Historically, the United States has attempted to address the issues of an individual’s right to information privacy and security through legislative actions. More specifically, the execution of legislation that addresses information security and privacy has been implemented in particular areas such as health care, banking, and education as well as other industries. This chapter presents an overview of the laws that have addressed the growth of security and privacy threats that havegrown over the years.
TopBackground
Technology plays an important role in providing current and up-to-date information for consumers and organizations as well as the instantaneous sharing of information between individuals using programs such as email or instant messaging. Most consumers would agree that technology can provide the accessibility of their information, and that fact alone is advantageous, but consumers are also becoming increasingly aware of the potential harmful impact of the misuse of these same technologies.
Certainly, Internet technologies have brought with them legal challenges that are often hard to define. Because we are a society governed by laws, information technology managers and systems administrators must be aware of and address current laws, directives and regulations dealing with cybercrime issues. In addition, the growth of the Internet as a file storage and transfer medium has forced society to reexamine the notions surrounding privacy and security issues.
As the worldwide economy continues to become more dependent upon information technologies, and as economies become more interdependent, it appears that security-based threats will continue to increase, with concomitant increases in costs to individuals, organizations, and society as a whole (Conca, Medlin, Dave, 2005). Researchers continue to look at the rise of professional cybercrime as a uniquely worrying phenomenon (Antonopoulos, 2009).
No matter the organizational type, one of the greatest problems faced by any company is the myriad of ways their IT structure and services can be diminished by malware or third-party attacks. The security-based threats and vulnerabilities that currently exist, such as Trojan Horses, spyware, and other types of malicious code, have the potential to damage consumers’, as well as businesses’, data or other assets. When organizations determine the asset risk, they must address the vulnerabilities that exist in order to protect themselves from loss of physical and tangible assets.