ISSC363 IT Security and Risk Management : Information Security Policie

Discuss importance, challenges, and future trends in information security management. Provide examples.

In current era, the technology has developed globally and therefore the companies are dependent on information systems. The companies are facing challenges in order to provide security to their information management system. The hackers possess threats to the organisations besides threats of identity theft. These are the major areas of concern for the organisations. Many organisations have started giving importance to information security management. Problems like stealing organisational data is been occurring frequently as organisations are now more dependent on information system technology for storing corporate information and maintaining the customer database (Ifinedo, 2014). Therefore providing security to those information management systems is important for the organisation and the challenges faced by them are more significant.

The importance of information security system is been stated below:

It helps the organisation in having secure and stable networking systems so that they can provide security to the customer information and organisational data. It is significant for the organisation to think in regards to security breach when there is any financial discrepancy during the operational procedure. The customer service, workflow and productivity of staff are all been affected due to the downtime which take place due to the hacking of system. After restoration of systems, there is a requirement of additional checking for ensuring that each networking factors are clear so that the business does not face any issues after it return to its normal operation (Siponen, Mahmood & Pahnila, 2014).

Information security management is also significant as it helps to maintain the constant procedure of security practices as well as assists in maintenance of IT so that the operations of business can be conducted smoothly. Information security management also helps in assuring the organisation that network of the system is been configured securely as well as prevent the organisation from any threats. Information security management helps in introducing innovative methods to deal up with unknown threats and protect the organisation’s network from malware, which can be installed intentionally or unintentionally in organisational system (Whitman & Mattord, 2013). This malware, which has been installed in the organisational system by hackers, can extract all the confidential information of organisation and may result in loss of data. The organisation can get certain benefit with the help of information management security.

Implementing the security of information management within the organisation faces many challenges. The challenges faced by organisation are been discusses below:

• Failures in capability of understanding Information Security management- It is very important for employees for understanding and have knowledge about information security management. The employees also requires in having knowledge and education about information security management, which includes various types of policies (Peltier, 2016). The main goal is providing the organisation with security for managing confidential information. The main challenge faced in implementing the security of information technology is unawareness of many people. The people are not concern about the hacking process that is going on. People may post fake informations in the social media sites and this can lead to damage the reputation of the organisation.
• Mobile and wireless computing- The most frequent challenge faced is wireless computing and mobile workforce. These days, there are existences of various sorts of mobile phones available in market. These advanced cells help in creating wireless connection with web. The entry of versatile registering gadgets had a noteworthy effect on individuals' regular daily existence. Employees as well as consumers do not rely on phone calls to communicate after the discovery of wireless communication. With union of these gadgets, the data on them should be secured because it might be contain the secret data about the associations as representatives utilize it to play out the business exercises on their cell phones. In recent era, almost every work can be done with the assistance of wireless computing and smart phone. Information for example, name, address, telephone numbers and all other individual information can be follow by other individuals effortlessly just by utilizing the cell phones. Employees must realize that systems of organisations are been protected by antivirus which might not be present in cell phones. Therefore while using the wireless communications organisations and employees should take extra security for managing information security
• Attack on Information security systems: Security related incidents, which are very much related with malicious code, have turned out to be the major concerns in recent times. The malicious code as Trojans, worms and winrar are very much dangerous and these code are been used by hackers for hacking the system of the organisation and extract all the confidential data (Fenz et al., 2014). The attack of this malicious code can lead to the downfall of the company and this is the main challenge faced by the organisation for information security management

The future trends of information security management lies in the security of IoT and big data power. With the growth of mobile devices, there are introductions of data transfer of massive amount. Big data is considered one of the significant targets of hackers. The analysts who are providing security to the information management system can utilise this data for predicting and identifying the malicious attacks conducted by hackers. The cognitive security can be implemented in future where the professionals are able to process the malicious code and threat data in a more efficient way. The cognitive type security will also help in predicting the activity of criminal and identify them accurately (Loo, Mauri & Ortiz, 2016). Thus cognitive security is one of the significant future trends of Information security management.

The next future trend of information security management is securing the Internet of Things (IoT). Hackers are mainly aiming the connected devices for forming botnets and then integrating the botnets to launch the Denial of Service attacks (Sadhegi et al., 2015). This attack is mainly done against the websites, which are having high profile. Therefore, it is important for the organisations and the user for providing security to the connected device. The future trends shows that for providing security to IoT efficient security controls are been build within the devices. The organisation can also conduct application security testing for IoT for making it secure.

References:

Fenz, S., Heurix, J., Neubauer, T., & Pechstein, F. (2014). Current challenges in information security risk management. Information Management & Computer Security, 22(5), 410-430.

Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69-79.

Loo, J., Mauri, J. L., & Ortiz, J. H. (Eds.). (2016). Mobile ad hoc networks: current status and future trends. CRC Press (Boca Raton, Florida).

Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press (Boca Raton, Florida).

Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in industrial internet of things. In Design Automation Conference (DAC), 2015 52nd ACM/EDAC/IEEE (pp. 1-6). IEEE.

Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), 217-224.

Whitman, M., & Mattord, H. (2013). Management of information security. Nelson Education (Ontario).