Trim, P.R.J. (2005). Managing computer security issues: preventing and limiting future threats and disasters. Disaster Prevention and Management, 14(4), 493-505.
Abstract of the Article:
Trim (2005) posits that senior management should view security as a ‘core activity’ of any organization. The cost of losing valuable information and eventually paralyzing the operations of an organization far outweighs the cost of institutionalizing a holistic and pro-active security policy. Its necessity is underscored not just by the proliferation of organized criminal syndicates and terrorist groups but also by treats emanating from the functional-structure of the organization itself. Hence, cooperation with law enforcement agencies, continuous staff training, and establishment of risk assessment and corporate intelligence policy are essential elements of organizational security policy.
Trim (2005) posits that senior management should view security as a ‘core activity’ of any organization. The cost of losing valuable information and eventually paralyzing the operations of an organization far outweighs the cost of institutionalizing a holistic and pro-active security policy. Its necessity is underscored not just by the proliferation of organized criminal syndicates and terrorist groups but also by treats emanating from the functional-structure of the organization itself. Hence, cooperation with law enforcement agencies, continuous staff training, and establishment of risk assessment and corporate intelligence policy are essential elements of organizational security policy.
3 Things I learned:
1. Corporate intelligence, which is defined as “the acquisition of knowledge using human, electronic and other means, and the interpretation of knowledge relating to the environment, both internal and external, in which the organization operates. It provides selected staff within the organization with up-to-date and accurate information, which allows strategists to develop and implement policy so that the organization maintains and/or gains a competitive advantage in the marketplace. It also provides a mechanism for implementing counter-intelligence measures to safeguard corporate data and secrets".
2. Installation of information – security infrastructure and software (firewall, anti-virus etc.) solves only half of the problem; the other half is dependent on the attitude of the people within the organization.
3. The concept of organizational security has internal and external dimensions. It should be addressed in a holistic manner by the senior management and in every level or functional component of the organization by the employees.
Application / Implication:
Having learned about the nature of organizational security, I would be more careful in my use of the Internet for I may unknowingly put organizational and personal information at risk. This further strengthened my advocacy for information literacy, where responsibility and accountability are crucial components.
Having learned about the nature of organizational security, I would be more careful in my use of the Internet for I may unknowingly put organizational and personal information at risk. This further strengthened my advocacy for information literacy, where responsibility and accountability are crucial components.
No comments:
Post a Comment