technology and organizations influence each other as a relationship
influenced by organization’s structure, business processes, politics,
culture, environment and management decisions.
is no ex-ante, readily calculable return on investment for IT security
like homeowner’s insurance or a car with extra air bags, it is money
spent today to relieve the risk and potential cost and impact of events
that never emerge. Thus, IT security should be viewed as a necessary
cost of doing business. In the work on IT and information security with
companies in a wide range of industries, including banking, insurance,
defense, aerospace, industrial goods, energy, raw materials
telecommunications, and logistics, have identified a number of other
actions that executives can take to improve the companies’ chances of
success. To rival and success in global market, information technology
is important in competitive environment. (Kenneth C. Laudon, Jane P.
Laudon, 2018), global investment in information technology has expanded
by 30 percent in the period 2005 to 2015. IT investment now accounts for
an estimated 20 percent of all capital investment. Information systems
are transforming business as mobile digital platform, systems used to
improve customer experience, respond to customer demand, reduce
inventories, growing online newspaper readership, expanding e-commerce
and internet advertising, new federal security and accounting laws.
Firms contribute heavily in information systems to get six strategic
business objectives. There are operational excellence, new products,
services, and business models, customer and supplier intimacy, improved
decision making, competitive advantage and survival. IT platform can
lead to changes in business objectives and strategies. Businesses rely
on information systems to help them achieve their goals and to attain
higher profitability. Information systems improved decision making from
accurate information. To achieve the greater efficiency and
productivity, the tool of information technology is an important. IS
support organization to achieve competitive advantage as delivering
better performance, charging less for superior products, responding to
customers and suppliers in real time (Examples: Apple, Walmart, UPS).
Competitiveness was very often increased because of great cost savings
and better service to clients. Communication and inter organizational
systems seemed to be very important in this respect. Now a day,
organizations are in the rival for improving their capability in order
to survive in the global market. To make effective and timely decisions
that best achieves their organization goals more easy to get from using
the appropriate information of internal and external sources. (Karim,
(Karim, 2011), stated that
is an arrangement of people, data, process, and information technology
that interact to collect, process, store and provide as output the
information needed to support an organization,”
the relevant information required in a decision-making process or an
organization planning is not available at the appropriate time, then
there is a good change to be a poor organization planning and priority
of needs, inappropriate decision-making and defective programming”
, (Adebayo, 2007).
postindustrial organizations, authority increasingly relies on
knowledge and competence rather than formal positions with sufficient
of the difficulty to sustain competitive advantage, organization needs
to be continuous innovation. In order to stay ahead system performing
strategic may become tools for survival and firm value chains.
Information security is a serious problem for individuals and
organizations because it indications to unlimited financial losses.
Information systems are exposed to different types of security risks.
The type of damage caused by security threats are different as database
integrity security breaches, physical destruction of entire information
systems facility caused by fire, flood, etc. The sources of those
threats can be unwanted activities of reliable employees, hacker’s
attack, accidental mistakes in data entry, etc. Information systems are
vulnerable because of the accessibility of networks can breakdowns
hardware problems, unauthorized changes and programming errors software
problems, disasters, use of networks outside of firm’s control, and loss
of portable devices (Kenneth C. Laudon, Jane P. Laudon, 2018). Risks
come from easily by using network open to anyone, size of internet mean
abuses can have wide impact, use of fixed internet address with cable
and DSL moderns creates fixed targets for hackers, unencrypted VOIP,
interception and attachments with malicious software from email.
Security is breached easily from radio frequency bands easy to scan,
using SSIDs (service set identifiers), identify access points, broadcast
multiple times, can be identified by sniffer programs, war driving,
eavesdroppers drive by buildings and try to detect SSID and gain access
to network and resources, Once access point is breached, intruder can
gain access to networked drives and files.
Malware (malicious software) as viruses and worms can operate on their
own without attaching to other computer program files and can spread
much more rapidly than computer viruses. Worms and viruses spread by
drive-by download and destroy data and programs as well as disrupt or
even halt the operation of computer networks. Malware that comes with a
downloaded file that a user intentionally or unintentionally requests by
E-mail, IM attachments, hackers, request malicious files without user
intervention, delete files, transmit files, install programs running in
the background to monitor user action, & potentially convert the
smartphone into a robot in a botnet to send e-mail & text messages
to anyone, mobile device malware and social network malware.
Hackers & crackers make intentional disruption, defacement,
destruction of website or corporate information system gain unauthorized
access by finding weaknesses in the security protections employed by
Web sites and computer systems. Hackers flood a network server or Web
server with many thousands of false communications for spoofing for
redirecting a Web link to an address different from the intended one.
uses for sniffing enable to steal private information from anywhere on a
network, including e-mail messages, and confidential reports.
very damaging and difficult to detect. An extremely serious threat
because they can be used to launch very large attacks using many
different techniques. Computers as targets of crime for breaching the
confidentiality of protected computerized data and computer may be
instrument of crime theft of trade secrets or unauthorized copying of
software or copyrighted intellectual property, such as articles, books,
music, and video, schemes to defraud, using e-mail for threats or
harassment intentionally attempting to intercept electronic
communication, illegally accessing stored electronic communications,
including e-mail and voice mail, transmitting or possessing child
pornography using a computer. Hackers may be aim for identity theft as
used information to obtain credit, merchandise, or services in the name
of the victim and phishing, evil twins, pharming, click fraud,
cyber-terrorism, cyber-warfare. The sources of threat can be inside or
outside the attacked system. The organizations and their security
systems are usually focused on protecting themselves from threats that
are origin from outside the system. The threats that are coming from
inside are often not considered. Because the way it is possible to
determine from what we are protecting information system, it is possible
to more efficiently use limited resources.