Question

In: Operations Management

Information Security and Standard Organizations -Find two movies or tv shows and describe three different information...

Information Security and Standard Organizations

-Find two movies or tv shows and describe three different information security aspects that appear in them.

-What are the main organizations of information systems and what are the codes of ethics of these organizations?

-What criteria can be used to evaluate the quality of an information security system?

Solutions

Expert Solution

Let's understand what information security is all about, it's attributes, aspects, why it forms an inevitable norm of the organisations and country.Information security as its name suggests is the protection and defence of computer systems, network lines, crucial information from theft , peeping or through viruses that can damage hardware, software , electronic data or by disruption , modification, recording, access, destruction and misdirection of the services provided. Information distorted could be anything: physical or electrical viz a viz personal details, profile, social accounts, financial accounts, passwords etc.

It is built around 3 main objectives: CIA

( Confidentiality, Integrity, Availability )

Confidentiality simply means that the information should not be compromised on any terms and not to be disclosed to unauthorised individual or an entity.
Integrity defines the accuracy and completeness of the data of an organisation. Data should not be edited and distorted in any unauthorised way.

Availability means that the information should be available to those who have proper access and authorisation for it. It ensures matching network and computing resources to the volume of data access and maintaining a mind blowing back up policy in case of recovery issues.

Lets acknowledge the aspects of Information Security through examples of movies:

1)- Lately a movie was released "HACKED" which was purely on cyber crime and that information security was compromised.

In the movie a friend of a girl got access to her phone through id and password because of which he was able to access all the crucial information.

Because of this, he was able to edit the data or the information ( say for eg messages or official mails ) in an unauthorised way. There was an important project and deal going on, where the boy edited all the data on laptop and sent to outside world and the girl was fired due to data leak. Whole of the data that was meant only for her authorisation, was now accessed by an external mate.

2)- There is another movie named "PLAYERS" where a group of thieves allign and plan a theft via information technology. To know about the whereabouts of the gold, the data is obtained through an employee who got the access of information in an unauthorised way mayb because the confidentiality was not up to mark. Then to change the direction of the train through which gold theft was to be done, the data was distorted and edited through control. The data could be made available and that the network and computer system was accessible through which the technicalities of the train and security system was known and planned.

Listed below are the information security organisations along with their code of ethics:

AITP: Association of Information Technology Professionals

International information security system certificate consortium

Information systems audit and control association

Information Technology and Infrastructure Library

The SANS Institute

Centre for Internet Security

Society of IT professionals worldwide which features webinars, conferences, and a plenty of network security means.

Code of ethics:

They have an obligation to management and shall promote understanding of information processing methods and procedures to management using every resource

They should Have an obligation to society and that participate to the best of their ability in diffusion and spreading of knowledge pertaining to the general development and acknowledge of information processing.

Associations shouldn't  avail knowledge of confidential nature to their private and intimate  interests, nor shall breach the privacy, integrity, credibility and confidentiality of authorised information endowed to or to vital information they have gained access.

Have an obligation to college or organisation and shall uphold its ethical and moral principals

Should Promote generally accepted information security current best practices and standards

Maintain apt confidentiality of proprietary and crucial information encountered in the course of professional activities

Maintain professional responsibilities with due diligence, credibility, trust and honesty

Abstain from any sort of activities which might include a conflict of interest, harm the reputation of or is inimical to employers, the professionals of information security, or the Association in whole

Not intentionally injure the professional reputation or practice of colleagues, clients, or employers.

To evaluate the security of information systems, following assessment could be taken to avoid the threats:

•Assess the vulnerability of all the networks, systems, computer, hardware or softwares, whole of the infrastructure to analyse the potential and weakness issues.

•Accompany and manage all the portals through which the internet facility is provided be it: ports, vendors, hubs, wire works to identify the open windows and unlocked doors. All the malicious activities happen through these ports and vectors only

• Analyse how the network of your organisation communicates with outside systems, how does it respond to the queries of third party information and how easily it is satisfied

• Scrutinise and probe your internal network as well because whole of the threats does not only come from outside.
• Review and analyse the wireless network systems viz a viz : Wifi, Bluetooth, RFID, rogue devices and the portable devices as well. Vital information can also be transferred through pen drives.

• Educate employers and employees regarding the security process including social engineering attacks. Make adequate policies and norms around behaviour such as using social media on official computer systems, using external pe drives, picking up flash drives lying around and so on.


Related Solutions

Describe three different information security policy frameworks, with a brief discussion of the strengths and weaknesses...
Describe three different information security policy frameworks, with a brief discussion of the strengths and weaknesses of each. Do NOT present your answer as a table; I want words in paragraphs as this is an essay exam. If you were a newly hired CISO creating an information security policy for your company for the first time, which of the three frameworks would you use, and why would you select that one?
Video Streaming Services obtain content distribution rights in order to stream TV shows and movies on...
Video Streaming Services obtain content distribution rights in order to stream TV shows and movies on subscribers' TVs, computers and mobile devices. Streaming content is generally licensed for a fixed fee for the term of the license agreement. How do you think these firms should recognize the amounts they pay upfront for these licenses?
Video Streaming Services obtain content distribution rights in order to stream TV shows and movies on...
Video Streaming Services obtain content distribution rights in order to stream TV shows and movies on subscribers' TVs, computers and mobile devices. Streaming content is generally licensed for a fixed fee for the term of the license agreement. How do you think these firms should recognize the amounts they pay upfront for these licenses?
Select three television shows or two movies depicting gender, race and class. Write a study on...
Select three television shows or two movies depicting gender, race and class. Write a study on the media’s impact of how race, class and gender are viewed in American society. Analyze the tv shows/movies based on gender, race and class. What family dynamic exists? How do the tv shows influence women? (self esteem, self image) Take notes while you are watching television shows and note your observations. How might these tv shows/movies impact the viewers/audience? How do these tv shows/films...
Consumers have gotten used to seeing products placed in movies and TV shows. We see cars,...
Consumers have gotten used to seeing products placed in movies and TV shows. We see cars, food, beverages, clothing, electronics, stores, and more on a regular basis inserted into entertainment. Discuss product placement as a tactic in marketing. What are the advantages/disadvantages of this type of promotional tool compared to other types of advertising?
Discuss three main information security challenges faced by organizations. Focus on prevention and troubleshooting.
Discuss three main information security challenges faced by organizations. Focus on prevention and troubleshooting.
The drawing shows three different resistors in two different circuits. The battery has a voltage of...
The drawing shows three different resistors in two different circuits. The battery has a voltage of V = 20 V, and the resistors have resistances of R1 = 50.0 ?, R2 = 25.0 ? and R3 = 10.0 ?. Determine the current through and the voltage across each resistor.
What are three different types of SIEM's on the market today? Security information and event management...
What are three different types of SIEM's on the market today? Security information and event management (SIEM) is a subsection within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware.
Companies and organizations use graphics to gain our attention and to convey information. Select three different...
Companies and organizations use graphics to gain our attention and to convey information. Select three different types of graphics that have captured your attention. Explain the type of graphic and why it captured your attention. Be sure to display each graphic in your response.
Describe the typical salesperson as illustrated in movies, books, and television shows. Why does that image...
Describe the typical salesperson as illustrated in movies, books, and television shows. Why does that image exist as the stereotypical salesperson (be specific)? What role does ethics play in perpetuating the stereotype? Whose responsibility is it to see that a company’s code of ethics is carried out?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT