Information security contemporary issuesIntroductionThe aim of this project is to look at contemporary issues in information security with the purpose of discussing threats and developments that have been witnessed in information security. The report dwells in the technology industry and covers literature review concerning the topic, narrows down on government sector as a case study, and offers recommendations on how the government can address the issue of information security. Information security is the protection of information systems and information against modification, unauthorized access, whether in transit, processing, or storage, and against service denial to users who are authorized.
Information security comprises of those measures which are required to document, detect, and counter such threats (Rössler, 2005). It is made up of communications and computer security. Information security can also be defined simply as the safe-guarding of data in organization from unauthorized modification or access so as to ensure its availability. Information in an organization has to be protected from destruction and disruption. The terms information insurance, computer security, and information security are often applied interchangeably. Literature review: the fundamental security and privacyInformation security professionals have to understand the legal and ethical responsibilities of an organization.
Information security professionals are very crucial in the approach of the organization to managing liability for security and privacy risks. In the modern world that is litigious, laws are duly enforced in civil courts whereby huge damages have been awarded to plaintiffs who bring law suits against firms or organizations. These damages are punitive and widely viewed as deterrent. To reduce risks and minimize liability from physical and electronic threats, and avoid losses from law suits, information security practitioners have the responsibility of thoroughly understanding the prevailing legal environment, be up to date in regard to laws and regulations, and be alert concerning news and emerging issues (Bennett & Raab, 2006).
Through education to the employees and management of an organization on their ethical and legal obligations and the proper application of information security and information technology, security professionals can assist in keeping the organization focus on its objectives. Generally people chose to trade some elements of personal freedom for the course of social order.
The rules that are created to strike a balance between the rights of the individual to self determination and the needs of the entire society are referred to as laws. Laws prohibit or mandate certain behavior and they are derived from ethics. Laws are important when it comes to information security. Boundaries are drawn to indicate the accessibility of certain private or confidential information (Bidgoli, 2006). The same accessibility and speed that results in the remarkable benefits of the computer era can, if not controlled properly, allow organizations and organizations to interfere with computer operations or inexpensively eavesdrop from remote locations for malicious or mischievous purposes, including sabotage or fraud.
Technologies’ ubiquity such as searchable on-line data repositories and wireless communication has resulted into new challenges as far as protection of information and data sources’ privacy is concerned. There is urgent need to come up with new models of confronting these challenges. Enormous effort has been dedicated to these issues in recent years, and a significant activity has been fundamental limits on information privacy and security that assist in guiding the development of new ways for securing wireless networks and making sure that the privacy of online data sources is protected.
Information security has steadily grown over the years and turn out to be very important in the modern times. More professions have been created in the area of information security (Acquisti & Grossklags, 2005). Some of these specialty areas include information systems auditing, security testing, network, application, security and database, digital forensic science, and business continuity planning.