Institutions of higher learning are increasingly using Information and Communication systems in administration, teaching, learning and research. This infrastructure needs to be available, secure and well protected. It therefore becomes crucial for information security practitioners in public universities to implement effective information security programs. Information security focuses on technological issues and important elements of an organization such as people, process, business strategies etc., which also mandates the need for information security. A comprehensive security framework incorporates three basic components: people, technology, and process. When correctly assembled, the people, technology, and process elements of an information security framework work together to secure the environment and remain consistent with an institutions business objectives. (Mark, C.A. Wiley & A. John Wiley, 2011)
Figure 1: Concept of People, Process and Technology
Attacks upon information security infrastructures have continued to evolve steadily overtime making the management of information security more complex and challenging than ever before (Deloitte East Africa, 2011).
Information security management systems should be implemented, maintained, monitored and reviewed regularly to ensure their effectiveness. This is according to the best practices in information security. (Amason and Willet, 2008). Information management System’s failure is very critical and would lead to losses for a university. For example, the failure of the integrated Financial Management System could lead to the process of admission of students and recruitment of new staff coming to a standstill as this system crucial. Failure of examination systems that p...
... middle of paper ...
...rol security measures. Mwakalinga hence concludes that security frameworks should be aligned with the major information systems security standards and mapped with reported ICT crimes cases. Beaudin (2015) further notes that these Colleges and universities require information security policies in place, and breach response plans to ensure that they will decrease their potential liability in the event of a breach. Ellucian (2013) confirms that cyber-attacks on colleges and universities now account for some 17 percent of all data breaches, second to the medical industry. The rise in data breaches and cyber-attacks on universities and colleges in frequency and sophistication shows there is need to investigate the current information security implementation. The study therefore seeks to assess information security system implementation in public universities in Kenya.
Whitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.
Australia is dependent on technology, everything from state security, economics and information collaboration is more accessible resulting in an increased reliance on digital networks. The rapid increase in cyber activity has a symbiotic relationship with cyber crime. The evolving nature of cyber crimes are constantly leaving counter measures obsolete in the face of these new technologies. Australia takes insufficient action against cyber crime, inaction is based on Australia’s previous focus on counter-terrorism. This study will use the Australia’s National Security Strategy 2013 to show the increasing trend towards cyber security. Unfortunately the Australia Government is lacking in the presence of this growing phenomenon. Recently cyber crimes including attacks from Anonymous and Wiki-leaks prove that no network is completely secure. This study will conclude that the exponential growth of the Internet has resulted in an inability to properly manage regardless of the governmental strategies being implemented.
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
An online predator is a person who takes advantage of children and teenagers by using the anonymity of the internet to expose children to sexually explicit content, and seducing them into inappropriate relationships with the predator.
We live in a technologically saturated world. Everyone is connected to one network or another by any number of devices, so that begs the question: “Just how secure are those connections?” Earlier this year, headlines were made when a hospital in California (and several others in other states shortly thereafter) had its network system hacked; its files and patient information encrypted and held ransom. To gain access to their own files, the hospital paid the hackers for the encryption key so that they could continue providing their patients with the much needed medical care they were seeking [1]. More recently, it was reported that over 6,000 online stores had malicious code, designed to steal and store credit card information, hidden within
What concerns the government of the United States most is the security of the critical infrastructure from the cyber threats. The nation is depending heavily on the technology in most of its critical sectors to keep it up and running. Thus, this makes its more vulnerable to cyber-attacks from outsiders and insiders. Therefore, its protection must be a priority.
White House (2000). Defending america’s cyberspace: National plan for information systems protection: Version 1.0: An invitation to dialogue. The White House, Washington, DC: author. Retrieved from https://www.fas.org/irp/offdocs/pdd/CIP-plan.pdf
The ability to conduct warfare through technological methods has increased information security awareness and the need to protect an entities infrastructure. Subsequently, cyber warfare produces increased risk to security practitioners that employ technology and other methods to mitigate risks to information and the various systems that hold or transmit data. A significant risk to information lies in the conduct of electronic commerce, hereinafter called e-commerce. E-commerce is the purchasing or selling of goods and/or services through the internet or other electronic means (Liu, Chen, Huang, & Yang, 2013). In this article, the researcher will discuss cyber warfare risks, present an evaluation on established security measures, identify potential victims of identity theft, and present an examina...
Introduction The world is affected by the rapid innovation of technology. The technology helps to transform an idea into a reality which affects the daily activities of an individual and organization. It also affects the interaction among individuals by communicating with each other. The IT auditing and information security system is gaining more significance today as being one of the major element of Information Technology. Therefore, organizations are investing more time and effort to provide the best IT infrastructures in society, universities, schools, businesses, hospital, and other government sectors which focuses on the use of IT auditing to maintain the security and protection of their IT systems.
This report aim to explain how is achieved risk control through strategies and through security management of information.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.
Millions of people around the world use computers and the internet every day. We all use it in school, work even at home, computers have made us life easier, it has brought so many benefits to the society but it has also brought some problems and cybercrimes is one of them. “The times have really changed,” said Greg Garcia, the department’s assistant secretary for cyber security and communications. “We’re seeing now phishing, farming, botnets … war dialing and domain server spoofing. And we’re seeing coordinated cyber-attacks against nation states.” (Fowler 5) Cybercrime is one of the most prevalent and most popular rising crimes being committed today. This is criminal activity done using computers and the Internet. There are millions victims around the world everyday who face these problems. Most people become victims of these at one time or another, but there are ways to avoid or deal with cybercrime by protecting yourself appropriately. I also was one of those victims who faced a similar problem. This unfortunate truth forces me to understand that computers and the Internet have made our lives easier in many ways. However, it is unfortunate that people also use these technologies to take advantage of others through identity theft, hacking attempts, and malicious use of software.
Taylor, R.W., Caeti, T.J., Loper, D.K., Fritsch, E.J. & Liederbach, J., 2006, Digital Crime and Digital Terrorism, 1st Edition, New York: Pearson Education, Inc.
Every now and then we will hear news of companies getting hacked, government websites being defaced, customers’ information being leaked out and other various computer crimes all over the world.
...ng to many individuals who have suffered from hacking, phishing, scams, identity theft, fraud etc. Computer crime describes a very broad category of offenses, which include anything that requires an electronic device or the Internet. Cybercrime is now a global issue and it has a major impact on every individual or business that interacts with technology and the World Wide Web. When important information is stolen, not only are individuals at risk of becoming part of greater crimes but it can also affect an entire country when its national secrets are stolen. In the end I may conclude that computer crime is a dangerous crime that all individuals should be aware of due to the many devastating results it can cause. Cybercrime cannot be stopped due to the high levels it has reached, but immunity can be used to keep safe from it or at least keep individuals less at risk.