Abstract
With the pervasiveness of IT, security is the Achilles heel of computing. As discussed in the chapter, security efforts have gained attention, but secure systems remain out of reach as organizations struggle to balance market needs, civil liberty demands, and privacy rights. This chapter considers the current state of computer security along with the methods used to both exploit and prevent system infractions. It also relates some of the major legislative activities that seek to address security shortfalls. Finally, it touches on a number of security guidelines that managers should be aware of and possibly exercise to protect critical information assets.
TopCyber Crime
For the purposes of discussion, we will employ the federal government’s definition of “cyberspace.” Cyberspace is “the interdependent network of information technology infrastructures, and includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries. Common usage of the term also refers to the virtual environment of information and interactions between people” (NSPD-54/HSPD23). Vulnerability is defined as a defect that could expose a system to confidentiality, integrity, or availability incursions. Discussed in more detail below, the Federal Communications Commission encourages managers to examine threats and risks in light of their base (the intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments), temporal nature (changes over time) and environment (the characteristics of a vulnerability that are relevant and unique to a particular user’s environment).