1INFORMATION SECURITY Answer to question 1: The information system sectors are responsible for creating a change in the way o operation of the public sector organizations around the world. Mostly all the organizations who are responsible for working in the public sectors, have adopted the use of the information system policies to provide more efficient services to their customers (Casmir and Yngström 2003). The main services that are referenced by the adoption of the information system prospects are the immigration, tax, birth and death, registration of the voters, public financial services and payroll departments. These adoptions of the information security services are being addressed in the developing countries now where the developed countries have already adopted them many years ago. Zanzibar is also termed as developing country and is adopting the use of the information services for their public services. However, the services adoption is causing threats and vulnerabilities for the associated stakeholders like absence of efficient personnel, monetary problems and lack of developed infrastructure. According to a research carried out in Zanzibar, there were several challenges that contributed to threats. The first threat is the presence of website security which is depicted by the use of the services for website addressing. The analysis finds out about the in-house hosting and developing of the websites which makes them less complied to the security based policies and frameworks. In addition, the websites also are not complying to the guidelines that are to be maintained during dealing with customer credentials (Estevez and Janowski 2013). Furthermore, another challenge faced by the organizations of Zanzibar is the malicious attacks from viruses and malwares. From the analysis made from the research, the percentage of attacks in the organizations was more than 80% (Kaaya 2004). These virus attacks were responsible for attacks
2INFORMATION SECURITY in the organizations and were also responsible for causing hindrances in operations. The major problems were the loss of data from the devices or denial of service attacks which were highly responsible for threatening the normal operations of the organization involved. For various other developing countries like Cuba or Afghanistan, the need for a security framework is basically needed for referencing to the presence of security by offshore means. This is the reason for the implementation of international security standards so that the management of these threats can be properly addressed (Karokola and Yngström 2009). According to the National Security Conference that was hosted in London, most of the information security based attacks are mainly due to the emergence of international attackers whose locations are not local to the country. There are various threats and vulnerabilities which are present in the constitution of Pakistan (Jan and Khan 2013). The first cyber security related implications are the existence of malwares. These are an effective tool for information hijacking ad eavesdropping which are currently being used by unethical attackers for targeting mobile phone users. As a Smartphone is the most likely used method for getting portability and user-friendly specifics, the need for enhancing it my improving the various sophisticated designs is a necessity (Mahmood and Afzal 2013). This leads to various security implications to be left un-addressed which calls for risk assessment techniques to be used for this case. Another security implication which is on the rise in Pakistan is the DoS (Denial-of-service) attacks. These attacks are responsible for removing user access from the system. These are very dangerous as their use can be used for targeting the business processes of a company leading to hampering of a day’s operations. Another similar threat is the DDoS (Distributed DoS) which is used to threaten the application layer of the OSI model. Phishing is another cyber security threat that is also another point of concern for Pakistan
3INFORMATION SECURITY (Mustafa, Akhter and Nasrallah 2013). This process is used to trap the credentials from users by sending those fake emails or websites. These are the main point of concern for the government of Pakistan as the security issues due to such attacks are very high. Answer to question 2: Corporate governance is termed as an institutional structure which is responsible for providing direction and orientation to the various corporate entities. It is also termed as the center of the economy and societal democracy. As most of the organizations and businesses are responsible for implementation of various technology based adoptions, the process of e- governance by corporate means are thus undertaken (Mlangeni and Biermann 2006). This is mainly used for the deigning, budgeting, implementations and organizing the security of information services. The research study made has shown that the adoption of these services in the public sectors is not yet accomplished. In addition, the employees are also not successfully trained using these services (Estevez and Janowski 2013). This causes a need for the adoption of various security related policies for addressing the application-specific issues or system-specific issues for enhancing the responsibilities of the e-governance part of public sectors. Moreover, the organizations must also opt for an establishment of governing body who will be responsible for monitoring electronically. The corporate governance bodies can serve as proxies for the e-governance prospects by introducing various ways in their implied services. The main services to be included in the public sector organizations include the introduction of CCTV cameras for providing real time analytics, electronic locks to address authentication needs and other locks for the various ICT (Information
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4INFORMATION SECURITY and communication) related services (Mundy and Musa 2010). In addition, the public sector organizations should also add a more secured policy for checking the visitor analytics and also get administrative rights to immediately revoke the accounts of potentially harmful users. Additionally, the employees of the organizations are also needed to be trained regarding these prospects. Moreover, the public sector organizations are also to setup strong policies to for assessing the security risks that may be present due to the presence of third parties or contractors associated with them. The entities of the corporate governance sector must ensure the proper and efficient training of the personnel working in the public sector organizations (OWASP 2010). This must be done by providing regular training to the employees for achieving better work output (Ifinedo 2012). In addition, the public sector governing bodies must also increase the job satisfaction of the employees through salary hikes and performance appraisals. For addressing the security aspects of a public sector organization, the presence of better security policies are needed for mitigating the existence of various risks and vulnerabilities of the system (Hove, Ngwerume and Muchemwa 2013). This can be done by implementing better frameworks and adopting biometric scanning for authorization and authentication purposes. This process will be made by generating unique identification numbers for each of the employees. These identification numbers will be checked before granting them access to the system. Lastly, the public sector organizations are responsible for including a backup plan in their system which will be used to address disaster recovery methods. This includes the presence of both the online and offline system backup so that they can be quickly loaded in the system in
5INFORMATION SECURITY case of any such disasters (Wangwe, Eloff and Venter 2009). This will remove the need for the business to lose a day of operations and will increase business transparency. Answer to question 3: Theuseofvariousinformationservicesbythegoverningbodiesisthemain considerations to be included in the e-governance section. This is mainly used for tending to the business relations among the customers and other businesses as well (Mlangeni and Biermann 2006). The results of such adoption are the reduction of various parameters responsible for discrepancies to the system. The prospects of e-governance have been adopted by almost all the governments of the country. It is also responsible for the conversion of traditional governing methods in a radical way. It is mainly in place to ensure the right of a consumer to government services (Kaaya 2004). Although the use of the e-governance prospect cannot be adopted in many places especially in the computer absent places, their adoptions are still considered efficient. This is the reason for using enhanced technologies to use the prospect of e-governance in a true manner. The e-governance services are being adopted globally in mostly all the countries by converting their communications from the analog to digital age (Karokola and Yngström 2009). This is mainly done by educating the common masses which will help in addressing the requirements for an e-governance prospect. The most important aspect of the e-governance services are the electronic identification cards (e-ids) that are used for voting purposes. This is a secure way of operating which is considered both in the developed and the developing countries (Cheang and Sang 2009). For example, the use of the electronic identification cards is already being addressed in the United Kingdom.
6INFORMATION SECURITY The evolution of the e-governance services is similar to the e-commerce background. As the main work of an e-commerce platform is the engagement of business to customers, the main work of the e-governance is government to citizens (Prasad 2012). As the evolution of the internet industry mainly involved an initial shift from web presence interactions to transactional integrations, the e-governance prospects will also follow a similar path in serving the needs of the citizens. The e-governance prospects are also used to address the basic requirements of the administrative services (Casmir and Yngström 2003). This is mainly done by reducing the various bureaucratic boundaries of the administrative bodies. This is mainly used to showcase the dissimilarities among the e-governance and the e-commerce platforms or the private and the public sector. As it can be seen from the study that the public sector organizations have not addressed the security implications in the ICT services, the evolvement of the e-governance prospects have been considered to be a partially failure. This causes the e-governance prospects to implement on a newly made propaganda for addressing a renewal in democratic efficiencies (Wangwe, Eloff and Venter 2009). This failure is considered to renew in an efficient way by acquiring better technological advancements, better funding and coordinated actions.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7INFORMATION SECURITY References: Alvi, F.A., Choudary, B.S., Jaferry, N. and Pathan, E., 2012. Review on cloud computing security issues & challenges.iaesjournal. com,2. Basharat, I., Azam, F. and Muzaffar, A.W., 2012. Database security and encryption: A survey study.International Journal of Computer Applications,47(12). Casmir, R. and Yngström, L., 2003. Security Dimension of IT in Developing Countries: Risks and Challenges.Journal of Information Warfare,2(3), pp.38-46. Cheang, S. and Sang, S., 2009, March. State of Cybersecurity and the Roadmap to Secure Cyber Community in Cambodia. InAvailability, Reliability and Security, 2009. ARES'09. International Conference on(pp. 652-657). Doherty, N.F. and Fulford, H., 2005. Do information security policies reduce the incidence of security breaches: an exploratory analysis.IGI Global. Estevez, E. and Janowski, T., 2013. Electronic Governance for Sustainable Development— Conceptual framework and state of research.Government Information Quarterly,30, pp.S94- S109. Hilali, A.Z., 2017.US-Pakistan relationship: Soviet invasion of Afghanistan. Taylor & Francis. Hove, M., Ngwerume, E. and Muchemwa, C., 2013. The urban crisis in Sub-Saharan Africa: A threattohumansecurityandsustainabledevelopment.Stability:InternationalJournalof Security and Development,2(1). IEEE.Zanzibar, “Copyright Act, 2003”
8INFORMATION SECURITY Ifinedo, P., 2012. Factors influencing e-government maturity in transition economies and developing countries: a longitudinal perspective.ACM SigMIS Database,42(4), pp.98-116. Information technology – security techniques – code of practice for information security management, ISO/EIC 27002:2005, 2007. Informationtechnology—securitytechniques—informationsecurityriskmanagement, ISO/EIC 27005:2008, 2008. Jan, M.A. and Khan, M., 2013. Denial of Service Attacks and Their Countermeasures in WSN.IRACST–International Journal of Computer Networks and Wireless Communications (IJCNWC),3. Kaaya, J., 2004, March. The emergence of e-government services in East Africa: tracking adoption patterns and associated factors. InProceedings of the 6th international conference on Electronic commerce(pp. 438-445). ACM. Karokola, G. and Yngström, L., 2009. State of e-Government Development in the Developing World: Case of Tanzania-Security vie. In5th International Conference on e-Government(pp. 92-100). ACADEMIC CONFERENCES LTD. Khan, M., Hossain, S., Hasan, M. and Clement, C.K., 2012. Barriers to the introduction of ICT into education in developing countries: The example of Bangladesh.Online Submission,5(2), pp.61-80. Khan, S. and Pathan, A.K., 2013.Wireless networks and security. Berlin: Springer.
9INFORMATION SECURITY Mahmood, T. and Afzal, U., 2013, December. Security Analytics: Big Data Analytics for cybersecurity: A review of trends, techniques and tools. InInformation assurance (ncia), 2013 2nd national conference on(pp. 129-134). IEEE. Mlangeni, S.A. and Biermann, E., 2006.Assessment of Information Security Policies within the Polokwane Region: A Case Study(Doctoral dissertation, Tshwane University of Technology). Moran, T., 2012. Foreign direct investment.The Wiley-Blackwell Encyclopedia of Globalization. Mundy, D. and Musa, B., 2010. Towards a framework for e-government development in Nigeria.Electronic Journal of E-government,8(2), pp.148-161. Mustafa, D., Akhter, M. and Nasrallah, N., 2013.Understanding Pakistan's water-security nexus. Washington, DC: United States Institute of Peace. OWASP (2010)Open Web Application Security Project.Available at:http://www.owasp.org. (Accessed: 18 November 2010) Prasad, K., 2012. E-governance policy for modernizing government through digital democracy in India.Journal of Information Policy,2, pp.183-203. Rasul, G., Mahmood, A., Sadiq, A. and Khan, S.I., 2012. Vulnerability of the Indus delta to climate change in Pakistan.Pakistan journal of meteorology,8(16). VonSolms,B.andVonSolms,R.,2004.The10deadlysinsofinformationsecurity management.Computers & Security,23(5), pp.371-376.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser