Question

Information Security as a concern is evolving. the basics in terms of concepts and what the bad guys can do and how. about the ethics associated and how the existence of the Internet challenges ethics. What are, in your opinion the major factors that will shape security and ethics associated with the Internet-over in the next 10 years? What and why do you think so?

Answer 1

Technology now is evolving at such a furious pace and one major thing fueling this speed is information or the internet. We can get loads of information on any topic or person within seconds. This has raised concerns regarding the security and misuse of this vast information. Information security has developed as a big branch of the technology itself and is mandatory to be implemented in any system handling data. Information security is based on three principles called tenets, they are confidentiality, integrity, and availability. It is a method or way to keep information/ data secure from unauthorized changes and access when it is stored and also when it is transmitted digitally or physically. Information security (Infosec) is also confused and mixed with cybersecurity. Information security can be called as a subset of cybersecurity.

The bad guys for Infosec can come in many forms. They can be attacks on

Software/applications - Through spread of Viruses & worms and also by phishing attacks, attackers can cause entire systems to collapse and cause billions of dollars worth damage. Intellectual property theft - Copyright violations, stealing Company intellectual property is one major headache for businesses. Theft of identity - Impersonating as someone else to obtain personal data or using to gain access to important information, maligning name, stealing money, etc. Theft of data/equipment - Mobile phones store a vast amount of information and hence stealing of mobiles is on the increase. Sabotage -  Attacking a website to bring about the downfall of the company. Extortion using information - Holding the Company to ransom in exchange for returning important & confidential information stolen from it. Other threats are Logic bomb, IP spoofing, Denial of Service and RootKit.

Ethics is concerned with the understanding of right and wrong behaviors. The internet is challenging the ethics in four major issues, these are privacy, accuracy, property, and accessibility. People and access control are two major causes of these issues. People are doing many things without knowing the implications and many systems are not having the proper access security systems required. Information security and ethics can be put forth as an overall term to all the activities needed to protect information and systems that support it in order to facilitate its ethical use. The ever increasing complexity of modern technology and the rapid pace of change, the tools, and technologies required for maintaining the security systems are varied and numerous. This makes it difficult to keep up with new tools and technologies. Some important tools used are firewalls, malicious code detection software, stricter access control, data encryption, intrusion detection systems, smart cards, use of biometrics, and network login passwords. Organizations follow Information Security Risk Management cycles to develop and install security systems as per their requirement. Association Information Technology professionals have even issued a Code of Ethics and Standards of conduct.

The major factors that would shape internet security are

Data Volume growth - More Data might not be always better. Organizations will need to scrutinize the type and amount of data required. Information privacy -  Companies can lose the majority of their customers if they feel their privacy is at risk. Privacy can become an important business driver. Demand for Security - For Organizations to succeed, they will need to invest and focus on information security and not consider it as just an IT issue. Stricter Regulations and Compliance - This shall be in force to ensure all businesses are taking Infosec seriously. Identity Management - With more advanced technology, identification metrics will become more complex to prevent thefts. Advanced-Data Encryption at all stages - With millions of bytes of data flowing, encryption measures will need to be at highest level in storing and transmission. Development of Unified Security applications - To be a step ahead of bad guys, all businesses will need to be part of the Unified security application that shall be the latest and updated version always. Rise of Crime as a Service (CaaS) - Sole purpose to steal information.

The electronic network revolution has changed the way we conduct our daily lives and it promises to shake our existence more drastically. The benefits of the internet are tremendous and to take full advantage of this new interconnectedness, all of us including organizations, government agencies will have to devise means to address the security issues and ethical implications which will be more challenging in the years to come.