Information security acts have been established with the intent to protect the rights of all citizens. Specifically to enhance privacy and confidentiality, models have been developed to aid organizations in securing citizens’ private information to attain assurance and security of their information. Legislation must be continuously updated to adapt to the growing use of technology and its effects of storing and using personal information. Public and private sector organizations must abide by government-mandated legislation regarding information security and risk management.
Several statues have been enacted in order to uphold the fundamental rights to the privacy of an individual’s information. In particular, these laws pertain to what it is known as personally identifiable information (PII). PII should always be protected via means of encryption and additional security measures not only when it is being transmitted across the internet, but also when it is being stored locally on a server. Many of these security and risk oriented rulings mandate the requirements of securing individuals’ personal information. Some of the acts and models even go as far as to designate how an organization must respond to and notify instances of persona data breaches. The aforementioned area is one that, especially in the midst of ever more prevalent and expansive impact of recent breaches, this author opines is so pertinent to addressing because the risks to an individual’s right to privacy cannot be understated. Jones (2007) exceptionally states the significance of these guiding principles:
Organisations need to deal with (treat) the management of information security risks in a manner that gives confidence to all partie...
... middle of paper ...
... post-9/11 world. Government Information Quarterly, 21(4), 439-460. doi:10.1016/j.giq.2004.08.004
Government of the Hong Kong Special Administrative Region (HKSAR) (2008). An overview of information security standards. Retrieved from www.infosec.gov.hk/english/technical/files/overview.pdf
Jones, A. (2007). A framework for the management of information security risks. BT Technology Journal, 25(1), 30-36. doi: 10.1007/s10550-007-0005-9
Mamun, A., Hassan, M. K., & Maroney, N. (2005). The wealth and risk effects of the Gramm-Leach-Bliley Act (GLBA) on the US banking industry. Journal of Business Finance & Accounting, 32(1), 351-388. doi:10.1111/j.0306-686X.2005.00597.x
PCI Security Standards Council LLC (2010). PCI DSS requirements and security assessment procedures (Version 2.0, October 2010). Retrieved from https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- The security models can be separated in two orders, specifically managerial arranged and specialised security models. This proposition, in any case, focuses on the specific arranged security models. In light of the deficiencies that exist in these models, tests of these lacks are: • The security models are completely based on products. In this case this is not an enough information as it contains a several components. By joining a couple of "secure" things, we can 't promise that the entire information system is "secure" moreover.... [tags: Risk, Security, Information security]
1141 words (3.3 pages)
- The needs of what is being addressed by an evaluation, whether is a program or a problem, determine what evaluation theory or model is going to be used. Each evaluation is unique and there are many different theories and models for an evaluator to pick from, but each evaluator has a basic model they may start out with. I did an interview with an experienced evaluator, Person A, who explained that every evaluation and assessment is unique so she used a variety of different theories depending on the evaluation.... [tags: Evaluation, Evaluation methods, Model theory]
1069 words (3.1 pages)
- Background Security management within the context of information systems “needs a paradigm shift in order to successfully protect information assets” (Eloff & Eloff, 2003). Due the rapid increase in information security threats, security management measures have been taken to proactively remedy the growing threat facing information security. As a result of this, security management “is becoming more complex everyday, many organization’s security systems are failing, with serious results” (Fumey-Nassah, 2007).... [tags: Security ]
1081 words (3.1 pages)
- Education is the process by which we learn of the past and present in order to shape the future and contributes to the over-all development of each individual (Weinstein & Fantini, 1973). As such, the educational process and programs are instrumental for changing the world. Parkay & Hass (2000), defines curriculum as all the experiences that individual learners have in a programme of education whose purpose is to achieve broad goals and related specific objects, which is planned in terms of a framework of theory, or past and present professional practise.... [tags: curriculum evaluation, TVET, education]
1594 words (4.6 pages)
- Introduction Common criterial for information technology security evaluation, which is called Common Criteria (CC) is an international standard for computer information security which explicitly specify the security needs of computer users. These standards govern different factors related to computer security like the process of information security specification, implementation and evaluation. These criterion act as a guide for all information security experts therefore they should turn to it when they have to make a decision about setting up an IT security system (Denning, 1999), it could be the hardware or the software parts.... [tags: Information security, Computer security, Security]
1446 words (4.1 pages)
- Introduce the concept of using information security models (why are they important). Two fundamental concepts in computer and information security are the security model, which outlines how security is to be implemented. Basically providing a blueprint and the architecture of a computer system, which fulfills this blueprint. A security model is a statement that outlines the requirements necessary to properly support and implement a certain security policy. A security model provides a deeper explanation of how a computer operating system should be developed to properly support a specific security policy (Whitman, 2014).... [tags: Computer security, Access control, Computer]
747 words (2.1 pages)
- An abundance of information security and risk management theories are prevalent; however, it can be difficult to identify valid and applicable theories. In the reading to follow, several information security and risk management theories are evaluated. These theories are presented and employed via various frameworks, models, and best practice guidelines. An assessment of sufficient research pertaining to these theories is addressed, along with a consideration of the challenges that arise from a lack of research.... [tags: it security, risk management, nist]
1902 words (5.4 pages)
- E-Business Models Evaluation Abstract According to Richard Trambly, writer for Computer World Magazine, “An e-business model is an approach to conducting electronic business through which a company can sustain itself and generate profitable revenue growth. The business model spells out how a company plans to make money online and how it's competitively positioned in an industry.” This paper will examine three websites that are geared to different populations. First, we will examine a business to business site (B2B), secondly a business to consumer (B2C) site and lastly a site for a non-profit agency.... [tags: Papers]
1204 words (3.4 pages)
- Introduction The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad.... [tags: IT Security]
2693 words (7.7 pages)
- Evaluation of Two Models Of Memory In this essay 2 models of memory will be described and compared. They are the Atkinson and Sniffrin model of memory, the Multistore model, and Crain and Lockhart model, the Levels of Processing Model. Models of memory are primitive diagrams of human memory to help understand the flow of information and how it is stored. In order to evaluate those 2 models appropriately it is important to understand how old they are. The Multistore Model of Memory by Atkinson and Shiffrin is a very primitive model although it does try to explain how the memory works quite well.... [tags: Papers]
1417 words (4 pages)