Got a tricky question? Receive an answer from students like you! Try us!

Information security legislation - Essay Example

Only on StudentShare
Undergraduate
Author : shaniamorar
Essay
Miscellaneous
Pages 19 (4769 words)

Summary

Presently, many financial services companies are realizing the need to expand the range of risk management and governance to incorporate information technology (IT). This realization is increasing in the wake of increasing theft occurrences and other information security…

Extract of sample
Information security legislation

Never the less, times have changed and the recent past has seen a lot of regulations and legislation which impacts information security. Some of these legislations are the European Data Protection Directive, Sarbanes-Oxley Act, and the Capital Adequacy Directive, just to mention but a few. In the event of these new compliance rules organization are being forced to resort a range of codes and standards to control their information systems. (Purtell, 2007)
Information security is an organization problem, and not a technologically one. With increasing spotlight on information security in legislation and the media all over the world, companies are being faced with a complex need to conform to privacy and security regulations and standards. This is making information security issues to be discussed in the boardrooms and many executives and directors becoming aware of their responsibility in ensuring information security in an organization. Information security is driven by;
The knowledge of issues and challenges being faced in information security currently has increased. Through, the government, the media, crimes, cyber attacks and proliferation of products that are vulnerable, information security has continued to receive more attention (Purtell, 2007)
Through successful attacks for example code red and Nimrod, companies are realizing that security technology product is not the overall solution to information security. Information security is an organization problem and technology is only but a small element in the organization. (Purtell, 2007)
Companies are facing complex needs and requirements to conform to numerous regulation/standards. Even those vertical organizations such as financial services organizations, complication to adhere to security measures brought about by different regulations, for example the US Gramm-Leach Biley Act, 1999 (GLBA), ...
Download paper

Related Essays

Information Systems Security Incident
This paper describes the types of logs that are maintained at B-Concepts, the log management system and discusses the advantages of security logs.…
4 pages (1004 words)
Information Security Master Essay
IT security policies in the private sector are also reviewed.…
42 pages (10542 words)
Information Security
There is also a vast body of empirical evidence that demonstrates that general managers ought to be much more involved in the formulation and implementation of information security because they are more able to assess particular types of risks, more attuned to cost-benefit considerations, and better able to integrate information security into a business organization's larger structure than narrow-minded security specialists (Lacity, 2005). In order to more clearly elaborate how organizations should approach information security issues, this essay will discuss how businesses should strike a…
4 pages (1004 words)
Information security legislation
Never the less, times have changed and the recent past has seen a lot of regulations and legislation which impacts information security. Some of these legislations are the European Data Protection Directive, Sarbanes-Oxley Act, and the Capital Adequacy Directive, just to mention but a few. In the event of these new compliance rules organization are being forced to resort a range of codes and standards to control their information systems. (Purtell, 2007)…
19 pages (4769 words)
Principles of information security
The paper is about to produce an ISMP for the Assessment Office. In this paper the focus is only on the areas of concerns that have been identified by the Assessment Office. It was required to take care of the two sections of IS 18 that had been identified but not followed in most circumstances. The first thing that is not followed properly is training related to awareness of information security issues while other thing is related to appropriate physical security controls which must be in place for access to offices involved in information processing and handling. In the case different…
8 pages (2008 words)
U.S Customs and Border Patrol's Role in Information Security
Nevertheless, without there being appropriate security measures, there is a danger of the systems being misused by people and certain communities who have spiteful intentions of intruding and making use of the access for acquiring sensitive data, committing wrong, disrupting functions, or launching attacks in opposition to the other computer systems and network. Such a concern is not there without any reason. It is an issue of worry because of the remarkable rise in the incidents related to security, the easiness with which hacking devices can be obtained and used, the gradual progress that is…
5 pages (1255 words)
Security
It is also reflective of how law, crime and morality are perceived by members of the society. The security practices of removing concealments from the sidewalks to protect people who travelled the highways from being attacked by robbers could not work alone. Other attempts to deal with crime at the local level proved futile and so night watches and patrols which were established privately was the means of protection for citizens.…
7 pages (1757 words)