Example research essay topic: Private Sector Information Security - 750 words

NOTE: Free essay sample provided on this page should be used for references or sample purposes only. The sample essay is available to anyone, so any direct quoting without mentioning the source will be considered plagiarism by schools, colleges and universities that use plagiarism detection software. To get a completely brand-new, plagiarism-free essay, please use our essay writing service.
One click instant price quote

Public and Private Sector Initiatives In contemporary context of global information era, the issue of cyber security is considered to be one of the key elements, which determine overall companys performance, competitive advantage, and image. From the critical point of view, the major controversy of cyber security is embedded between methods of control and monitoring, in particular its centralized or decentralized regulation. Practically, opinions of the specialists in regard to this issue vary significantly. The advocates of federal centralized regulation approach indicate that the system of acts and other regulative documents is the most adequate way to protect companies and avoid their potential losses. Simultaneously, the analysis of the latest trends in the area of cyber security and corporate policy, including conducted studies and researches as well as accepted managerial practice, prove the opposite the only practically accepted way to manage the controversy is to leave the management, control and monitoring of cyber security on corporate sector. According to the Global State of Information Security 2004 study conducted by CIO and CSO magazines and PricewaterhouseCoopers, companies security practices improved overall in 2004, though their security resources did not significantly increase.

According to more than 8, 000 IT security professionals from 62 countries, the number of security incidents experienced in 2004 remained relatively flat compared with the year 2003; however, financial losses and disruption damages were less severe. Simultaneously, information security budgets also remained flat in 2003, accounting for about 11 percent of organizations overall IT budgets (Glasgow, 27). Government regulations and potential liability continue to be the biggest factor driving security investments, indicating that in addition to IT investments in security, security spending may be occurring in departments other than IT. The study revealed that companies created more senior-level security positions and those security positions more often report outside of IT to departments such as audit and risk management. In addition, companies surveyed said they have more awareness of the need to align security with business objectives. According to the 2004 Ernst & Young Global Information Security Survey, organizations worldwide are failing to safeguard their data against risks posed by people within their organizations.

More than 70 percent of the 1, 233 organizations surveyed - representing some of the leading companies in 51 countries - failed to list training and employee awareness of information security issues as a top initiative (Saccomano, 6). Ernst & Young indicated that as businesses moved toward increasingly decentralized business models through outsourcing and other external partnerships, it became even more difficult for them to retain control over the security of their information and for senior management to comprehend the level of risk to which they are exposed. The survey disclosed that companies remain focused on external threats such as viruses while internal threats are consistently under-emphasized. It also shows that organizations readily commit to technology purchases such as firewalls and virus protection but are hesitant to assign priority to human capital.

The survey found that only 20 percent of organizations view information security as a CEO-level priority, but Ernst & Young indicated that if companies want to change the way they approach information security, they must create a security-conscious culture that includes setting the right tone at the top. According to a survey by Harris Interactive, two-thirds of employees believe their co-workers are a bigger threat to customer security than hackers. Seventy-four percent of the 500 people interviewed said the security protecting customer data on their companies networks was secure, very secure, or extremely secure, but 45 percent said it would be easy, very easy, or extremely easy for an employee to steal data from the network. A survey of 760 people by the Information Technology Association of America and Brainbench found that only 35 percent of Americans believe that their colleagues know what to do and are doing it to protect workplace networks. The rest think their peers are not aware of the issue, do not know what to do about it, or just wont bother (Saccomano, 9). More than half of US workers said their employers do an adequate job providing information about cyber security threats and protection methods, but only 39 percent said their own knowledge of the issue was accrued on the job.

Bibliography Glasgow B. Cyber security concerns claim top spot: Industry forms info sharing forum. Chemical Market Reporter. New York: Jul 22 -Jul 29, 2004. Vol. 262, Iss. 3 Saccomano A. White House sees private sector as key to cyber-security.

Communications News. Nokomis: Jan 2004. Vol. 41, Iss. 1

Research essay sample on Private Sector Information Security