Java Reference
In-Depth Information
Figure 2.1
Hacking videos available on Youtube.
information for their nefarious purposes. As you can see, this adds an ugly dimension to security
incidents and breaches and has necessitated information security.
2.1.1.3 Digitization
Digitization
is the conversion of paper documentation into computerized documents and format.
Organizations have replaced their manual records with computerized records, for the sake of con-
venience and a host of other related beneits. Digitization is the result of the Internet revolution.
Today, a growing number of organizations are digitizing their business documents, intellectual
property, and trade secrets. his is done for the purpose of easy distribution and access, but this
fact has been recognized by cybercriminals all over the world, who have focused their energies in
unlawfully obtaining this sensitive information. Digitization has also emerged as one of the key
factors for the need for information security.
2.1.1.4 Legal and Compliance Requirements
Legal and contractual requirements necessitate an organization's drive for information security.
his is due to the fact that legal and contractual requirements mandatorily impose certain clauses
and provisions requiring strong information security practices. For instance, in the light of several
accounting and inancial scams in the United States, the Sarbanes-Oxley Act was introduced.
he Sarbanes-Oxley Act, popularly known as SOX, is a piece of legislation that was passed in the
United States to introduce more accountability and accuracy for the inancial statements prepared
by publicly listed U.S. companies. SOX advocates several security measures to be implemented
for systems and applications, which inluence the preparation of inancial statements. his usually
brings in scope any IT system involved with the entity's inancial information.
In the light of several major security incidents, which resulted in billions of dollars in card-
holder information getting compromised, the
PCI Standards
were introduced. he
PCI-DSS
or
the
Payment Card Industry Data Security Standards
is an industry-wide initiative by the payment
brands Visa, MasterCard, American Express, JCB, and Discover to promote robust information
Search WWH ::
Custom Search