Information security is a discipline focusing on protection of data within computer and systems. However, rigorous review of the literature shows that few researchers have attempted to research and come up with theories and methodologies to investigate problems with information security. Threats to information security systems are a crucial aspect to consider when establishing a computer network system. A threat is anything that takes advantage of the vulnerability of an information system to a lapse in security and negatively affects the computer network by erasing, altering or harming objects(s) of massive importance to the organization (Kruger & Kearney, 2006). Solving their problems is crucial to running a better computer network with secure data storage and sharing. This research proposal aims to elucidate the means of solving this problem.
Keywords: Computer Science, Information security Engineering, Systems engineering, Information systems.
Information security is an aspect incorporated in cybersecurity where there is advanced data protection. It is the set of processes that maintain and protect the availability, integrity and the confidentiality of computer system data from those with bad intentions. Information, therefore, can be used to refer to physical or virtual data. Data can range from anything, e.g. Your identification details, say your social media portfolio, data on mobile devices, biometrics, etc.(Kruger & Kearney, 2006). According to Kruger & Kearney (2006), the risk is an intersection of three aspects of risk assessment “A+T+V=R.” That is; A-risk, T-threats, V-vulnerability. Due to reliance on computer systems, regarding the Internet and wireless networks, the need for information security has become more critical than ever. The growth of smart devices like smartphones, televisions, etc. also helped develop this field. It spreads with a vast time domain and covers all areas of society. They include stock exchange markets, defense forces, etc., information security should have features such as; 1) it is an integral part of national security in the information age, 2) its nature is information resource security, 3) it relies more on guards of technological systems, 4) sources of information attack in information security are characterized as concealed.
It is a kind of engineering designing systems based on information technology, and information security management is its approach and information security laws and policies its assurance.it is an element of Systems Engineering and Information Security Engineering is the embodiment of information system security engineering, systems engineering and system acquisitions (Siponen, 2000).
BACKGROUND OF THE STUDY
Due to the increase in the instances of people penetrating computer networks, information technology specialists sought to find a way of prevention of hacks. Early Information Security approaches identified secrecy, integrity, and how available information was as primary security factors. According to Siponen (2000), the security term “CIA Triad” was derived from these three words (confidentiality, integrity, and availability). Eventually, this morphed into Parkerian Hexad. Principles of Hexad include information control, integrity, original authenticity, availability, and utility. Early years of computing saw the military use mainframes that were connected through dedicated phone lines. In the 1970s, people discovered a way of exploiting vulnerabilities in this connection – the dawn of computer hacking (Siponen, 2000). “Thus, the processes of ISE becomes:
1) Discover requirements of information security: ISE will ﬁrst investigate users’ requirement, policies, standards, vulnerabilities and threats regarding information. Then ISE will mark the users of information and systems, their roles and responsibilities in information security.
2) Deﬁne information security system: users’ requirements of information protection and description of information system environment are interpreted as the objectives and functionalities of the information security system. In this stage, ISE will deﬁne what can be done by the information protection system and the executions of the information security system as well as the internal and external interface of the information security system (Salomon, 2006).
3) Design information security system: ISE will design the architecture of an information security system and detail the design scheme of information security system” (Rannenberg, Varadharajan, & Weber, 2010).
Information security requires one to envisage themselves with their systems in worst case scenarios. A security breach is an action from outside the confines of the organization that goes against the procedures related to specific information systems security. Majority of approaches in this view were presented by (Niekerk & Solms, 2010). Later generation models advocate for modeling and emphasis is created on secure system development via socio-technical designs. (Salomon, 2006) is in support of this view saying only a few; little-known methods have been considerate of the socio-technical aspects of information security. Majority of these methods are comprised of checklists, analyses and several methods of evaluation.
Siponen (2000) advocates for the need for security approaches to provide a whole picture of modeling support that is generated for integration into modern formulation of information security development approaches. Edgar & Manz, (2017) and Niekerk & Solms (2010) say that despite the fact that most Information Security methods have proven translucent in terms of tools and techniques, their vision is narrow for missing to focus on the social aspects of risk and the informal structures of organizations.
Salomon (2006) admits to the failure of having proper mechanisms of Information Security as to having bias due to lack of awareness on the complex multidisciplinary nature of Information Security. (Rannenberg, Varadharajan, & Weber, 2010) advocated for a multi-theoretical focus on information securities investments. Kruger & Kearney, (2006) and Markus & Lee (2000) Suggests a resource-based view and an Organizational Learning theory that are established approaches in Information Security literature. Kisan & Rao (2017) says literature can be framed from different perspectives for better complementary views of literature.
Bulgurcu, Cavusoglu, & Benbasat (2010) in their review of works of literature in information securities culture support the view that an Organizational culture is essential in minimizing risks to information and especially reduction of employee misbehavior.
Alberts & Dorofee (2002) views security metrics as consisting of three categories: people, operations & training, equipment & infrastructure. However, Sharman et al. dispute this fact saying they categorize the research literature as being either dealing with behavioral policy compliance issues or with technical issues.
DESCRIPTION OF THE STUDY
3.1 Research Methodology.
The information security field involves a wide range of activities. Research activities in Information Security include elements including elements from technical fields. This study will mainly be dependent on the literature generated by other researchers in the field due to the difficulty of defining clear-cut boundaries of information security (Niekerk & Solms, 2010). The study will also; (a)Present research methods from a cybersecurity science perspective, (b) Catalyse the rigorous research necessary to propel the cybersecurity field forward, (c) Provides a guided method selection for the type of research being conducted, presented in the context of real-world usage (Edgar & Manz, 2017).
Description of the study
Technology and modern society are always connected to the internet. It allows for more creativity in the enterprising business space, which gives room to the black market’s operation. Information space criminals are advancing their discoveries of new ways of tapping into systems they may be locked out of. These sensitive networks require protection. The following are examples of threats to information security;
- Technology with weak security – as new technologies are advanced is enhanced. Failure to which, these technologies are exposed to vulnerabilities. The innovation of technology should be equivalent to innovation to Information Security (Niekerk & Solms, 2010).
- Social media attacks – cybercriminals orchestrate attacks to infect specific sites that are believed to receive heavy traffic from the target organization.
- Mobile malware – security experts seek to bind risks associated with mobile security. Since the early days of mobile device usage, Information Security experts have tried to mediate these situations. Lack of, therefore, created a catastrophic threat (Edgar & Manz, 2017).
- Third party entry – stolen credentials from retailers are used for illegal access to Information systems, i.e., HVAC, a vendor of computers fell victim to this calamity.
- Updating security firmware – lack of regular updates expose an organization’s networks to threat attacks. This is a necessary security management move for updates. Upgrades offer protection from existing threats, and hence outdated software wouldn’t be up to the task (Salomon, 2006).
- Neglecting proper configuration – computers fall victim to data breaches, e.g., the New York Times is a perfect example of an organization falling victim to data breaches due to lack of better security configuration.
- Non-encryption of data – protection of sensitive business information while being sent and after receipt is crucial. HIPAA requirement is that all computers must comply with data encryption.
- Corporate data on personal devices is highly discouraged whether the organization distributes corporate phones or not, confidentiality of data is compromised if it is still accessible via mobile phones (Salomon, 2006).
- Inadequate security technology – investment in software that sends attack-alerts to administrators has become a trend in the Enterprise space. Massive reliance on this software should be discouraged from this is supposed only to be a management tool.
Information security threats are many for instance, software attacks, intellectual property stolen, identify theft, pilfering of equipment, sabotage among others. A threat as explained before can be anything that can take advantage of the above vulnerabilities to cause a lapse of security and negatively affect the organization by altering, erasing, causing harm to objects of interest to the organization (Bulgurcu, Cavusoglu, & Benbasat, 2010).
Software attacks can be anything ranging from attacks from viruses, worms, Trojan Horse, etc. These are often confused with viruses, worms, and bots. Their only similarity is malicious software.
The etymology of the word Malware combines two terms, malicious and software. Any software that can be intrusive and is designed to perform malicious operations on systems. They are disseminated by 2 actions. (1) infection actions, (2) malware actions.
Those spreading through infection include;
Virus – a virus can replicate itself by attaching itself to software on the host device and then travel all over the Internet. According to Bulgurcu, Cavusoglu, & Benbasat (2010), The Creeper
Trojans – Trojans owe their name to Greek Mythology. They disguise themselves in the software’s under the guise of legitimate software’s, and after the execution of the software they perform their task. The task could either be theft of information or any other task for which they are programmed.
Bots –: these are advanced forms of worms. Bots are automated processes designed to interact online without the need for human presence. They can be benevolent or malevolent. Malicious bots infect a host and connect this host with their server through which commands will be sent that will affect the whole network. This is referent as Botnet.
Malware on the basis of Actions:
Adware – this type of malware is not exactly malicious; their crime is a breach of privacy of the users. Then they display adverts that are related/tailored to the user’s needs (Markus & Lee, 2000).
Spyware –this is a program that is in the form of a Trojan that records the activities of a user of a computer and reports to the interested party. Once dropped, installation is imminent, and their detection is hard.
Ransomware – this is a type of malware that will lock your computer by encrypting its contents thus making its access partially or fully impossible. After that, a ransom note will appear on the screen that should be paid before the user access is restored (Kruger & Kearney, 2006).
Scareware the software will display a threatening message that will prompt the user to install the given software. After this software has been executed, it will alter or destroy its contents.
Rootkits – these are designed to gain root access of a computer system. They come in a guise of legitimate software. After gaining access, they perform anything their purpose is, e.g. stealing personal identification details of a user (Kruger & Kearney, 2006).
Other ways of exploiting vulnerabilities in Information Security are;
Theft of intellectual property means the violation of the rights of a person’s original idea by making them look like your own.
Identity theft means to act in someone’s place without their consent often using their credentials that were obtained in a non-legal process. This can lead to a suit of a person from actions he/she never took part in (Kisan & Rao, 2017).
Theft of information and equipment has gained popularity for the ease at which data is being accessed by the nature of the mobile devices flooding the market.
Sabotage refers to intentionally causing damage to a company’s property in an attempt to cause a part of the clientele to lose confidence in the company (Kisan & Rao, 2017).
Information extortion means the exchange of a company’s product or information having been stolen at first. For example, using ransomware, a hacker can lock out users of a given company and ask for a sum of money to reinstate access to the company’s network.
The research paper will attempt to exhaustively define Information Security and give a clear cut differentiation of cybersecurity and Information Security. The research paper will also focus on showing the relationship between cybersecurity and Information Security (Kisan & Rao, 2017).
The research will also seek to focus on threats that endanger data in information security. The research will also be aimed at enriching the literature in the discipline of information security. The research paper will also seek to come up with research methodology that may be used in future dissertations in the information security. The research will also, focus on the theories and models in various fields and how these vulnerabilities are to be mitigated in an in-depth analysis of their causes and remedies.