There are many threats to information security. Please describe five information security threats.
What will be an ideal response?
The following are the common security threats:
• Human error: Where an HRIS is not well designed, developed, and maintained and employees are not adequately trained, there is a high potential threat of security breaches (Wong, 2006a). A survey suggested that human errors, such as incorrectly entered data or accidental destruction of existing data, constitute security threats to the availability, accessibility, and integrity of information (Wong, 2006a).
• Damage by employees: One of the overlooked areas by HR managers is that information may be damaged by disgruntled employees. A recent survey suggested that a third of companies felt that their information security was at risk from disgruntled employees (E&Y Security Survey, 2003).
• Misuse of computer systems: One of the predominant internal security threats is employees’ unauthorized access or use of information, particularly when it is confidential and sensitive.
• Theft: The value of information can much higher than the price of hardware and/or software. With the advanced technological developments, a relatively small computer chip (e.g., USB device) can easily store up to 120GB data.
• Computer-based fraud: There is growing evidence that computer-based fraud is widespread. Over 90% of companies had been affected by computer-based fraud, such as data processing or data entry routines that are modified (Garg et al., 2003).
• Viruses, Worms, and Trojans: These are common security threats from outside the organization and often come with the e-mail attachments. (De Campeaux, 2002). They have the capability to automatically replicate themselves across systems and networks, as well as typically delivering mischievous functionality or damage to the information.
• Hackers: Another significant threat is the penetration of organizational computer systems by hackers. A hacker is defined as someone who accesses a computer or computer network unlawfully. Such attacks, often termed “intrusions” (Austin & Darby, 2003, p. 122), can be particularly dangerous, as once the hacker has successfully bypassed the network security, he or she is free to damage, manipulate, or simply steal data at will. Related to this aspect of security threat is cyberterrorism, incorporating, for example, unlawful attacks designed to intimidate (Austin & Darby, 2003). They usually send a threatening e-mail stating that they will release some confidential information, exploit a security leak, or launch an attack that could harm a company’s systems or networks.
• Natural disasters: Most typical forms of natural disasters are floods, earthquakes, fires, or lightning strikes, which destroy or disrupt computing facilities and information flow.
You might also like to view...
Supermind argues that:
a. the brain and mind are two distinct realities b. the brain and mind are not two distinct realities c. the brain has been fully tapped d. we know all of what there is to know
In U.S. GAAP, which of the following accurately describe(s) the effects of transactions involving investments on the statement of cash flows?
a. If investor acquired the debt at a price below par, then cash flow from operations includes only the interest coupon received. b. If the holder acquired the debt at a price below par, then cash flow from operations will include the amount of interest revenue for the period, with source of the remainder of the cash received appearing as a [dis-]investing activity, the same as the proceeds of selling an investment. c. When using the indirect method, add back realized holding losses, and subtract realized holding gains included in income for the period to derive cash flow from operations. d. Investor's cash flow from operations increases by only the amount of dividends received. In the indirect method, deduct the investor's share of the undistributed earnings of the investee. e. all of the above
A resulting trust depends on a contract or agreement as evidenced by the parties' acts
a. True b. False Indicate whether the statement is true or false
All of the following are likely to result in the use of less debt in a company's capital structure
EXCEPT A) insufficient internal funds. B) desire to maintain a high credit rating. C) a decrease in a company's marginal tax rate. D) desire to maintain financial flexibility.