This website uses cookies to ensure you have the best experience. Learn more

Information Security: Security Acts And Effectiveness

2438 words - 10 pages

Information systems have become rampant in current times and by default, the use of said technology has been widespread in the usage to manage countless items of personnel and organizational data. In fact, this data may contains items such as organizational proprietary information, financial information, and/or personal information that in the hands of others, can arguable be harmful to the data owner(s). It is well known that organizations rely and have increasingly become reliant on technology to conduct business operations (Herath, Herath, & Bremser, 2010). Consequently, security measures are necessary to protect organizational information from both inside and outside entities of an organization. The protection and security of organizational information is under constant threat and mitigation measures are necessary to ensure information is protected from unauthorized users. Additionally, governmental agencies have developed regulations that mandate minimal standards necessary for organizations to protect information.
Furthermore, organizations like the Information Systems Audit and Control Association, otherwise known as ISACA, have developed frameworks and communicate best practices that assist an organization in the development and implementation of security control measures tailored to protect organizational information for informational security threats. The author will provide the reader a brief synopsis of the Federal Information Security Management Act (FISMA) of 2002 and of the Gramm-Leach-Bliley Act (GLBA) and other security regulations that pertain the protection of information and the management of risks. Furthermore, the author will provide a comparative analysis between FISMA and GLBA. Lastly, a summation will be offered describing the differences that occurred before and after the governmental regulations were enacted and provide an opinionated discussions on whether information is safer with the development and implementation of governmental regulations.
FISMA
On December 17, 2002, the Federal Information Security Management Act (FISMA) was enacted as part of the E-Government Act which sought to provide security requirements for governmental systems that do not play a vital role in national security efforts (Hulitt & Vaughn, 2010). White (2010) described the development of FISMA as a way to thwart the increased threat to information security and the conduct of cyberwarfare on the technological infrastructure of the federal government. The higher purpose as directed by FISMA, is the requirement for each federal agency to develop a systemtic, but risk-based approach in the adoption, management, and the documentation of a security program designed to safeguard agency information from cybercriminals (Hulitt & Vaughn, 2010; White, 2010). Furthermore, FISMA created three broad objectives for information systems, which are confidentiality, integrity, and availability. Finally, the regulation with emphasis by the US...

Find Another Essay On Information Security: Security Acts and Effectiveness

information security Essay

1354 words - 5 pages IT securitySometimes referred to as computer security, Information Technology Security is information security applied to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop. A computer is any device with a processor and some memory. Such devices can range from non-networked standalone devices as simple as calculators, to networked mobile computing devices such

Information security Essay

2954 words - 12 pages from companies by pretending to be an employee and calling other employees to gain useful information. • Mail Servers are common targets when hackers want to gain access to network resources. Companies that access e-mail from the Internet, especially, are potential targets. To prevent a mail server from being attacked, ensure that the latest security patch is applied to both the operating system and the e-mail application. • Network hackers scan

Information Security in America and Sweden

1583 words - 6 pages Introduction: Business today retains a variety of problems, a major one of these problems are breaches in information and consequently society has come up with Information security to help secure peoples privacy. In order to understand why we have information security, one has to first apprehend the value of information. Typical information stored by different businesses and individuals will consist of an assortment of hypersensitive

New-Hire Onboarding and Information Security

1179 words - 5 pages New employees, full-time or non-employee contractors, present a number of risks in regards to information security. These risks can be mitigated with well-designed and thorough interview and onboarding processes. An organization’s human resources department must have guidelines in place for interviewers and hiring managers to follow to allow for high-risk potential candidates to be filtered out prior to hiring. The importance of information

Internet and a Business' Information Security

1945 words - 8 pages Ensuring the security of a businesses’ information and assets is a critical part of a company’s success. The many facets of the World Wide Web have made protecting data a critical function for companies world-wide. Companies owe it to their customers to maintain proper security regarding sensitive information obtained when processing services or storing sensitive data. Electronic commerce, or E-Commerce for short, is a type of industry where

Information Security and Clout Testing Challenges

893 words - 4 pages availability is major concern. Security challenges: Information Security takes a whole new dimension when it goes out of the customer’s in-house location and becomes a part of external domain space shared with multiple customers. As cloud supports multi-tenancy, the test team needs to do an extensive set of security testing to make sure data is secured not only from internet attack but also from other customers sharing same cloud. Data security

Information Security Credentials

1389 words - 6 pages Credentials of Information Security Professionals: A summary of the various types of certificationsThe purpose of this document is to provide a summary of the various types of certifications available to information security professionals. A credential is best defined as a proof of qualification, competence, or clearance that is attached to a person, and often considered an attribute of that person. It is necessary for information security

Information Security Final

1860 words - 8 pages as well as stored separately; this in turn reduces the likelihood of attackers obtaining keys to encryption and decryption. It is also essential to overwrite old memory locations that once held sensitive data that is no longer needed. This security measure increases the difficulty of accessing such critical information that may be useful to an attacker internally and/or externally. Nonetheless, above all, developers must establish who are

Importance of Information Security

1666 words - 7 pages Information security Information Security refers to the procedures and techniques which are composed and implemented to ensure print, electronic, or other form of private and sensitive information from unapproved access, utilization, destruction, divulgence, change, or interruption. (http://www.sans.org/information-security) Need for Information security Business objectives and privacy drive the need for Information security. For a period, data

City View's Information Security Plan

2137 words - 9 pages shelve systems. As it may be difficult for older employees to adapt at the change, City View should prepare employees by letting them know ahead of time what the changes will include and when them to be expected to in implemented. City View would have information secession on how to use it will help the employees manage the change (ref). 8 Security: It is important to safeguard the data collected because City View is reasonable for exchanging

Information Security in Mobile Databases

2068 words - 8 pages physical boundaries in such type of technology there is always a chance of information theft. Wireless connection is not the most secure type of connection. So with mobile database come more security issues to be dealt with. CONCLUSION Mobile devices seem to be dominating the world of technology and it surely will be the future of data communication. With the advancement in mobile technology there is a good chance that mobile

Similar Essays

Ethics And Information Security Essay

1074 words - 4 pages appropriate party receives credit and any financial gain from the original works they create and publish. In my opinion, these acts are necessary to protect the owners of content and intellectual property during what is described as the information age from piracy and potential financial loss. Original content or intellectual property needs to be protected from unauthorized use and though everyone has not experienced this issue at the present, it

An Evaluation Of Security Acts And Models

1936 words - 8 pages organisation. (p. 36) To ensure that the security of citizens’ private information is effectively protected, information risk legislation and models have been ordained in order to mitigate cyber threats and security risks. Effectiveness of Legislation The various acts that have been sanctioned often focus on addressing how the PII of individuals should be handled and what security measures should be implemented to ensure the safekeeping of such private

Information Security Essay

574 words - 3 pages The Technological advancement in today's world has changed dramatically, the use of computers within the private and public sectors has said to have raised rapidly over the past few years'. It has been anticipated that, unless the information security problem is resolved, losses from I.T field may reach $40 billion per year. The possibility of corporations or banks going bankrupt as a result of computer theft is very real. The objective of

Information Security Essay

2915 words - 12 pages , 2004). This is a framework for Control Objectives for Information and related Technology (COBIT). Moreover, these core principles of information security addressed in the process of implementing firewalls are subsets of the Trust Service framework developed by the Canadian Institute of Chartered Accountants and the AICPA. Effectiveness implies that the information provided is timely and relevant. On the other hand, the efficiency of the