Information Security Research Paper Example | Topics and Well Written Essays - 750 words

Information Security - Research Paper ExampleLack of ken and execution to protect companys information assets can moderate in loss of revenues, problematic reputation for the company and probable law suits by the customers for not being able to protect their data. 2. Threats and Vulnerabilities in that respect be numerous types of threats and vulnerabilities that be required to be considered for the protection of information. Data breach is defined as the disclosure of information to unauthorized individuals in an intentional or unintentional manner. Verizon Business Risk team up (2009) stated that the degree of data breaches is the highest in the modern times than it has ever been. Figure 1 portion of Different Types of Data Breaches from 2004 to 2008 (Verizon Business Risk Team, 2009) Data breaches tend to threaten the confidentiality, integrity and authenticity of the data. Confidentiality prospect requires the data to be hidden from unauthorized third parties to protect the privacy of the individual. Hash, Bartol, Rollins, Robinson, Abeles and Batdorff (2005) explained that integrity of data provides the sanction that it is not tampered with or modified at any level as a result of vixenish intent. Authenticity of data also ensures that the data is complete and accurate. The absence of such attributes of data makes the data undependable and may prove to lead to misleading directions and results for the management of the organization. Data breaches may result from outside or inside sources. Moore, Cappelli, Caron, Shaw and Trzeciak (2009) defined insider theft as instances when employees (current or ex-employees) may disclose information for personal motives or as a result of lack of awareness of required information auspices measures. Employees might jock the outside intruders gain unauthorized access to sensitive data by leaking passwords or loopholes in the security systems. Such employees may also damage or destroy the data as a result of pe rsonal conflicts or grudges against the management. Outside sources of threats and vulnerabilities include denial of service (DOS) attack, virus and worms attacks. Houle and Weaver (2001) explained that DOS attacks are directed to impair the IT services and resources so that legitimate exploiters cannot avail them. Common sources that are witnessed to become targets are bandwidth, data storage services and computing power of a resource. Abundant fake requests are move to the server to make it incapable and unavailable to cater the requests from legitimate users. Viruses and worms are also common threats that busy in a computer without the knowledge of the owner and perform spiteful actions to harm the data. Viruses and worms are automatically installed on the system if the user opens a compromised email attachment, visits an unreliable website, opens an infected image or clicks on a compromised online advertisement etc. Non-repudiation was defined by Hole (2009) it ensures that the transfer of messages between participating parties is reasonable and real. Effective security measures need to be taken by companies to ensure that sender and receiver cannot track the transfer and receiving of the messages, respectively. 3. Counter Measures for Improving Security Cannady and Harrell (n.d.) proposed a technique to tackle the threat of insider theft they recommended that user profiles should be developed and stored in the server. These user profiles are developed on the basis of routine activities