Information Security: Cyber Security Challenges

Suman Sharma¹ , Yogesh Verma² , Amit Nadda³

Section:Survey Paper, Product Type: Isroset-Journal
Vol.7 , Issue.1 , pp.10-15, Feb-2019

CrossRef-DOI:   https://doi.org/10.26438/ijsrcse/v7i1.1015

Online published on Feb 28, 2019

Copyright Ā© Suman Sharma, Yogesh Verma, Amit Nadda . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

486 Views    400 Downloads    105 Downloads

Abstract :
The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous. Moreover, the paper posits that cyber security goes beyond the boundaries of traditional information security to include not only the protection of information resources, but also that of other assets, including the person him/herself. In information security, reference to the human factor usually relates to the role(s) of humans in the security process. The cultivation of positive Information Security is an effective way to promote security behaviour and practices among employees in the organization. Every organization must to elaborate an information security policy for providing management direction and support for information security. In this paper we try to elaborate about some threats and risks that influences information of an organization.

Key-Words / Index Term :
Information security, Cyber security, Computer security, Risk, Threat, Vulnerability

References :
[1] Department of Homeland Security. Critical infrastructure. Washington, DC: Department of Homeland Security. Cited 23 November 2012. Retrieved from: http://www.dhs.gov/files/ programs/gc_1189168948944.shtm; 2011.
[2] Dhillon G. Principles of information systems security. John Wiley & Sons; 2007.
[3] Farn K-J, Lin S-K, Fung AR-W. A study on information security management system evaluation: assets, threat and vulnerability. Computer Standards & Interfaces 2004;26(6):501e13. http://dx.doi.org/10.1016/j.csi.2004.03.012.
[4] Gerber M, Von Solms R. Management of risk in the information age. Computers & Security 2005;24(1):16e30. http://dx.doi.org/ 10.1016/j.cose.2004.11.002.
[5] ISO/IEC. ISO/IEC TR 13335-1:2004 information technology security techniques management of information and communications technology security part 1: concepts and models for information and communications technology security management. ISO/IEC, JTC 1, SC27, WG 1 2004.
[6] ISO/IEC. ISO/IEC 27002: code of practice for information security management 2005.
[7] ISO/IEC. ISO/IEC 27032:2012(E) information technology e security techniques e guidelines for cybersecurity. Geneva, Switzerland: ISO/IEC; 2012.
[8] International Telecommunications Union (ITU). ITU-TX.1205: series X: data networks, open system communications and security: telecommunication security: overview of cybersecurity 2008.
[9] Mitnick K, Simon W. The art of deception: controlling the human element of security. Wiley Publishing; 2002.
[10] The Whitehouse. International strategy for cyberspace: prosperity, security, and openness in a networked world. Cited 12 February 2012. Retrieved from: http://www. whitehouse.gov/sites/default/files/rss_viewer/international_ strategy_for_cyberspace.pdf; 2011.
[11] Theoharidou M, Gritzalis D. Common body of knowledge for information security. Security & privacy. IEEE. Retrieved from: http://ieeexplore.ieee.org/xpls/abs_all.jsp? arnumberĀ¼4140992; 2007.