Chief Security Officer - Assignment Example

Chief Security Officer Introduction The issue of security is a primary concern in all developmental plans. In essence, before establishing an enterprise or an institution, it is necessary to ensure that effective security mechanisms are put in place. The problem of insecurity has been very controversial in present days among the institutions of high learning (Casey, 2011). The diversity of the education system and the increased use of the modern technology facilities in education has resulted in numerous security threats. Among the most dangerous security concerns that have emerged as a result of the use of modern technology is the computer crime, commonly referred to as cyber-crime. Computer crime cab be described as any unlawful activity involving a combination of a network and a computer. Some examples of computer crimes include hacking, pornography, copyright infringement and many others. In essence, the issue of computer crime has elicited heightened debates among heads of various institutions of higher learning. As a chief security officer in the institution I have to establish effective strategies that prevent the occurrence of computer crimes and mitigate any losses that might be suffered in case a cyber-crime occurs. Strategies by other institutions of higher learning The neighboring institutions of higher learning have established various measures to curb the problem of computer crime. In essence, from the available studies, it can be affirmed that the challenge of cyber-crimes affects many institutions of higher learning across the US. In this regard, the ministry of education in conjunction with the various institutions of higher learning have initiated several strategies to handle the problem of cyber-crime. In essence, most institutions have established backup information systems to ensure that important information is not lost to cyber-crime. Maintaining an information backup system has proved to be one of the effective strategies for handling the problem of computer crime. Essential a backup system ensure that the stored information is not lost through computer viruses or other computer related malfunctions. Essentially, it is imperative to identify that the problem of computer crime is quite diverse. For instance, one of the mechanisms employed to execute computer crime is the use of viruses. The viruses are spread through the various websites found on the internet including emails. Apparently, the people who conduct computer crimes share some links on the websites and send some random links containing viruses to people’s email. Following such links transfers the virus to the device being used, and this might result in loss of the stored data in the device (Nemati, 2008).In this regard, the use of data backup systems has shown reputable outcome in securing important data from viruses. In essence, many institutions of higher learning have confirmed that establishing efficient data backup structures is an essential tool for fighting computer crime. The neighboring institutions of higher learning have invested heavily in reliable antivirus programs. In essence, antivirus programs aid in detecting virus from the internet and in most cases give warnings about insecure website. Gelbstein et al., (2004) states that the use of antivirus is an effective measure of curbing the increased case of cyber-crime. However, studies have shown some antivirus used are not strong enough to repair the damages that result from virus effects. In this regard, institutions are advised to assess the credibility of an antivirus before implementing its usage. Moreover, it is important to identify that some antiviruses can be harmful to the computer system of an institution. For this reason, it is crucial to choose an antivirus that is compatible with the computer system of an institution. In essence, an analysis of the mechanisms employed by other institutions of higher learning to counter the problem of computer crime reveals that it is a costly investment. It is quite clear that the security of important document in the institutions of higher learning should be put before all other things. Insecure handling of important documents such as students’ transcripts might lower the quality of education. In essence, the credibility of the certificates offered by an institution is quite important in assessing the quality of education. Some cases of students hacking the systems and manipulating results have been reported. Documents regarding student marks and certification should be put under tight security to avoid hacking. Some institutions have established teams of competent IT experts to monitor data storage and possible threats. The IT experts concentrate on researching the emerging computer crimes and devising the appropriate remedy to address such issues. In essence, the use of teams of experts has been practiced by various institutions. Studies have shown that computer experts are useful when it comes to the fight against computer crimes. The institutions that have used teams of experts to secure their systems have confirmed that the threat of computer threat has been brought under control. Therefore, it is important for learning institutions to make good use of the available computer experts to enhance security of documents and credibility of students’ results. Recommendations There are many strategies that can be enforced to prevent and manage computer threats in the institutions. Some of the methods that can be used to curb and manage the issue of computer crime are discussed in the subsequent paragraphs. Apparently, it is imperative to identify that the strategies employed in the fight against computer crime can be very expensive. In addition, the fight against computer crime is an issue of global concern and, therefore, should not be assigned to just a few individuals. In essence, both the public and private institutions should join hands in the fight against cyber-crime. The institution has unlimited options that it can use to combat the challenge of cyber-crime/computer crime. The institution should establish a team of experts whose tasks would include regulating access to certain documents. The team should ensure that the employees of the organization access documents that cannot be easily manipulated. In essence, many cases have been reported where the members of staff of some institutions of higher learning collude with students to hack the computer systems with the aim of accessing confidential information. Moreover, several studies reveal that the finance departments of various institutions have been hit hard by the problem of computer crime. Therefore, regulating the access to critical information about the institution is unavoidable. Actually, establishment of a team of experts is inevitable for the institution. Additionally, the institutions should ensure that the established team of experts monitor the creation and usage of passwords. Appropriate use of passwords can be a useful strategy to fight and mitigate computer crime in the institution. When creating passwords, it is advisable to avoid common words or phrases. The institution should install a reliable antivirus program for all its computer systems. In most cases, hackers use antiviruses to access important information from an organizations system. In this regard, the institution should use the most effective antivirus software to secure its computer systems from hackers. However, a reliable antivirus program will cost the institution approximately $10000 dollars per year. Moreover, restructuring of the computer system to accommodate the antivirus software is likely to cost the institution approximately $7000. Therefore, the institution should be prepared to spend enormous resources to enhance security of document and reliability of the stored data. In essence, some staff members might higher computer experts to hack the systems and distort the stored data. Such an act may soil the reputation of the institution and thereby affect the career lives of the graduates of the institution. The institution should partner with the law enforcement officers to facilitate rapid response to computer crime. The law enforcement officers such as the FBI have modern technology facilitates that can track the source of computer crime. In this regard, any threats of computer crime should reported to the law enforcement officers to facilitate rapid response. Research has shown that the police force is working with a variety of computer experts across the US to aid in the fight against the increasing cases of computer crime. Essentially, the institution should recognize that fighting the computer crime as a single party is a losing battle. Therefore, partnering with law enforcement officer is a notable milestone towards the end computer in the institution and across the US. Consequently, the institution should liaise with other institutions of higher learning to fight computer crime. In essence, working with other institution can aid in identifying what is missing or what requires to be improved to mitigate computer crime from taking place. ` Several laws have been established to facilitate execution of those found guilty of committing computer related crimes. Both the federal and the state government have been very active in establishing laws that provide the way forward in case a computer crime is identified. Actually, computer crime is treated just like any other crime and the accused can serve many years in jail. Essentially. The jail term for people found guilty of committing computer crime has been extended, and the associated fines increased to deter those wishing to commit the crime from doing so. Some of the various legislations that have been enacted to curb computer related crimes include: The Electronic Communications Privacy Act The legislation was enacted in the year 1986 to amend the Federal Wiretap Act to counter the increasing cases of data insecurity as a result of improved technology (Easttom & Taylor, 2010). The law covers all unlawful interferences of wire communications. The law also protects private messages from an individual’s communication device. In this case, unauthorized access to a person’s private computer messages is a federal crime punishable by law. However, the law gives immunity to Internet service providers to access private messages when maintaining services or protecting the systems against threats. The law permits certain government organs to obtain permission to access electronic communication. In essence, the government may need information from electronic communication to prosecute a criminal in a court of law and, therefore, the internet service providers are required to give the information’s once requested by court. Basically, the ECPA has been amended a series of times to enhance compatibility with emerging trends and the changing need of the society. Identity Theft and Assumption Deterrence Act (ITADA) The law was enacted in 1998 to protect victims who suffered due to use of false identity. The law is designed to address the issue of using someone else’s identity to transact business or any other activity. The act illegalizes identity theft and gives the courts the authority to evaluate the damages or losses experienced by consumers. Therefore, use of a false identity in whatever situation constitutes a federal offense that is actionable under a court of law. The Act provides that the person who suffers a loss due to use of false identity by another person should be compensated. In fact, use of false identity is treated as criminal activity. It is imperative to identify that altering an individual’s name by one letter or a number amounts to identity theft. In essence, people should be cautious about spelling their names to avoid falling on the wrong side of law. It is usually advisable to report incidences of identity theft as soon as possible to facilitate immediate response by the relevant authorities. Technology to gather electronic evidence There exist numerous technologies that can be used to gather electronic evidence. For instance, the use of log records is an effective way of obtaining electronic evidence. Log records are of various and aid in retrieving information regarding computer usage. The costs involved for the use of record logs are affordable to the institution. Conclusion The security of important documents in learning institutions is a crucial factor that should never be ignored. The chief security officers serving in the institutions of higher learning should establish measures that enhance reduced cases of cyber-crimes. Actually, the security teams should be vigilant on matters of computer crimes since occurrence of such crimes might result in huge losses. However, the management should provide the chief security officer with all the necessary resources to facilitate establishment of reliable security structures. In summary, computer crime remains a major threat to the institutions for higher learning and, therefore, all relevant bodies should join hands in fighting this giant. References: Casey, E. (2011). Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet. Burlington: Elsevier Science. Easttom, C., & Taylor, J. (2010). Computer crime, investigation, and the law. Boston, MA: Course Technology, a part of Cengage Learning. Gelbstein, E., Kamal, A., UN. ECE. ICT Task Force. & UNITAR. (2004). Information insecurity: A survival guide to the uncharted territories of cyber-threats and cyber- security. New York: UN ICT Task Force. Nemati, H. R. (2008). Information security and ethics: Concepts, methodologies, tools and applications. Hershey PA: Information Science Reference. Read More