Information Security Breach

Information Security Breach

Ko, M. & Dorantes, C. (2006). The impact of information security breaches on financial performance of the breached firms. Journal of information technology management. Vol. 17(2)

According to Ko, & Dorantes, (2006) information security breaches profoundly affects the performance of affected organizations. The article looks at the issue of information security breach by conducting an elaborate research study on breached firms. The risk of security breach is on the rise as companies embrace technology. As more business conducts their businesses electronically, the risk of information security breach becomes prominent. Information security focuses on protecting confidential information from unauthorized access. It is the responsibility of an organization or individual to determine which information can be free for access to all and which information must have restricted access (Fred, 2008).

The article reviews the rising incidences of information security breaches. The article provides readers with statistics done in 2005 which indicate that 95% of organizations have experienced varying levels of information breaches. It is vital that organizations strengthen the principles of information security. Confidentiality is one of the principles where information cannot be disclosed to unauthorized individuals. Confidentiality may be sufficient, but it does not guarantee that information security will be guaranteed (Bulgurcu, & Benbasat, 2010). The second principle in relation to information security is information integrity, which indicates that information must not be altered without relevant authority. Modification of data can only be done by authorized personnel who have restricted access to such information. Availability is the third principle which stipulates that information must be accessible when needed. Authenticity of the data and communication is the fourth principle.

The article further discusses types if information security breach that organizations can experience. They include introduction of a virus, unauthorized access, theft of confidential information, sabotage and website defacement. In any organization, any level of information security breach can result to massive financial losses. First, any announcement to the public that a firm has been breached results to a drop in the organizations value. This is because shareholders and potential investors become uncertain of the continuity of the firms. This occurs when the information that has been breached is highly sensitive. The article effectively points the severity of information security by analyzing various researches done by previous authors.

The article conducts a research study to determine the effect of information security breach on performance of the affected firms. The findings indicate that organizations do suffer financial losses. However, the losses are not as high as due to fast corrective measures. This statement points pout the importance of quick response in case of information security breach. The studies show that a quick response will result to minimal financial losses. Once the management realizes that there has been information security breach, it should strive to upgrade the existing information security system (Garg, & Halper, 2003).

The article is quite useful as it reviews the financial impact of organization performance. Currently, few researchers have looked at the financial impact of information security breach. However, the small sample size used in the research puts the usability of the article to question. The issue of information security breach continues to exist even in the current society. Technological advancement has made breaches such as information theft easy. For example in 2007, TJX company reported that confidential information about credits and debit cards worth millions of dollars had been stolen (Fahad, & Minhas, 2012). This is evidence that organizations have to upgrade their information security systems so as to avoid such losses.

Reference

Bulgurcu, B. & Benbasat, I. (2010). Information security policy compliance. MIS quarterly. Vol. 34(3); 523-A7

Fahad, B. & Minhas, A. (2012). On the development of comprehensive information security policies. International journal of academic research. Vol. 4(1): 16-22

Fred, C. (2008). Information security breaches. The centre for information policy leadership

Garg, A. & Halper, H. (2003). The financial impact of IT security breaches. Information systems security. Vol. 12(1); 22-33

Is this your assignment or some part of it?

We can do it for you! Click to Order!