Friday, May 15, 2020
Implementation Of The Information Security Management System
Introduction: International Organization for Standardization (ISO) 27002 defines information as an asset that may exist in many forms and has value to an organization. Information Technology (IT) security governance is the system by which an organization directs and controls IT security (adapted from ISO 38500). Successful implementation of the information security management system (ISMS) is governed by analyzing security requirements to protect organizational information assets and apply appropriate security controls to ensure their protection (ISO/IEC 27000:2012, 2012). The main purpose of Information Security Governance (ISG) is to protect against risks and manages risks relating to the confidentiality, integrity and availability ofâ⬠¦show more contentâ⬠¦Some recent security breaches include Blue Cross of California, which reported that, in November 2013, it exposed 25,400 doctorsââ¬â¢ social security numbers (Privacy Rights Clearinghouse, 2015). In 2013, Target reported a data breach that affected 70 million customers, in which the hackers gained access to credit and debit card information (Privacy Rights Clearinghouse, 2015). The breach of CareFirst BlueCross BlueShieldââ¬â¢s 1.1 million records compromised, Premeraââ¬â¢s 11 million records compromised, Excellus BlueCross BlueShieldââ¬â¢s had 10 million records exploited and Experianââ¬â¢s 15 million records compromised. Security breaches at Sony s PlayStation Network resulted in the disclosure of 77 million subscriberââ¬â¢s personal information, (Sony Faces Lawsuit over PlayStation Network Break, The Wall Street Journal, April 28, 2011). eBay employee log-ins compromised in 2013, allowing access to the contact and log-in information for 233 million eBay customers . Another retailer Michaels had 2.6 million customers payment cards information compromised in 2014. Home Depot reported malware attack that compromises the credit card information for roughly 56 million shoppers in over 2,000 U.S. and Canadian outlets. J.P. Morgan Chase had the contact information for 76 million households and 7 million small businesses compromised. Miyamoto (2013) identified people as the weakest link in information
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.