Network Security Concepts and Policies by Catherine Paquet
She explains that there are several new assumptions that people should make about the security of their information and computer networks because the changes witnessed in this sector expose people to risks. First, she believes that modern networks are large, interconnected, and run on ubiquitous and proprietary protocols that are very risky (Paquet 2013). In addition, she argues that there has been an increase in the complexity of computers attached to these large networks; therefore, this has become a serious challenge because it is not easy to analyze, secure, and taste the security of their systems and application (Paquet 2013).
Therefore, she argues that the basic security requirements for such systems and their applications involve the provision of confidentiality of data to ensure only authorized people can access view, and use sensitive data. She proposes that network security designers should know the threats possible in computers and their applications and assess their risks (Paquet 2013). In addition, she argues that they should also assess the cost of implementing their preferred security measures and determine whether they are economical.
Implementing Information Security: Risks vs. Cost by Gideon T. Rasmussen
This author argues that there is a need for managers and other senior stakeholders to ensure that they are in regular contact with security professionals so that they can be updated on the latest technology and applications of securing their systems. He claims that managers cannot easily estimate the benefits of a secured network and computer application, but its losses are usually huge and can make investors close their businesses (Rasmussen 2005). In addition, he claims that there is a need for data recovery plans and checks that will ensure companies do not expose themselves to threats and believes that dishonest and disgruntled workers are usually the biggest perpetrators of internet fraud. The prudent man principle and concept of due diligence are compulsory in organizations to ensure every employee is committed to protecting the safety of sensitive information (Rasmussen 2005).
References
Paquet, C. (2013). Network Security Concepts and Policies by Catherine Paquet. Web.
Rasmussen, G. T. (2005). Implementing Information Security: Risks vs. Cost.Web.