Information security management Essay Example | Topics and Well Written Essays - 2500 words

Information security management - Essay ExampleBoth threats and vulnerabilities fill to be considered concurrently. Threats can provide damage to the confidentiality, availability and integrity of randomness present in the reading systems. They explore opportunities for security breaches to cause confidential info invasion via unauthorized access, amendment of data, removal of information from information systems. Threats can hit the network from various sources. Threats are confidential on the parameters of different capabilities and approach including away approaches by cyber criminals, hackers, terrorists. For handling threats of different nature different risk mitigation and control methodologies are required in the context of protecting the prioritized information systems. Vulnerabilities are the weaknesses which are present in the system against the current threats. Vulnerabilities can be distinguished as security loop holes in the system. If hackers find these loop hole s in the system, results are devastating including unauthorized access, amendment or complete deletion of the system. A recent example is the hacking of wiki leaks website which impacted the whole world and also affected strategical and economic relations between countries as various confidential documents were leaked out from the website. Vulnerabilities are successful due to policy weaknesses, inadequate implementation of security al-Qaida, and information of personal issues. For identifying any possible threats, testing of the security infrastructure including network components, hardware and software is essential which may occur in the future. The risk is specify as the likelihood of different threats via different circumstances, which are affecting the network and information systems. The circumstances should consider the strategy, security measures, environmental measures, own cognise and the experience of other connected entities in the context of information security fai lure. The impact calculation is also required in terms of data integrity, availability confidentiality and the appeal associated with the fixing systems, lost availability and other related issues which are of prime concern to the network and information system operations. Measurements consist of Cost which is used to protect the information and systems Value of the information and information systems Threat probability and occurrence Effectiveness of Controls Hazards determine the identities and quantities of any chemicals or harmful substances present as infect causes in the environment. There are different type of hazards required for cleaning and maintenance of the office furniture and items. Hazards may masquerade to human health or the network and information systems when spilled out accidentally by mistake. They also require flammable characteristics which may occur in severe threats and help to increase end or other incidents. Assets are the components serving internally, as well as externally, within the network. Assets can be divided in to several different information technology environments. The physical infrastructure contains Servers, workstations, data centers, switches, routers etc. The core infrastructure contains virtual private networks, Microsoft active directory, domain controllers, email servers etc. The Internet infrastructure co