Network Security
Network Security
Information and system security are
essential for individuals and organizations because they protect confidential
information. Information security is vital because it protects personal identifiable
information, or PII, the company's intellectual property, and they also have
the responsibility to maintain the trust of their customers and investors. Information
and system security prevents cyber attacks. Cyber attacks such as phishing,
hacking, and computer viruses can damage individuals and businesses. By
preventing cyber attacks from happening, they can minimize losses and allows
companies to continue to operate. Cyber attacks can come from different
directions, including insider threats. According to Liu et al. (2018), "Information
communications technology systems are facing an increasing number of cyber
security threats, the majority of which are originated by insiders." Insider
threats could be accidental or intentional. Compliance and regulations are
required with various government agencies. Failing to comply with government regulations
can result in legal action and penalties. Using protections, such as two-factor
authentication and password requirements, can make it harder for intruders and
attackers to access individual and company networks. Another way to apply
information and network security is to implement an incident response plan. An
Incident Response Plan is a written document formally approved by the senior
leadership team that helps your organization before, during, and after a
confirmed or suspected security incident. (CISA.gov n.d.) Developing an incident response plan
that outlines procedures that identify the incidents, assigning roles and responsibilities,
and notifying stakeholders is a must to limit the damage.
In conclusion, information and
system security is essential to protect confidentiality, prevention of cyber
attacks, compliance with regulations, and protect intellectual property. Individuals
and organizations must proactively place security measures to prevent and limit
damage detrimental to the companies' and individuals' reputations and finances.
The
two topics I will expand on are in a later post are Phishing and Social Engineering.
References:
CISA.org
(n.d.) Incident response plan (IRP) basics
https://www.cisa.gov/sites/default/files/publications/Incident-Response-Plan-Basics_508c.pdf
L.
Liu, et al, (2018 February, 01) "Detecting and Preventing Cyber Insider
Threats: A Survey," in IEEE Communications Surveys & Tutorials, vol.
20, no. 2, pp. 1397-1417, Secondquarter 2018, doi: 10.1109/COMST.2018.2800740.
Comments