Information Security in an Organization
Information security is one of the most important and exciting career paths today all over the world. Information security simply referred to as InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical data, with knowledge of information security we are confident that our data is protected and also assured of the safety of our data and ensure that the value of our organizations maintained. But this is not the only explanation experts have given, information security is the life savior of organizations all over the globe. So people in this field can be considered as the physicians of the computer system, also we can call them the pathologist or better still the cardiologist of the computer system. Let‘s not under-estimate the impact of security incidents, which can lead to data loss, leaks of personal information, wasting of time, and the spread of viruses. We shouldn’t’ think that security incidents that happen to other computers will not affect us. We should take responsibility in managing your own information. Keep alert to news regarding security threats and equip ourselves and organizations with the latest knowledge. Consult experts and advisors if you are in any doubt. Keep a contact list of assistance, e.g. public services, application support, and ISP hotlines.
] Sattarova Feruza Y. and Prof.Tao-hoon Kim, IT Security Review: Privacy, Protection, Access Control, Assurance and System Security, International Journal of Multimedia and Ubiquitous Engineering Vol. 2, No. 2, April, (2007) page 17
] JAMES P. ANDERSON, computer security technology planning study, ESD-TR-7315 Vol. II (October )1972.
] Artail H, Safa H, Sraj M, Kuwatly I, AlMasri Z. A hybrid honeypot framework for Improving Intrusion detection systems in protecting organizational networks. computers & security 25:. (2006):274288.
], Lakkaraju K, yurcik W, are H, A visualization tool for situational awareness of tactical and strategic security(2003) ents on large and complex computer networks. paper presented at the military communications conference (MILCOM).
Ferguson, N., Schneier, B., Kohno, T. 2010 Cryptography Engineering: Design Principles and Practical Applications. Wiley Publishing ISBN:0470474246 9780470474242.
D. Paterson, T. Taylor, S. Brooks, J. Glanfield, C. Gates, and J. McHugh. Activity Plots: A Multi-Entity Time Series Visualization. In Online Proceedings of FloCon 2009. URL: http://www.cert. org/flocon/2009/proceedings.html, January 2009
U.S. Department of Homeland Security US-CERT Cyber Resilience Review website, September 2015.Retrieved from https://www.us-cert.gov/ccubedvp/self-service-crr
Gorry GA. and M.S. Scott Morton, A framework for management information systems. Sloan management review, 13(1): P. (1971.):5570.
Dr. Rajinder Singh, Shakti Kumar, NETWORK SECURITY & VULNERABLE SECURITY ASPECTS, global journal of engineering science and researches Singh, 1(6): August 2014] ISSN 2348 8034
Avecto | Whitepaper, Regulatory Compliance and Least Privilege Security. Retrieved from HTTP:// www.avecto.com.
] Rigney et. al., "Remote Authentication Dial In User Service (RADIUS)," RFC 2865 (Obsoletes RFC 2138, 2058), June 2000.
] Nils Gruschka, Meiko Jensen. Attack Surfaces: A Taxonomy for Attacks on Cloud Services, Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing.
. Siponen . "Neutralization: New insights into the problem of employee systems security policy violations," MISquarterly, 2010.:(34: 3) pp.487502
Julia H. Allen, Structuring the Chief Information Security Officer Organization, September 2015.
Cavalli, Richard A.; Allen, Julia H.; & White, David W. CERT® Resilience Management Model: A Maturity Model for Managing Operational Resilience. Addison-Wesley, 2011. http://www.informit.com/store/cert-resilience-management-model-cert-rmm-a-maturity- 9780321712431.
Katherine Brocklehurst, RISK-BASED SECURITY FOR EXECUTIVES, white paper, Understanding Your Attack Surface: The First Step in Risk-Based Security Intelligence, APR 17, 2014
Authors who submit papers with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
- By submitting the processing fee, it is understood that the author has agreed to our terms and conditions which may change from time to time without any notice.
- It should be clear for authors that the Editor In Chief is responsible for the final decision about the submitted papers; have the right to accept\reject any paper. The Editor In Chief will choose any option from the following to review the submitted papers:A. send the paper to two reviewers, if the results were negative by one reviewer and positive by the other one; then the editor may send the paper for third reviewer or he take immediately the final decision by accepting\rejecting the paper. The Editor In Chief will ask the selected reviewers to present the results within 7 working days, if they were unable to complete the review within the agreed period then the editor have the right to resend the papers for new reviewers using the same procedure. If the Editor In Chief was not able to find suitable reviewers for certain papers then he have the right to reject the paper.
- Author will take the responsibility what so ever if any copyright infringement or any other violation of any law is done by publishing the research work by the author
- Before publishing, author must check whether this journal is accepted by his employer, or any authority he intends to submit his research work. we will not be responsible in this matter.
- If at any time, due to any legal reason, if the journal stops accepting manuscripts or could not publish already accepted manuscripts, we will have the right to cancel all or any one of the manuscripts without any compensation or returning back any kind of processing cost.
- The cost covered in the publication fees is only for online publication of a single manuscript.