logo

Information Security Assignment (Doc)

   

Added on  2020-05-03

11 Pages2773 Words85 Views
Running head: INFORMATION SECURITYInformation securityName of the studentName of the UniversityAuthor Note

1INFORMATION SECURITYAnswer to question 1:The information system sectors are responsible for creating a change in the way ooperation of the public sector organizations around the world. Mostly all the organizations whoare responsible for working in the public sectors, have adopted the use of the information systempolicies to provide more efficient services to their customers (Casmir and Yngström 2003). Themain services that are referenced by the adoption of the information system prospects are theimmigration, tax, birth and death, registration of the voters, public financial services and payrolldepartments. These adoptions of the information security services are being addressed in thedeveloping countries now where the developed countries have already adopted them many yearsago. Zanzibar is also termed as developing country and is adopting the use of the informationservices for their public services. However, the services adoption is causing threats andvulnerabilities for the associated stakeholders like absence of efficient personnel, monetaryproblems and lack of developed infrastructure. According to a research carried out in Zanzibar, there were several challenges thatcontributed to threats. The first threat is the presence of website security which is depicted by theuse of the services for website addressing. The analysis finds out about the in-house hosting anddeveloping of the websites which makes them less complied to the security based policies andframeworks. In addition, the websites also are not complying to the guidelines that are to bemaintained during dealing with customer credentials (Estevez and Janowski 2013). Furthermore,another challenge faced by the organizations of Zanzibar is the malicious attacks from virusesand malwares. From the analysis made from the research, the percentage of attacks in theorganizations was more than 80% (Kaaya 2004). These virus attacks were responsible for attacks

2INFORMATION SECURITYin the organizations and were also responsible for causing hindrances in operations. The majorproblems were the loss of data from the devices or denial of service attacks which were highlyresponsible for threatening the normal operations of the organization involved.For various other developing countries like Cuba or Afghanistan, the need for a securityframework is basically needed for referencing to the presence of security by offshore means.This is the reason for the implementation of international security standards so that themanagement of these threats can be properly addressed (Karokola and Yngström 2009).According to the National Security Conference that was hosted in London, most of theinformation security based attacks are mainly due to the emergence of international attackerswhose locations are not local to the country. There are various threats and vulnerabilities which are present in the constitution ofPakistan (Jan and Khan 2013). The first cyber security related implications are the existence ofmalwares. These are an effective tool for information hijacking ad eavesdropping which arecurrently being used by unethical attackers for targeting mobile phone users. As a Smartphone isthe most likely used method for getting portability and user-friendly specifics, the need forenhancing it my improving the various sophisticated designs is a necessity (Mahmood and Afzal2013). This leads to various security implications to be left un-addressed which calls for riskassessment techniques to be used for this case. Another security implication which is on the risein Pakistan is the DoS (Denial-of-service) attacks. These attacks are responsible for removinguser access from the system. These are very dangerous as their use can be used for targeting thebusiness processes of a company leading to hampering of a day’s operations. Another similarthreat is the DDoS (Distributed DoS) which is used to threaten the application layer of the OSImodel. Phishing is another cyber security threat that is also another point of concern for Pakistan

3INFORMATION SECURITY(Mustafa, Akhter and Nasrallah 2013). This process is used to trap the credentials from users bysending those fake emails or websites. These are the main point of concern for the government ofPakistan as the security issues due to such attacks are very high. Answer to question 2:Corporate governance is termed as an institutional structure which is responsible forproviding direction and orientation to the various corporate entities. It is also termed as the centerof the economy and societal democracy. As most of the organizations and businesses areresponsible for implementation of various technology based adoptions, the process of e-governance by corporate means are thus undertaken (Mlangeni and Biermann 2006). This ismainly used for the deigning, budgeting, implementations and organizing the security ofinformation services. The research study made has shown that the adoption of these services in the publicsectors is not yet accomplished. In addition, the employees are also not successfully trained usingthese services (Estevez and Janowski 2013). This causes a need for the adoption of varioussecurity related policies for addressing the application-specific issues or system-specific issuesfor enhancing the responsibilities of the e-governance part of public sectors. Moreover, theorganizations must also opt for an establishment of governing body who will be responsible formonitoring electronically. The corporate governance bodies can serve as proxies for the e-governance prospects byintroducing various ways in their implied services. The main services to be included in the publicsector organizations include the introduction of CCTV cameras for providing real time analytics,electronic locks to address authentication needs and other locks for the various ICT (Information

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Acsc Case Study And Discussion
|6
|1410
|17

Developing Information Security Policies for Xero
|14
|4396
|167

MGMT6013 Managing Information System | Security Policy
|14
|4311
|36

Threats and Vulnerabilities of Cloud Computing: A Review
|4
|723
|381

Cyber Security Management Framework for PeopleSharz
|10
|3873
|488

Assignment on Risks and Risk Management
|11
|781
|13