Information Security ethics (Essay Sample)
It is about the threats that companies face with their cyber security
source..
Information security Ethics
Student's Name
Institutional Affiliation
Course number and course name
Instructor's name
Date
Information security Ethics
One of the major worries of corporations is the security of their data. The constant threats of cyber security make them spend a lot of money and time securing the essential data and information that are private to the company. One of the problems that stand out is the corporate identity threat involving the abuse of traditional or nontraditional identity techniques or assets to divert, fraud, or deceive the consumers. The cyber attached achieves this through a digital identity fraud, which involves the abuse of digital identity assets through electromagnetic or digital mediums of communication to deceive or defraud the identity of the company stakeholders. This discussion intends to identify the major information threats and the steps to ensure information safety from cyber attackers.
Background
For a long time, intellectual properties were the major digital assets worth protecting by major corporates. However, the digital identity has emerged to be a major asset that corporate ownership and therefore needs a high level of protection. These assets provide the possible ways that attackers can infiltrate the corporation and cause damages. They are the intangible assets that are routed on physical assets. Among them include Trademarks, Domain names, online forum identities, IP address space, and key human associates' identities (Ofori et al., 2020). In the current era of technological advancement, digital identities have moved to personal information such as social media persona, passwords and usernames, crypto wallets, Blockchain, phone numbers, Pseudonyms, cloud service subscriptions, and personally identifiable information names a few.
Ideally, understanding the true worth of this identity information is not determinable until the damage is caused. Most corporates tend to evaluate their physical assets and forget the value that intangible assets owe to the company. However, there are several techniques that companies can use to determine the value of identity assets. Since one of the damages that tend to result from such identity asset theft is the human beneficiaries linked to the Digital Identity Assets, their values must be based on such financial aspects the individual information holds.
There are several ways that cyber attackers can use such information to cause damage to the company. Among the most common ones include extortion, spoofing, phasing, smashing, vishing, and whaling. Companies can also suffer from identity threats and enumeration attacks that may result in financial losses. Subdomain takeovers also deny the company the power to control its content in an internet setup (Ofori et al., 2020). Therefore, protecting such information requires an understanding of the source of thereat that s characterized with setting both physical and virtual security. Handling the identification of pertinent threats must be at the forefront of protection. Among the possible ways include ensuring proper use of Tactics, Techniques, and Procedures (TTP). Companies must also invest their time and resources in threat modeling, simulation, and assessment.
Currently, corporates have adopted measures that they use for the treatment of the risks. Among them include physical security control, where proper security measures are put in place to prevent unauthorized individuals from accessing some places and some crucial information. In this case, the firms adopt both proactive and reactive approaches (Langarizadeh, Moghbeli, & Aliabadi, 2017). The proactive measures involve preventive procedures, while the reactive approach entails controlling the amount of damage that such an attack may cause to the company. However, priority should be on the proactive measures that tend to be less costly and can prevent any form of loss that the firm may experience. It is an addition to creating a room for innovative security measures that encourage the adoption of new technologies available in the market for the latest unexploited forms of protection.
Alternatives
The continuous advancement of technology enables humans to develop a solution to all problems that they encounter. Cyber security threats are one of them that calls for constant solutions. While there are the known traditional ways of dealing with such threats, alternatives are constantly developed to ensure more secure cyberspace for corporates. One of such alternatives involves the decentralized control of data and information. In such a case, the company may do away with the centralized data-controlled system. Any singular infiltration to the system can damage a variety of components of the company information.
On the other hand, the decentralization system allows an illegal infiltrator to access the specifically reduced amount of information that may not be useful. Including intangible assets in the list of properties that a company owner can also be an alternative method of improving the security system. However, evaluating intangible assets as part of properties owned by a corporate may not have direct financial importance to a company. Hence, convincing the major stakeholders to incorporate it as an asset worth protecting (Atlam & Wills, 2020). Decentralizing corporate data is still a bad approach since the company management may lack the control to run it. Moreover, it is still a costly method of managing nontangible assets, making them subject to rejection by management. There is no proper technology that can protect all the components of the company's intangible assets in the decentralized manager, making it easy to access when needed.
Proposed Solution
Addressing information security con
Other Topics:
- Python Code in ITDescription: Do a Python Code...1 page/≈275 words| No Sources | APA | IT & Computer Science | Essay |
- Report on Identity, Access, and Management Description: The Identify and access management (IAM) over years has been mainly focusing on managing and controlling information technology for user needs enterprises. As technology changes, different technologies including cloud, social networks, etc. Identity management become something to focus as many enterprises ...4 pages/≈1100 words| 5 Sources | APA | IT & Computer Science | Essay |
- Understanding Computer Sciences and Information TechnologyDescription: Information Technology acquisition s is thought about simple, quick and the most fantastic manner by which an association can address its issues. The acquisition system can be effective and can support a company's upper hand or, in other words, contain an advantage as to other companies. ...2 pages/≈550 words| 3 Sources | APA | IT & Computer Science | Essay |