Wikipedia defines Information Security as ‘a means of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.’ The statement above encompasses the wide scope of the term. Information Security aims at ensuring confidentiality, integrity and availability of data and useful information. In simple words, information security is the process of keeping the entire data safe and secured from the reach of unauthorized people or users.
Most of the users are more attracted towards the other meaning of the term. While IS aims at highlighting the security related issues, more computer users are fascinated towards breaking the security and getting access to no entry zones. It must be ensured that the data and the information are not at all visible and disclosed to anyone. The information systems must be such that are reliable for people and hence can be easily utilized by the workers.
People in today’s world are trying to get aware of this fact and some of the people are also adopting information system along with its security as a career option for their future which in turn will be helpful for them and the organization. However, from the functional perspective, information security may at times be quite risky for an organization as the uncertainty about the happening of something bad can also occur but some tools had been developed in order to cater to the needs of the risk and its management.
People in the field of ICT have their own areas of specifications. They have their own field of interests. Their interests are so that, they do not know even the basics of something out of their field. With the increasing ICT integration in organizational level, data security is a much talked topic. There have been so many incidents where our own or our close friends’ facebook account gets hacked. So many times, our own blog gets hacked and undesirable contents get published on to the homepage. Many renowned websites get DoS (Denial of Service) attacks or DDoS (Distributed Denial of Service) attacks. These attacks have their prime targets as the governmental organizations and reputed companies.
Website of different companies getting hacked always makes their way to the news, every now and then. People, knowingly and unknowingly, about the risks of such attacks, be a part of this process and cause a lot of hindrances. Recently, Nepal Government’s official website www.nepalgov.gov.np got hacked by anonymous group #OpEverest. It is not that there have not been legal addressing to these problems, but the problems do not stop here and go on increasing. The number of hackers is growing. We aim to provide the basics of the information security to the ICT users through our program. We will be talking about the overview of information Security and the in depth methods to attain this.
How do we attain what we aim to?
The event shall be conducted in two days. The two days program shall be full of intellectual discussions and interactions on the topic. The entire program is divided into two sections; the first day shall cover the most of the first section. The first day will be totally on the technical aspect of the Information Security. The first day shall feature certified ethical hacker Mr. Gandip Khalig from College of Real Time Technology. He is also the certified EC Council Trainer for the country. He will be talking about the basics of ISMS, the need and background on ISMS, hacking techniques and vulnerabilities of Hacking. He shall also be presenting his critical analysis the present state of Information Security on System Development in the context of Nepal.
The second day shall be more of an interaction program. It will consist of people from different fields and interaction with them. The guests for the second day’s event shall be representation various governmental organizations and corporate houses. They shall be interacting with the students on the role of Information Security on the various fields. The topic of interaction is listed below:
· IT Law in Nepal
· Internet Law
· Digital Certification and Electronic Transaction Act
· IT crimes and cyber laws concepts
· Digital Evidence and Cyber Forensics
We aim to have participation of students from various colleges of engineering and IT discipline. These students, through the two days event, shall know about the Information Security related issues and also get a chance to interact with the authorities of various fields. This, we believe, will help the students get the knowledge of the topic in the most practical way possible. Their insight to the current scenario through the people of relevant field shall not only provide the clear concept of the topic but also give a willingness to work on the field to help in the development of a society that is more secured.