Why IS Security is Important
If we’re talking about information systems for business purpose, one of the key points that’s vital and keeps a business going is data management. In an organization, information is one of the most important intangible assets in necessity of preserving and defending. This crucial information, such as employee records, customer details, data collection, and transaction need to be protected at all costs.
With the recently upgraded Industry 4.0, information systems are being used for nearly every industries and business. This means, there are more information that need to be protected now than ever before. The rising of this industrial revolutions is also followed by the increasing risk and threats. From small scale harm such as human errors in developing software to big scale threat such as software attacks (virus, trojan) and information theft.
This is when information security comes in. Information security refers to all processes and policies designed to protect an organization’s information from unauthorized access, use, disclosure, disruption, modification, or destruction. In other words, we use information security to evade or even fight information systems risk and threats.
Currently, there are five major points why organizational information are getting more and more vulnerable:
- Interconnected and wirelessly networked business environment. The internet enables millions of computers and network to communicate freely with one another. Organizations and individuals are exposed to untrusted networks and potential attackers.
- Smaller, faster, cheaper computers and storage devices. More people have access to powerful computers and flash drives that they can use to steal information.
- Decreasing skills necessary to be a computer hacker. We can learn about hacking from the internet quite easily. There’s also certain computer programs (called scripts) that people can download and use to attack various information systems as long as they’re connected to the internet. Frankly speaking, being a computer hacker right now is getting more accessible and effortless.
- International organized crime doing cybercrime. Big company often got targeted by this international organized group filled with clever hackers, usually targets software security. Losses from cybercrime can be committed from anywhere in the world, and the amounts is no joke. They able to steal hundreds or even millions dollars just by sitting in their homes.
- Lack of management support. Most of the time, senior managers responsible for organization’s security policies and procedures can’t do this job seamlessly. The lower managers may be more important because they’re usually in close contact with their employees every day. Thus, they’re in a better position to determine whether or not the employees are following security policies and procedures.
There are a lot of different types of risk or threats of information system. There are human errors (carelessness, lack of awareness), software threats (phising, virus, trojan), social engineering (perpetrator trick employees into providing confidential company information by phising), espionage or trespass, information extortion, sabotage, vandalism, information theft, Supervisory Control and Data Acquisition (SCADA) attacks, and many more.
In conclusion, with the rising of the Industry 4.0, information systems are needed in nearly every business organizations. With the vast internet progression, people able to obtain computers and network, making them vulnerable to internet attacks. As an organization, there are important information in need to be protected. Because of the increasing threats (such as software attack), information security is needed. Information security is every policies and procedures designed to protect organization’s information. And that’s why information security is important, especially for an organization.
R. Kelly Rainer, Brad Prince, Casey G. Cegielski. (2020). Introduction to Information Systems, 5th Edition International Student Version. 05. John Willey & Sons, Inc.