Information Security:
Wikipedia defines Information
Security as ‘a means of protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, perusal,
inspection, recording or destruction.’ The statement above encompasses the wide
scope of the term. Information Security aims at ensuring confidentiality,
integrity and availability of data and useful information. In simple words,
information security is the process of keeping the entire data safe and secured
from the reach of unauthorized people or users.
Most of the users are
more attracted towards the other meaning of the term. While IS aims at
highlighting the security related issues, more computer users are fascinated
towards breaking the security and getting access to no entry zones. It must be ensured
that the data and the information are not at all visible and disclosed to
anyone. The information systems must be such that are reliable for people and
hence can be easily utilized by the workers.
People in today’s world
are trying to get aware of this fact and some of the people are also adopting
information system along with its security as a career option for their future
which in turn will be helpful for them and the organization. However, from the
functional perspective, information security may at times be quite risky for an
organization as the uncertainty about the happening of something bad can also
occur but some tools had been developed in order to cater to the needs of the
risk and its management.
Present Scenario:
People in the field of
ICT have their own areas of specifications. They have their own field of
interests. Their interests are so that, they do not know even the basics of
something out of their field. With the increasing ICT integration in
organizational level, data security is a much talked topic. There have been so
many incidents where our own or our close friends’ facebook account gets
hacked. So many times, our own blog gets hacked and undesirable contents get
published on to the homepage. Many renowned websites get DoS (Denial of
Service) attacks or DDoS (Distributed Denial of Service) attacks. These attacks
have their prime targets as the governmental organizations and reputed
companies.
Website of different
companies getting hacked always makes their way to the news, every now and
then. People, knowingly and unknowingly, about the risks of such attacks, be a
part of this process and cause a lot of hindrances. Recently, Nepal Government’s
official website www.nepalgov.gov.np
got hacked by anonymous group #OpEverest. It is not that there have not been
legal addressing to these problems, but the problems do not stop here and go on
increasing. The number of hackers is growing. We aim to provide the basics of
the information security to the ICT users through our program. We will be
talking about the overview of information Security and the in depth methods to
attain this.
How do we attain what we aim to?
The
event shall be conducted in two days. The two days program shall be full of
intellectual discussions and interactions on the topic. The entire program is
divided into two sections; the first day shall cover the most of the first
section. The first day will be totally on the technical aspect of the
Information Security. The first day shall feature certified ethical hacker Mr.
Gandip Khalig from College of Real Time Technology. He is also the certified EC
Council Trainer for the country. He will be talking about the basics of ISMS,
the need and background on ISMS, hacking techniques and vulnerabilities of
Hacking. He shall also be presenting his critical analysis the present state of
Information Security on System Development in the context of Nepal.
The
second day shall be more of an interaction program. It will consist of people
from different fields and interaction with them. The guests for the second
day’s event shall be representation various governmental organizations and
corporate houses. They shall be interacting with the students on the role of
Information Security on the various fields. The topic of interaction is listed
below:
·
IT Law in Nepal
·
Internet Law
·
Digital
Certification and Electronic Transaction Act
·
IT crimes and
cyber laws concepts
·
Digital Evidence
and Cyber Forensics
We
aim to have participation of students from various colleges of engineering and
IT discipline. These students, through the two days event, shall know about the
Information Security related issues and also get a chance to interact with the
authorities of various fields. This, we believe, will help the students get the
knowledge of the topic in the most practical way possible. Their insight to the
current scenario through the people of relevant field shall not only provide the
clear concept of the topic but also give a willingness to work on the field to
help in the development of a society that is more secured.