Information Security for Business

On December 26, 2009, in Activities, by PPj
In the context where the global communication infrastructure, information, and services are under the threat of Information Security breach, Nepalese organizations are also not far apart.
Followings are the synopsis that are the motivation factors for serious concern over Information Security in Nepalese market.
Barack Obama’s concern in cyber security highlights importance of Information Security in current world.
http://www.nytimes.com/2009/12/22/technology/internet/22cyber.html?_r=1&ref=technology
BBC News broadcasts that online fraud went up by 185%
http://www.bbc.co.uk/london/content/articles/2008/10/04/bexley_phishing_feature.shtml
Iranian Cyber army diverting requests to Twitter to malicious website
http://news.bbc.co.uk/2/hi/technology/8420233.stm
Students bypassing school Internet security
http://news.bbc.co.uk/newsbeat/hi/technology/newsid_10000000/newsid_10003500/10003579.stm
A single man in US stole 138m credit card numbers from super-market chains like WalMart and Seven-Eleven
http://news.bbc.co.uk/2/hi/business/8206305.stm
Lower configuration of web-platform went slow after Jackson’s death
http://news.bbc.co.uk/2/hi/technology/8120324.stm
People, being the key factor for any organizational structure, are the most responsible entities for maintaining Information Security.  Therefore, the investment in motivation, top-level management comittment, and business process re-engineering is required that fosters seamless integration of Information Security solutions with business processes maintaining the productivity and better confidence.
The investment in motivation, top-level management comittment, policies development, implementation framework, procedures, and code of practices play important role.  Tools cover the last 1% of the solution for information security threats.  The training was highly successful in delivering this message to all the participants.
The problems we’ve seen in Nepal includes;
- the role of NDA plays very insignificant role in case of Information Security breach as most of the security breach occur due to human instincts,
- preparedness for disaster recovery plan and policies are completely missing,
- general acceptable use policy missing even in large organizations,
- people are very keen in personal information security (spyware, keyloggers, SSL enabled protocols) but unaware about the behavior of technology that would aggregate into an Information Security catastrophe,
- business model threats such as; SaaS security models, sub-system vendor lock-in etc. are not analyzed, and
- as a whole, an Information Security implementation framework, policies, procedures, code of conduct, awareness of social engineering etc. are missing.
The training on Information Security for Business organized by Sambad Technologies (consultant: Shristi Technologies, business partner: Datum Systems) was highly successful to deliver the current Information Security scenario to the participants and the measures that can be taken to protect businesses from Information Security threats.
Photos here @ Facebook.
Media coverages;
-
-
-
-
In the context where the global communication infrastructure, information, and services are under the threat of Information Security breach, Nepalese organizations are also not far apart. Followings are the synopsis that are the motivation factors for serious concern over Information Security in Nepalese market.
People, being the key factor for any organizational structure, are the most responsible entities for maintaining Information Security.  Therefore, the investment in motivation, top-level management comittment, and business process re-engineering is required that fosters seamless integration of Information Security solutions with business processes maintaining the productivity and better confidence.
The investment in motivation, top-level management comittment, policies development, implementation framework, procedures, and code of practices play important role.  Tools cover the last 1% of the solution for information security threats.  The training was highly successful in delivering this message to all the participants.
The problems we’ve seen in Nepal includes;
  • the role of NDA plays very insignificant role in case of Information Security breach as most of the security breach occur due to human instincts,
  • preparedness for disaster recovery plan and policies are completely missing,
  • general acceptable use policy missing even in large organizations,
  • people are very keen in personal information security (spyware, keyloggers, SSL enabled protocols) but unaware about the behavior of technology that would aggregate into an Information Security catastrophe,
  • business model threats such as; SaaS security models, sub-system vendor lock-in etc. are not analyzed, and
  • as a whole, an Information Security implementation framework, policies, procedures, code of conduct, awareness of social engineering etc. are missing.
The training on Information Security for Business organized by Sambad Technologies (consultant: Shristi Technologies, business partner: Datum Systems) was highly successful to deliver the current Information Security scenario to the participants and the measures that can be taken to protect businesses from Information Security threats.

Media coverages;

If you enjoyed this article, please consider sharing it!
Digg Delicious Digg

Tagged with:  

No Comments

(Required)
(Required, will not be published)

Anti-Spam Protection by WP-SpamFree