Trends in the Information Security Profession

Introduction

The tech innovation market is growing in unconventional directions leading to many problems in the world of information security. According to the report from the Privacy Rights Clearinghouse, in 2015, the number of breached data declined; however, the severity of breaches was much worse than anticipated (Bernik & Prislan, 2016). With the transformation of information technology, modern organizations and tech companies have realized that educating their staffs on security issues will provide a viable solution to problems they have been facing. Moreover, security is a critical issue in an organization and has led to many organizations proposing the use of state-of-art network security tools. Citing Bernik and Prislan (2016), information security entails protecting information systems and other vital information in the organization from unauthorized users. The perception by most organizations is that the strength of their information security is higher thus leaving them exposed to risks such as cyber-attacks. The paper will examine three trends in the information security profession. Due to the changes in the information and communication technology, the trends in information security include the difficulty for companies to ensure the correctness of information, the globalization of information security, and an increase in malicious actions against information system.

The first trend is that issues on information security are becoming more international. The international aspect of information security and privacy are due to transnational information processes. The need to coordinate information security and privacy issues internationally increases with the globalization of businesses, and information and communication technology (Rao & Nayak, 2014). Similarly, the situation requires companies, servers, and users to be located in different legal regimes. Currently, there is a lack of international legislation making it difficult to puzzle out the legal challenges that have transnational impacts. For instance, spam distributors are taking advantage of the present situation that includes scattered official monitoring and parallel legal systems. According to Rao and Nayak (2014), the development of transnational networks and the independent functioning of technologies irrespective of the location of the user has propelled the globalization of information security.

It is significant to understand that social and economic globalization processes happen in parallel with the globalization of information security (Kim & Solomon, 2016). The economic and social globalization include investments, money supply, communication and movement of people and goods. The opposing forces to the globalization of information security include the likely insecurity of the capital markets. Also, information security would not become more international due to parallel localization trends as a result of ideological motivations. Citing Kim and Solomon (2016), companies usually develop ICT to function regardless of the geographical location of the user; however, they sometimes use it for national protection by blocking communication past the border thus diminishing globalization of information security.

The second trend is that it is becoming increasingly difficult for companies to ensure the correctness of information. According to Fernandes, Soares, Gomes, Freire and Inácio (2014), the validity of information provided is critical to an organization. The following interconnected developments result in difficulties in providing valid information. Firstly, the existing and collected information continues to explode. An organization usually collects and stores large information since they are preparing for the unpredictable data use (Fernandes, et al., 2014). Additionally, since the organization does not demolish redundant information, they continue to explore thus increasing the difficulty to ensure the provision of correct information. Second, the organization is increasingly involved in the collection and combing of information from different sources. Therefore, by combining information from different sources, the collected information will become more sophisticated. Thirdly, it is difficult to provide valid information since the information that is processed is due to the automatic collection and combination mechanisms that serve as black boxes.

Users of information technology might experience a decrease in understanding features of information and communication processes due to the automation of complex information. The question that most experts in an organization keep asking themselves entail assessing the reliability of the existing information (Hudic, Islam, Kieseberg, Rennert & Weippl, 2013). The organization might assess information processes by employing new technology since it will help to ensure correctness of information. Experts may decide to compare information from different sources and guarantee data integrity. Moreover, having valid information is economically valuable. Due to economic incentives, an organization can develop a viable data collection approach that will ensure that the information provided is correct (Hudic, et al., 2013). Conversely, with the increase in the number of systems that collect and produce information, it would be difficult to maintain the system of certification and trust. Hudic, et al. (2013), argue that the trend strengthens due to the collection of a large amount of data. This is because, when companies create large databases, they give second priority to the correctness of information. Regarding the societal perception, the difficulty to ensure the accuracy of information is affected by the social incentives, to be honest. On the other hand, the need to provide correct information might be a risk to the requirement of privacy in social interaction.

The third trend is that there is an increase in malicious actions against information system. Currently, the amount of malicious software has increased (Kim & Solomon, 2016). Moreover, cases of computer crimes have developed both professionally and organizationally. Interactions of individuals and organizations are increasingly connected via information and communication technology thus enabling hackers to follow them into the virtual world. Such development can be experienced in offenses that include the use of the electronic means-of-payment. Other destructive operations that occur in the virtual environment include cyberwar and cyberterrorism. Cybercrime and underinvestment in security can combine to become a threat to the organization (Kello, 2013). To solve this issue, the organization can adopt a risk management approach to determine what they depend most on and invest in resilience.

Malicious actions against information system intensify due to the following reason. Systems of ICT are interconnected and interdependent. Besides, the existence of interconnectivity and dependencies between networks and information system results in vulnerabilities that are a target for hackers. Also, malicious actions might be enhanced by social and economic benefits. The social incentives include ideological justifications and social respect (Kello, 2013). Conversely, separate intranets and existence of firewalls and information security technologies act as a counterforce to malicious actions. Additionally, the pressure from the public to desist from malicious actions decreases this trend. On the other hand, since it is hard to implement international regulations for interfering with malicious activities, it would be difficult to protect information systems thus increasing cyber-crimes.

In conclusion, the aim of the paper was to provide detailed information on three trends in the information security profession. The trends include the globalization of information security, ensuring correctness of information and increase in malicious actions against information system. Although the organization will engage in collecting and combining more data, it should consider and prioritize the management of private and confidential data. Improving information security in an organization starts with the top management. Leaders need to provide strong information security to decrease the vulnerability of the organization’s information security.

 

References

Bernik, I., & Prislan, K. (2016). Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation. PloS one, 11(9), e0163050.

Fernandes, D. A., Soares, L. F., Gomes, J. V., Freire, M. M., & Inácio, P. R. (2014). Security issues in cloud environments: a survey. International Journal of Information Security, 13(2), 113-170.

Hudic, A., Islam, S., Kieseberg, P., Rennert, S., & Weippl, E. R. (2013). Data confidentiality using fragmentation in cloud computing. International Journal of Pervasive Computing and Communications, 9(1), 37-51.

Kello, L. (2013). The meaning of the cyber revolution: Perils to theory and statecraft. International Security, 38(2), 7-40.

Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security. Burlington, Massachusetts: Jones & Bartlett Publishers.

Rao, U. H., & Nayak, U. (2014). The InfoSec handbook: An introduction to information security. Berkeley, CA: Apress.

 

Do you need an Original High Quality Academic Custom Essay?