Security Framework in the Modern World - Research Paper Example

Security Framework In this age where the use of computers and networks related to them has become commonplace, there has developed problems concerning the diverse user frameworks that have been created and this has created the need to ensure the security of the said frameworks. This has led to the development of such security frameworks as the ISO 27000 Series which has become an important factor to be considered if individuals as well as organizations and institutions are to be able to protect themselves from malicious people and software from the internet. Most computer network threats come from the internet and are done intentionally because people for malicious intentions develop them. The use of the ISO 27000 Series security framework is, therefore, an endeavor by individuals as well as organizations to protect their information and other digital assets from assaults from the internet. The measures stipulated in the ISO 27000 Series framework measures will involve various steps, the most important of these steps being an individual’s understanding of the different forms of cyber-attacks that they are likely to encounter (Ma, Schmidt and Pearson 58). Once one has knowledge of this, then it is his or her responsibility to ensure that they have put in place the best security system they can get their hands on. There exist diverse types of hazards and these can be regarded as to be of unstable levels and risks to an individual’s personal information in their computers. The higher the possibility of an attack, the more progressive the security system, that is to be put in place to ensure that the threat is minimized. The ISO 27000 security framework activities involve measures to prevent threats ranging from malicious codes, also known as malware and spyware, to computer viruses. Some of these viruses are so serious that they have the ability to erase entire operating systems of computers. These viruses also facilitate hackers to have right of entry to all the data stored in the infected computers, ensuring that they have access to information, which can be used for their own gain. It is necessary for individuals and companies to avoid such invasion into their computer systems by having the best security framework (Serrhini and Moussa 159). Measures taken involve the acquisition of antivirus software that is reliable, frequent checking of software to ensure that they are secure from attacks. The computer software should be updated frequently to assure they are working in full capacity. Thus, it vital for organizations to ensure all departments are conscious of their ISO 27000 security framework because it is not known when a threat is likely to be encountered. Borders have relevance in tackling information security, and looking at borders, domains of various countries interact because they do not have borders, therefore, the domains of a nation will be related to the nation’s willingness to assert sovereignty in the domains. With the detection of threats at the various nation states, it is possible to retain legitimate response actions by the state and this will be an important actor of the border in ensuring they continue being relevant. In cyber space, the territorial borders broadly define sovereignty of a specific nation irrespective of the domain and ability to locate domains physically. Despite the borders becoming insignificant when carrying out legal commerce, they are highly significant when carrying out policing actions of transnational threats. In China, there is a severe internet information security because there is a leakage of information and this requires protection of privacy and other personal data should be strengthened because internet abuse has become unscrupulous. Sufficient protection of private data in China is lacking and this is because of the existence of loopholes in the safety of public information because of ineffective management mechanism (Veiga and Eloff 361). The reasons behind mismanagement of public information are lack of emphasis on information security is incompleteness of the institutions and legal systems. Strategies for information security are insufficient and, therefore, the country should carry out further developments on internet technologies. It is barely satisfactory to carry out general public education but an incorporation of international cooperation is needed. It is vital for all networks to be concerned with the defensive mechanisms of their information systems through a reactive approach that focuses on vulnerabilities and actual threats. This means one has to wait until happens on the internet and then go for the person who is the bad guy. This is easy to manage although it does not guarantee protection of a government’s infrastructure. For instance, if there is a breach of city’s water supply and the amount of chlorine put on the water becomes excess, the best defensive mechanism has to be put in place to prevent people from succumbing to the poisonous water. Organizations should carry on with their operational roles while following guidance on response to cyber incidents. Even though this thought may be good, cyber threats are often not kinetic in nature as compared to other threats taking place in the United States. Therefore, the response by the Defense Department of the United States does not work on incidents of cyber arena. The reason behind the threat not working is that there are difficulties of locating the place and the person committing the offense making it difficult to determine the agency that is responsible for various incidents (Trim 493). If investigations are carried out, lines would be crossed because duplication may occur while information may not be shared, let alone communication, thus there is the need to have clearly defined roles for various government agencies hence the need for the use of the ISO 27000 series. With the presence of 17 infrastructure sectors and each sector with its own federal agency chairs council knowledgeable about its specific sector the use of the ISO 27000 series security framework should not be treated as a separate issue. Therefore, it is not advisable to let the agencies to defend themselves against cyber threats by using the best possible strategy since it is a fact that the benefits of this alternative are scarce and the argument for this is that the organizations are already established hence they can manage their security frameworks internally. There can be strong claims for this argument but what has been put in place is not effective in defending cyber threats, besides this benefits that accrue from continuing with the current infrastructure are few. The setbacks of this alternative are the presence of biasness; lack of coordination, no leadership is present and low security framework prioritization. Most organizations have established their ways which have often not been designed to defend against cyber threats, these organizations have low probability of altering their structures and haw they carry their operations (Nissenbaum 61). Each and every organization has its own visions and missions and they will protect their networks and not those of other organizations, this shows the lack of coordination between organizations. The use of the ISO 27000 Series is important because of the fact that security framework leadership within organizations in the United States was missing, and there had to be leadership accountability in all federal governments, coordination attempts for various agencies since all had failed due to poor resource management. In conclusion, the ISO 27000 Series security framework has been a priority in many individual agencies because most agencies are created to be able to accomplish their own missions making security framework to be viewed as an important factor, which has to be budgeted for to ensure the tackling of information security threats. It is, therefore, necessary for companies to prevent any intrusion into their computer systems by having the best security frameworks. These involve the getting hold of the best software that is reliable as well as regularly checking this software to ensure that they are thwarting attacks. The software has to be repeatedly updated so that there is a guarantee that it is functioning at its full capacity, and this ensures that there is additional security against attack. It is important to ensure that individuals as well as organizations are conscious of their security frameworks because it is not known when a threat is likely to be encountered. The use of such security frameworks as the ISO 27000 series is essential for the development of and preservation of the diverse databases that have come to be heavily relied on all over the world. Work Cited Ma, Qingxiong, Mark B. Schmidt, and J. M. Pearson."An Integrated Framework for Information Security Management."Review of Business 30.1 (2009): 58-69. Nissenbaum, Helen. "Where Computer Security Meets National Security1."Ethics and Information Technology 7.2 (2005): 61. Serrhini, Mohammed, and AbdelazzizAitMoussa. "HOME USERS SECURITY AND THE WEB BROWSER INBUILT SETTINGS, FRAMEWORK TO SETUP IT AUTOMATICALLY." Journal of Computer Science 9.2 (2013): 159-68. Trim, Peter R. J. "Managing Computer Security Issues: Preventing and Limiting Future Threats and Disasters." Disaster Prevention and Management 14.4 (2005): 493-505. Veiga, Dado., and Eloff, Jan. "An Information Security Governance Framework." Information Systems Management 24.4 (2007): 361-72. Read More