In this Management information systems 204 course, I have learned about information security, which is the ability to protect oneself against unauthorized or criminal cyber security tactics. Information is a very important factor of our everyday lives, it is dependent on us to protect it with certain actions being taken. Security is those actions in which you enable a firm way to protect your information and self or to secure something. In lesson seven of this course, I have learned the grave danger of cyber-attacks, what they mean, and the monetary value estimated of the total attacks loss being estimated at $867 million in the year 2008. Anyone is in danger if they’re not securing their cyber footsteps online with careful precaution. Even Target was the victim of one of these cyber-attacks, costing them $162 million in expenses for the year 2013, with 70 million costumers effected by the attack, not only damaging their profit but costumer’s loyalty and reputation. These attacks demonstrate the risk involved in information security today as we are even more technologically involved today.
I have also learned the types of attacks said to be done and how these methods work. The most common types of attacks were listed in the lesson from; User Administration types of attacks being Bad Apple, social engineering, even weak passwords, to server software attacks; Operation software holes, application weaknesses and Unfederated systems. In the list of attacks this lesson mentions a noteworthy thing, that the greatest source of vulnerability is actually you, as you are the one responsible for securing your own information, and researching how to protect yourself. I learned that cyber-attacks can even be done in human form, where literally anyone can perform such an attack, by simple looking at someone’s screen at an angle with caution they can remember your passwords and information that is only meant for you, giving them access to your information unauthorized. This simple form of an attack emphasizes why large companies inject the rules of information and how employees manage that information with each other, often resulting in a safer workforce.
Another thing I’ve learned prior to this lesson the importance of information, as a company simply cannot survive without managing information correctly, I believe information security is one of those requirements much like for a company an individual would need to protect themselves correctly. When I enter the business world more often, I will be sure to know how to secure myself on the basic level of information security thanks to this course. People are known to make tons of mistakes, luckily, we can learn from others and those mistakes being done to prevent future cyber-attacks. I can apply some of the 11 protocols of CERT to effectively manage my information security when working for a company. For example, number 10 of those rules is Plan, manage, and measure security objectives which most certainly applies to personal space such as a desktop, I will have to plan what security programs to use, manage them fluently, and secure any objectives I am going to perform as an individual not only as the company employees. I appreciate having this skill in life, as the technological age is rapidly increasing.