|
|
The use of information and communication technologies is often seen as a means for making improvements, but in practice it is not all good. The challenges and threats including manipulation, disclosure, modification, or damage and loss of data is also a part of it. Understanding information security is equally important for both developed and developing nations to protect their information assets. Will they be able to tackle this growing menace?
Information security underlines the importance of trust and trust building in everyday economic and civic life. Economic activities, such as trade or financial transactions, may be critically dependent on information security, as globalisation encourages and directs the remote or mutually unfamiliar firms and individuals to interact. As e-business becomes part of the everyday experience of large number of firms, who will on average tend to be more risk-averse than early adopters of technology, security in all its dimensions becomes crucially important. Information security also raises questions as to what combination of technical, management, regulatory and legal solutions work best. Here too, knowledge and awareness of the basic technology landscape can be an advantage, while a strategic approach built around a core of risk management notions can be a decisive asset. Proactive and strategic information security has become indispensable from a regulatory perspective as well. The international community has arrived at a common approach to information security practice and has recognised the threat of cyber-crime to information economy development. International forums and national regulatory bodies are formulating and advising on minimum information security standards for international commercial partners. As a result, firms from developing countries can be affected and may risk marginalisation if they cannot meet the information security requirements of their counterparts in the developed world. From a privacy and human rights perspective, information security issues matter and are being increasingly addressed through policy as well as through technology. From a business perspective, information security issues are just as acute. Entrepreneurs or employees frequently enter into remote communications that require an appropriate level of trust that corresponds to the value of the underlying business and any associated risks and liabilities. Firms are public entities, and their public personalities are easily knowable. Firms also have exploitable assets whose value is often public knowledge. Thus, targeting their information security can be fundamentally premeditated exercise-more so than in the case of individuals. Governments have concerns similar to those of firms but with an overarching mandate and a fundamental responsibility towards citizens and organisations, since they administer data related to civil, fiscal, social security and other issues. Thus, understanding the security issues and the role of technology in creating trustworthy digital environments, conducive to e-business activity and benefiting the efficiency and quality of governance matters. The security technology sector is not as concentrated as that of computer software or hardware. Nearly all software and many hardware companies provide services around their own or licensed security products, including industry giants such as IBM and Microsoft. Nevertheless, several companies have established themselves as market leaders in information security and are often cited as bellwethers for the sector. From a financial perspective, since the dot.com bubble burst in March 2000, investors have generally not resumed the positive expectations for the sector that were common in the late 1990s, in spite of frequent alarming news coverage about the vulnerability of information and communication technology networks, infrastructure and appliances brought on by a diversity of viruses, malicious codes and direct hacking activities. The global information security market is estimated at around $40 billion, half of which is represented by the US. The corresponding estimates of economic damage caused by security breaches in 2003 vary from $12.5 billion for viruses only to over $200 billion for all forms of digital attack. While damage from viruses is likely to decrease because of better and broader deployment of anti-virus software, total digital damage is likely to rise if only because of the continuously expanding use of internet-based technologies. A risk management approach to information security involves the economic assessment of the information assets at risk before looking at possible solutions. While it will not provide any additional incentives, it should clearly outline and define existing incentives and juxtapose them against the investment needed and the value of the proposed improvement of security. Once this has been done, policy processes at the level of a firm, an industry association or a government, at the national or international level, may consider possible action to improve incentives for better information security.
|
Issue Contents Write to us Subscription Syndication INDIA TODAY |
INDIA TODAY PLUS © Living Media India Ltd |