StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Information Security - Essay Example

Cite this document
Summary
Determining an appropriate level of information security is often complicated by the fact that different professionals, be they general managers or IT specialists, often perceive security needs through a different set of priorities. Security specialists often see complexity and increasingly secure systems as a desirable business practice (Angus, 2007; Miller, 2005) whereas general managers are more likely to view information security practices within a larger business context…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.1% of users find it useful
Information Security
Read Text Preview

Extract of sample "Information Security"

Download file to see previous pages

There is also a vast body of empirical evidence that demonstrates that general managers ought to be much more involved in the formulation and implementation of information security because they are more able to assess particular types of risks, more attuned to cost-benefit considerations, and better able to integrate information security into a business organization's larger structure than narrow-minded security specialists (Lacity, 2005). In order to more clearly elaborate how organizations should approach information security issues, this essay will discuss how businesses should strike a balance between information security and information sclerosis and what professional competencies ought to oversee information security policies, procedures, and practices.

As an initial matter, it should be noted that information security can be neglected by business organizations (National Institute of Standards and Technology, 1998) as well be over-hyped and made far too complex for complete use (Angus, 2005; Miller, 2005). The most prudent course of action, to be sure, is neither a zero-information security policy nor a systemic approach that is too complex (Angus, 2005) or too expensive (Lacity, 2005) for the organization's needs. A balance needs to be struck.

Commenting on a study carried out by the GAO, the National Institute of Standards and Technology established a viable framework for promoting good practices for information security programs; this framework deals with risk assessment, the taking steps to reduce risk, and the creation of a central management group devoted to these risk management functions. This section will address good practices as they pertain to risk assessment and tailoring an information security policy to organizational goals and to remain cost-effective.

The essence of an effective risk assessment procedure is not to assume that every conceivable risk can be planned for, but instead to identify steps to reduce the treat of potential risks to levels that are deemed acceptable (Workstation Services Support Group, 1998). This notion of acceptability is crucial to any cost-benefit analysis involving an information security system. The first step is to create a recognition that an organization's informational resources are valuable assets in need of protection.

This means creating a pervasive organizational understanding about security risks, new security threats and the procedures for keeping workers informed. The second step is to draft and implement risk assessment procedures which incorporate the information security system into the larger business structure. This means treating information security as a business concern just as much as a technical matter for IT specialists. The third step requires holding individuals accountable for information security issues.

This is important as it eliminates the possibility of passing responsibility on to security specialists and demands a comprehensive approach to information security. The fourth and final step requires that security risks be monitored and

...Download file to see next pages Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Security Essay Example | Topics and Well Written Essays - 1000 words - 1”, n.d.)
Information Security Essay Example | Topics and Well Written Essays - 1000 words - 1. Retrieved from https://studentshare.org/miscellaneous/1522663-information-security
(Information Security Essay Example | Topics and Well Written Essays - 1000 Words - 1)
Information Security Essay Example | Topics and Well Written Essays - 1000 Words - 1. https://studentshare.org/miscellaneous/1522663-information-security.
“Information Security Essay Example | Topics and Well Written Essays - 1000 Words - 1”, n.d. https://studentshare.org/miscellaneous/1522663-information-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information Security

The US Department of Veterans Affairs

Information Security Program Survey: US Department of Veterans Affairs (VA) Executive summary The United States Department of Veterans Affairs (VA) is government powered departmental system for providing services for the wellbeing of military veterans, their families, and survivors.... Recently, the VA has implemented the Continuous Readiness in Information Security Program (CRISP) to enhance the privacy of information about Veterans and their families.... This Information Security program greatly fits the VA's FY 2010-2014 strategic plan because this program notably contributes to value optimization and stakeholder satisfaction....
4 Pages (1000 words) Essay

Common Information Security Threats

Common Information Security Threats Introduction The purpose of computers and other network systems is to facilitate information exchange; today, organizations are managed using computer network.... At the present, organizations face a number of security threats (Whitman, 2003), this paper explores the Information Security threats facing Apple Inc.... Information Security threats According to Grimes (2012), the threats in terms of Information Security faced by Apple Inc include: The threat on data Attackers today have invented mechanism to alter data, this involves the data the company utilizes internally....
3 Pages (750 words) Essay

Information Security Risks

This paper ''Information Security Risks''  objectives are the identification of the Information Security threat to contemporary global financial organizations.... The Information Security requirements that these frameworks have is going to be researched and any an attempt to assign it to the general categories of Information Security risks will be made to facilitate an easier management  Methods: We performed multiple literature searches on several areas of pertinent research and undertaken interviews and survey questionnaire in order most he relevant up-to dictate informal-to adults “Achieving Information Security is extremely complicated and requires the combination of technical resources and management procedures....
8 Pages (2000 words) Essay

Technology of Information Security

However, the most commonly used scenarios TECHNOLOGY OF Information Security Technology of Information Security Affiliation At the present, the majority of business organizations use a distributed computing environment to store their data and information.... I have presented below three Information Security technologies:1.... EncryptionSecond Information Security technology that I have chosen is the encryption technology.... In addition, all of the above discussed situations come with a variety of security problems to consider....
2 Pages (500 words) Essay

Controls for Information Security

The present essay entitled "Controls for Information Security" concerns the way of controlling Information Security.... According to Romney, Information Security affects information systems reliability by ensuring that malicious threats do not cause downtime.... hellip; Users require accurate data that the Information Security must protect from loss or theft by third parties.... The other way that Information Security affects information systems reliability is the protection against data failure....
2 Pages (500 words) Essay

Information Security Plan

nbsp;  Organizations are created by people, buildings and procedures, and these three ingredients can perform well only if they are assure of their security.... From the exchange of information for communication purpose to the exchange of secrets pertaining to the security of countries, cyberspace has become the medium of choice for everyone.... With the introduction of information technology, the risk of all above mentioned factors have increased....
15 Pages (3750 words) Case Study

Key Information Security Issues

This case study "Key Information Security Issues" presents the case scenario of Jack Doe that represents most of the internet users who are unaware of the presence of online attackers.... Furthermore, it demonstrates the usefulness of Information Security in an organization.... At times the acronym CIA is used regarding Information Security to refer to confidentiality, integrity as well as the availability of data.... With that, this report will detail key Information Security issues concerning Jack's handling of his work information, associated attacks, risks, impacts of attacks, countermeasures, and mitigation effects of the countermeasures....
8 Pages (2000 words) Case Study

Information Security Concept Map

… The paper "Information Security Concept Map" is a great example of a term paper on information technology.... Information Security ensures the integrity, availability, and privacy of data is protected.... The paper "Information Security Concept Map" is a great example of a term paper on information technology.... Information Security ensures the integrity, availability, and privacy of data is protected.... The primary function of Information Security is to prevent unauthorized access, disclosure, or modification of information in order to maintain reliable and timely access and use....
7 Pages (1750 words) Term Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us