Managing information risk and security - Essay Example

Download file to see previous pages Information technology and systems have provided companies and organization such exceptional innovation in data and information management deemed essential for organizational capacity development and corporate business strategizing. However, as much as it has fared sophistication in this knowledge-based economy, organizations have likewise put up imperative measures to safeguard critical IS assets from system abuse and misuse by constantly upgrading and installing firewalls, anti-virus, use of encryption keys, protectors, use of comprehensive monitoring system, and of scaling control from access. IT-based corporation has also made it as standard policy to restrict employees from breaching organizational rules and requirements in the use of information systems and security policy (ISSP) to ascertain that their behaviours are also aligned on the need to secure company’s database. This paper will qualitatively discuss the importance of managing information risk and security using peer-reviewed journals and books from online sources. Researcher will attempt to bridge the theoretical constructs to advance the need of improving security management control to attain, prevent and protect internet systems from security threats and from cyber-criminalities. Recent research pertaining to internet study depicted information of data theft and establishment of malicious code to steal confidential information (Symantec Corporation, 2007). Most of these breached in the system were undertaken with gross negligence of employees in safekeeping the system. Computers and servers left open and accessible to those who have variant interests may make use of data base and information for negative actions. As IT has influenced business and government system in discharging their functions, the risks too doubled with the increasing number of hackers and cyber criminals. Cybercriminals refer to those web-based activities that include illegally downloading music files, stealing of millions of money from bank accounts, creating and distribution of viruses on other computers, and posting confidential information on internet, including sex videos that are illegally taped. The most modern form of cybercrime is identity theft where criminals use personal information from other users, including pictures. This is known technically as phishing and pharming (Techterms, 2013, p. 1). Criminals use others information to attract other users to fake websites appearing to be legitimate and where personal information are asked, such the use of usernames and passwords, phone numbers, addresses, credit card numbers, bank account numbers, and other information criminals can use to "steal" another person's identity (Techterms, 2013, p. 1). Many of this information are circulated on emailing system, thus, thousands are victimized and were unfortunately advantaged by those who are unscrupulous in using technology (Techterms, 2013, p. 1). Easy preys are those people with computers lacking antivirus and are bereft of spyware blocking software (Techterms, 2013, p. 1). Cases of Cybercrimes Some of the cybercrimes are also undertaken to embarrass governments due to resource-based conflicts with other nations. In effects, a number of government websites are defaced by group of hackers to embarrass the IT security management of the state and to ...Download file to see next pagesRead More