ISM Workshop
ICT 357 / 557
Information Security Management
Assignment - Workshop 1
Question 1
Describe the main differences between Computer Security and Information Security. Define and describe key elements in Information Security.
Computer security refers to the methods and practises that are employed by employees to protect private resources in a computer system from being accessed, modified or deleted (Gollmann 2010). Many industries implement strict computer security measures. This may include installing physical locks on doors, security cameras, security guards, and emergency protocols in the occurrence of a flood or fire. Firewalls, varying levels of access privileges, and data encryption prevent the interference of data that is stored or accessed on a computer. The United States’ Computer Security Act of 1987 requires federal departments to provide training to employees to teach knowledge workers these skills, as the emergence of communications devices and technologies has made most industries vulnerable (Whitman 2010, 194). Schell discusses how a lack of computer security in US Government programs has led to the exposure of sensitive military communications and strategies (2013). This is in contrast to Information security, which encompasses computer security in addition to physical, operations, communications and network security in an information system (Whitman 2010, 4). The CNSS security model provides a framework of desirable attributes of a secure information system, which includes confidentiality, integrity and availability (Whitman 2010, 4).
According to Parker (1998) some key element of information security:
Confidentiality: Measure the information is belonging to a authorised people, and they are the only one who able to get access.
Integrity: Measure the quality of the information (not been modified from the previous state)
Availability: Measure that the information is accessible on anytime.
Possession: The
Information Security Management
Assignment - Workshop 1
Question 1
Describe the main differences between Computer Security and Information Security. Define and describe key elements in Information Security.
Computer security refers to the methods and practises that are employed by employees to protect private resources in a computer system from being accessed, modified or deleted (Gollmann 2010). Many industries implement strict computer security measures. This may include installing physical locks on doors, security cameras, security guards, and emergency protocols in the occurrence of a flood or fire. Firewalls, varying levels of access privileges, and data encryption prevent the interference of data that is stored or accessed on a computer. The United States’ Computer Security Act of 1987 requires federal departments to provide training to employees to teach knowledge workers these skills, as the emergence of communications devices and technologies has made most industries vulnerable (Whitman 2010, 194). Schell discusses how a lack of computer security in US Government programs has led to the exposure of sensitive military communications and strategies (2013). This is in contrast to Information security, which encompasses computer security in addition to physical, operations, communications and network security in an information system (Whitman 2010, 4). The CNSS security model provides a framework of desirable attributes of a secure information system, which includes confidentiality, integrity and availability (Whitman 2010, 4).
According to Parker (1998) some key element of information security:
Confidentiality: Measure the information is belonging to a authorised people, and they are the only one who able to get access.
Integrity: Measure the quality of the information (not been modified from the previous state)
Availability: Measure that the information is accessible on anytime.
Possession: The
References: Gollmann, D. "Computer security." WIREs Comp Stat, 2010. McKenzie, I. Australian Government. August 2011. http://www.dsd.gov.au/publications/Information_Security_Manual_2010.pdf (accessed August 07, 2013). Parker, D. Fighting computer crime: A new framework for protecting information. New York: Wiley, 1998. Whitman, Michael E., and Herbert J. Mattord. Management of information security. CengageBrain. com, 2010. Schell, Roger, R. “Computer Security.” Air and Space Power Journal 27 (1): U.S. Trade journals, 2013 Group Members