Principle of Information System Security : History

Information security (IS) is designed to protect the confidentiality, integrity and availability of data from those with malicious intentions of misusing that data in many manners. These are set of techniques used for managing the tools and policies to prevent and detect information stored in digital or non-digital media. It is often confused with Cyber security but Information Security (IS) is a crucial part of Cyber security, but it refers exclusively to the processes designed for data security. Cyber security is a more general term that includes Information Security as crucial part of itself. History of Information Security: These days, information plays an important role in day to day lives of every individual, whether it be a high profile businessman to being a small shop owner. Information is generated in different forms from being their smartphones to their transaction receipts and buying patterns. This presents a wealth of opportunities for people to steal data; that is why information security is a necessity. But how has information security evolved over the years? Let’s take a look at the history of information security and how it evolved on the course of this duration. 1960s: Offline sites security: The Information Security was limited to the access points where computers were stored, as they used to be large in sizes and required a huge area to be stored and operated. Multiple layers of security were installed over terminals in form of passwords and other security measures. 1970s: Evolution of personal computer and hackers: At this time there was no massive global network connecting every device that wanted to be connected. Only large organizations, especially governments, were starting to link computers via telephone lines and peoples started to seek different ways to intercept the information flowing through those telephone lines in order to steal the data and these group of peoples became the first hackers. 1980s: Evolution of cyber-crime: Hacking and other forms of cyber crimes skyrocketed in this decade with people finding different ways to break into the computer systems and being no strict regulation against the hackers it was a booming craze for the youth. Many government & Military groups were on the receiving end of these crimes with loss of over millions of dollars from U.S. Banks and in response to this the government started pursuing the hackers. 1990s: “Hacking” becoming an organized crime: After the worldwide web was made available in 1989, people started putting their personal information online; hackers saw this as a potential revenue source, and started to steal data from people and governments via the web. Firewalls and antivirus programs helped protect against this, but the web was a mostly unsecured with hackers finding different ways to infiltrate the targets devices. 2000s: Cybercrime becoming a serious issue: Hacking wasn’t considered as serious issues in late 80’s but with evolution of hacking and their dangers governments started chasing the cyber criminals. Strong measures were taken against cyber criminals, hackers were jailed for years as punishment for cyber criminal activity and cyber security cells were formed in order to deal with the issues involving any form of cyber crime. 2010s: Information security as we know it: Although different measures in form of firewalls and antivirus were designed to protect the devices from attacks but hackers who were efficient and skilled enough were able to breach the systems anyway. Different cryptographic algorithms and encryption techniques are being used in order to protect the data over network and other transmission mediums. Different organizations also implement security policies to avoid human errors of breaching the data in different ways. Software and antivirus programs are installed on PC’s to protect them from the outside attacks. With time as the internet and devices surrounding the internet evolved, the threat to the information security also found many ways to breach into them. Information security plays a major role in day to day life of every person and organizations.

INTRODUCTION:

The history of information security can be traced back to the early days of computing, when the first electronic computers were developed in the 1940s and 1950s. At the time, security was not a major concern, as computers were primarily used by government and military organizations, and access was limited to a small number of authorized individuals.

As computers became more widespread in the 1960s and 1970s, security concerns began to emerge. With the advent of the internet in the late 1960s, it became possible for computers to communicate with one another, which made it easier for malicious actors to access sensitive information.

During the 1980s and 1990s, information security began to gain more attention as a discipline. The development of personal computers and the rise of the internet made it possible for individuals to access sensitive information from anywhere in the world. This led to an increase in security breaches and other security incidents, which highlighted the need for better security measures.

In the early 2000s, security threats continued to evolve, and organizations began to take a more proactive approach to information security. Regulations such as the Sarbanes-Oxley Act (SOX) in the US and the Data Protection Act (DPA) in the UK were introduced to encourage organizations to take information security more seriously.

Today, information security is a critical concern for organizations of all sizes. With the proliferation of mobile devices, cloud computing, and the internet of things (IoT), organizations must be vigilant in protecting their sensitive information from a wide range of security threats.

ADVANTAGES OR DISADVANTAGES:

Advantages of understanding the history of information system security include:

• Knowledge of past threats: By understanding the history of information security, organizations can better anticipate and prepare for future threats.
• Compliance: By understanding historical regulations and legislation, organizations can better understand current compliance requirements and take steps to meet them.
• Evolution of technology: Knowing the history of information security can also help organizations understand how technology has evolved over time, and how it can be used to improve security in the future.

Disadvantages of understanding the history of information system security include:

• Limited applicability to current threat: History can be limited in its applicability to current security threats, as the security landscape is constantly evolving.
• Time-consuming: Researching and understanding the history of information security can be time-consuming, especially for organizations that have not previously used this framework.
• Limited to certain geographic area: The history of information security is specific to certain geographic areas, as different countries have different regulations and legislation.

REFERENCE:

Some reference books on the history of Information System Security includes:

• “A History of Modern Computing” by Paul E. Ceruzzi
• “Cybersecurity and Cyberwar: What Everyone Needs to Know” by Peter W. Singer and Allan Friedman
• “Information Security: A Strategic Approach” by Vincent LeVeque
• “The Cyber Threat: The Changing Nature of the Menace Landscape” by Peter Warren
• “The Evolution of Cyber War” by Winn Schwartau

These books provide an in-depth understanding of the history of information security, including the evolution of technology and the emergence of new threats and challenges.