A New Paradigm Of Information Management

The proficiency and efficacy of the cyberspace in its application in accounting, finance, system designs, manufacturing etc., cannot be denied nor neglected. The reality of the twenty-first century is simple; no organization can survive without the adoption and implementation of the mechanism of information technology to their area of business. On the contrary perspective, there are several challenges that are associated with the cyberspace, among which is majorly cyber security. Recently the hackers’ activity has really skyrocketed and has become a major concern for organizations, states and federal governments and even international organizations. Several regulatory schemes are put in place to mitigate the activities of hackers across the globe.

In today’s IT world every organization has a responsibility to protect the information and sensitive data they have. Protecting data is not only responsibility of security and IT staff but every individual is involved in protecting the information. The risks to information security are not digital only, but it involves technology, people and process that an organization may have. These threats may represent the problems that are associated to complex and expensive solution, but doing nothing about these risks is not the solution.

Any enterprise has to pay special attention to computer security. Computer security is a field that is concerned with the control of risks related to computer use. A primary focus should be on the external threats to the computing environment. In enterprise with branches cross country, it is important to allow information from "trusted" external sources, and disallow intrusion from anonymous or non-trusted sources. In a secure system, the authorized users of that system are still

Information security enabled by technology must include the means of lowering the impact of intentional and unintentional errors entering the system and to prevent unauthorized internally or externally accessing the system  actions to reduce risk data validation, pre-numbered forms, and reviews for duplications. It is crucial that the mission plan include the provision of a disaster recovery and business continuity plan. On the other hand, there is much more intrusion activity today than ever before. Obviously, there is an increased concern for attacks through companies’ network in an effort to either commit malice or affect the integrity of an organization’s most valuable resource. Therefore, it is important that companies do not get complacent in their IT infrastructure security. The fact of the matter, there is no perfect system; however, it behooves organizations to protect their information by way of reducing threats and vulnerabilities. Moreover, Whitman and Mattord (2010) said it best, “because of businesses and technology have become more fluid, the concept of computer security has been replaced by the concept of information security. Companies

Computers have become part of our daily complex lives; we depend heavily on computers to help break our complicated lives down. Most people now prefer to do things the digital way and so does companies. Most of trading (buying and selling) is now online which requires computers. In order to satisfy our hunger for digital living, there is a need for technology called the operating system to carry out the activities we require our computers to do. Computers and technology come in different forms and sizes and due to the capitalistic nature of our economy everyone is allowed to come up with their own form of computer and even the technology to run it. In recent years’ companies have gained interest doing business digitally and since software have become easier to write or code, it is also vulnerable- easy for programmers to access and exploit called hacking. Hackers are unapproved clients who break into a technological framework, change or decimate data, frequently by introducing hazardous malware without the insight and assent of the host company. Companies are now at risk of losing much more than money by doing business the digital way. It is in this view that the Security Exchange

Research Objective: The main theme of this research paper is to protect sensitive information that any organization or business possess. With community’s increasing reliance on information systems and technology there is scope for security breaches, more likely to happen. Not only monetary loss it can create damage to information assets that has sensitive data. To secure these assets from any internal or external damage organizations has to follow proposed rules and guidelines. Also security responsibilities

While all of these technologies have enabled exciting changes and opportunities for businesses, they have also created a unique set of challenges for business managers. Chief among all concerns about technology is the issue of information security. It seems to be almost a weekly occurrence to see a news article about yet another breach of security and loss of sensitive data. Many people will remember high profile data breaches from companies such as T.J Maxx, Boston Market, Sports Authority, and OfficeMax. In the case of T.J. Maxx, a data breach resulted in the loss of more than 45 million credit and debit card numbers. In many of these incidents, the root cause is a lack of adequate security practices within the company. The same technologies that enable managers can also be used against them. Because of this, businesses must take appropriate steps to ensure their data remains secure and their communications remain

The purpose of this security plan is to elicit the potential threats to an organisation physical and electronic information holdings. Organisations in general are starting to take information security more sincerely due to the proliferation of mobile services, VPN connections, terrorism and natural disasters. We must however acknowledge that this very technology advancement is regarded as efficient but is also leading to a higher level of security risks. These risks must be mitigated to ensure the confidentiality, integrity, and availability of information assets. (The SANS Institute. 2007)

The use of information technology in business presents major security challenges, poses serious ethical question, and affects society in significant ways. Especially, the computer crime is a growing threat to society and is caused by the criminal or irresponsible actions of individuals who are taking advantage of the widespread use and vulnerability of computers and the Internet and other networks. It presents a major challenge to the integrity, safety, and survival of most business systems.

Technological advances have been exploding in the past few years at an astounding speed. Gone are days of dial up internet access and waiting to download files that took hours. The technology today will allow a person to send and receive information in seconds. Smart phone technology has virtually replaced the need for a desk top computer or even a laptop. The invention of touch screens for computer and cell phones allows the user to eliminate the keyboard and use a finger or a stylus pen (O’ Brien & Marakas n.d.).

“The protection of an organization’s information assets relies at least as much on people as on technical controls, but technical solutions, guided by policy and properly implemented, are an essential component of an information security program.” (Whitman, 2012, p.293). The System/Application Domain is the most valuable resource within the seven domains of a standard IT infrastructure. In fact, it can be intellectual property, private customer data or national security information. Data is what attackers seek deep within an IT system. Truly, safeguarding this information is the goal of every organization as loss of data is the greatest threat in the System/Application Domain. The more important the data, the more secure and encrypted it

Safety of information is the most valuable asset in any organization particular those who provide financial service to others. Threats can come from a variety of sources such as human threats, natural disasters and technical threats. By identifying the potential threats to the network, security measure can be taken to combat these threats, eliminate them or reduce the likelihood and impact if they should occur.

“In today’s competitive business environment, information is the lifeline of many organisations. It should therefore be protected, secured and managed accordingly” (Broderick, 2001; Finne, 2000; Posthumus and Von Solms, 2004; Squara, 2000, cited in Kritzinger & Smith, 2008). The protection of that value information is called ‘information security’. Its primary goal is protect the information ensuring its availability, confidentiality and integrity (Posthumus & Von Solms, 2004; Kritzinger & Smith, 2008; Tashi & Hélie, 2009; Fuchs, Pernul & Sandhu, 2011). Information security management is also about ensuring the security of information conducting proactive management of information security risks, threats and vulnerabilities (Posthumus & Von Solms, 2004; Kritzinger & Smith, 2008)

The present era can be referred as a digital era as well, which has created various opportunities for organizations to conduct business and deliver different services over the internet. The cyber security is basically a practice that helps organizations minimize risks, helps the security operations in an effective manner, provide authentication and access control for resources, guarantee availability of resources and also helps to achieve regularity for enhancing own business network. The basic components of the security include; confidentiality (maintaining privacy of the data), integrity (detecting the data is not tampered), authentication (establishing proof of identity, non-repudiation (ability to prove that the sender actually sent the data), availability (computer assets are available to authorized parties when needed), and access control (access to information resources are regulated). The problems of network security include:

The forefront and need of Information and Cyber Security has progressively spread as communication media as well as the exponential growth rate of electronic storage and information transmissions increase at astounding proportions. The need for Security today has never been higher equally for private and organizational use. There are many significant reasons behind the growth of Security in both Information and Cyber fronts. Per (Yildirim, E. Y., Akalp, G., Aytac, S., & Bayram, N., 2011) these are classified as the increase in electronic applications in businesses and daily life, sharing information on network systems, accessibility of information from many points, the increasing threat of loss of information, and most