: From the Boardroom to the Keyboard, Melbourne: CRC Press.
Rössler, B. (2005).The Value of Privacy. Polity: Cambridge.
Whitman, M.E., Townsend, A.M., & Hendrickson, A.R. (1999). Cross National Differences in Computer-Use Ethics: A Nine Country Study, The Journal of International Business Studies, 30 (4): 673–687.