The main buzzwords that are popularly being used in the twenty-first century are Hostilic security, Unification, summary convergence, integration. Hostile security can be explained simply as aggressive security, Unification which focuses on unifying the available security resources, summary convergence which is a unified synopsis, and lastly integration which involves combining available security resources (Hess and Hess, 2008).
Integral components of the holistic security process include detection, protection, and reaction. Detection basically involves finding out the possible threats, the second step is protection which involves coming up with means of preventing the possible threats from occurring, and finally reacting to the threats by means of coming up with solutions to already occurred incidents (Hess and Hess, 2008).
With the world becoming a global village, IT is the only guaranteed link that can connect the world. IT projects can bring change to an organization by focusing on the actual needs of a specific business unit. They also help in long-term business goals as they help in the adaptation of the new environment that may include possible risks. IT-related threats that may arise can only be eliminated by using the same channel (Hess and Hess, 2008).
All security directors should be familiar with the emerging technology that may become useful in reducing or in some instances eradicating possible threats. The various systems that might be helpful include incorporating the use of things like IP video surveillance systems which are very reliable in giving evidence, USB technology, and most importantly mesh networks (Hess and Hess, 2008).
There is a lot of equipment that currently poses security threats but the most common nowadays is the simple gadgets that everyone uses often like cell phones. The cell phones we use make us vulnerable to technological threats like internet fraud if the information that is contained in our cell phones ends up in the wrong hands. Other gadgets are the PDA’s and laptops (Hess and Hess, 2008).
The most common computer attacks tend to focus on proprietary information. This is information that should never be in the wrong hands it includes information like patented material, trade secrets which are at times delicate information like anticipated business strategies. Another common target is an intellectual property like reports and research conducted (Hess and Hess, 2008).
A lot of proprietary information includes customer records and financial records. Customer records and financial reports of a business should always remain confidential and should never be disclosed to unconcerned parties. These types of records are vital because they can be manipulated by fraudsters and result in massive losses (Hess and Hess, 2008).
Threats to proprietary information tend to vary. The potential threats can be domestic or foreign, i.e. they tend to come internally where some members within an organization might be plotting against the same organization they are working for, or they might be outsiders people like competitors. This is where things like passwords or operating manuals end up in the wrong hands (Hess and Hess, 2008).
The most cost-effective measure to protect corporate information assets is by use of security awareness and training to the employees. When the employees are trained to detect potential threats, they provide better safeguarding than any system software can. It is also relatively hard to manipulate humans than a system (Hess and Hess, 2008).
The most critical factors that can be used in conducting an investigation are the use of pseudopotential form to determine the validity of documents. This method is more effective in dealing with fraud cases where the validity of documents may be in question (Hess and Hess, 2008).
The best security measure that can be taken to reduce losses from IT threats is educating the workforce on possible threats. If the workforce is educated, it gives more security against possible threats than any software can, because the human workforce can be able to adapt quickly to emerging trends, unlike software which will require an upgrade (Hess and Hess, 2008).
References
Hess, M. and Hess, M. (2008). Introduction to Private Security. New York. Cengage learning.