Information Security in Business Organizations

Essay by jeffery8888University, Master's December 2007

download word file, 13 pages 4.0

Executive SummarySecurity of networks and systems operating in business organizations is of paramount importance to all business engaged in electronic commerce and online commerce (Lawrence et. al. 2000). In an increasingly connected world where most organizations have connection to the internet, security is most wanted and security management is needs to be done in a well-organized and systematic way as it will have a direct impact on the organization itself.

The essay sets off with a critical review of the term security in the context of information systems, which illustrates the treats and risks arising from extensive use of information systems. Then, through a case study of banking giant Citibank, the essay addresses which security measures and how security managements are conducted to subdue threats and risks by Citibank in securing its information system and business. In the end of the essay, another great emphasis is laid on an outlook of banking industrial, which discuss the challenges as well as the development of the industrial.

Table of ContentsExecutive Summary 1Table of Contents 2Introduction 31.0 Security and Information Systems 41.1 Risks of Accidents with Information Systems 41.2 Security Threats 61.3 Security and Control Issues in Information Systems 72.0 Company Profile - Citibank 103.0 Security Threats and Risk faced by Citibank 113.1 Online Fraud 113.2 Identity theft 113.3 Trojan Horse, Viruses and Worms 113.4 Common Security Threats Against Infrastructure and Networks 124.0 How Citibank Information System Is Secured 135.0 Outlook on Security Industrial 165.1 Recent Attack Trends 165.2 What's Hot in the Security Market 17Conclusion 20References 21IntroductionThe term "information security" means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide:•Integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;•Confidentiality, which means preserving authorized restrictions on...