$19.95 Buy and instantly download this paper now
This paper examines the role of the information technology (IT) department in a company, further highlighting some of its important functions, such as penetration testing. First, the paper describes the major responsibilities of the IT department. Then, it focuses on penetration testing and why this is a critical aspect of information security. Next, the paper discusses ethical hacking and the primary research paper in this field. Finally, the paper addresses risk mitigation and how management must be aware of and sign off on these measures. The paper concludes by showing why hiring ethical hackers is a viable security measure for the organization.
Training in Ethical Hacking
Training in Ethical Hacking
From the Paper:"First and foremost and as related to the case study Thinking Like an Enemy in Ethics and Information Security, training ones information technology personnel or hiring ethical hackers is not counterintuitive. The example presented in the case where accountants are sent to Embezzlement 101, is not really a good picture of what happens in the accounting world. In the same manner as information technology or information systems audit personnel take ethical hacking or penetration testing training in order for them to know the mind of the enemy and be able to catch them, accountants take advanced courses in forensics accounting, fraud examination, anti-money laundering and other related courses. Although these course will teach them to learn criminal accounting techniques, it is the same principle as the ethical hackers - in order to know the crime, you must know your enemy. To know your enemy id to study the ways and means he or she employs."
"Though this is still a big risk to the company, there are risk mitigating actions that can be taken. Primarily, most information security professionals when asked: "What is the primary consideration on which personnel to send to ethical hacking courses?" - the answer will almost always be the same. The answer would..."
Sample of Sources Used:
- EC-Council. (2009). Certified ethical hacker. [Online] Retrieved October 29, 2009 from, http://www.eccouncil.org/ceh.htm.
- InfoSec Institute. (2009). Ethical hacking: Penetration testing and certified ethical hacker. [Online] Retrieved October 29, 2009 from, http://www.infosecinstitute.com/courses/ethical_hacking_training.html.
- Palmer, C. C. (2001). "Ethical hacking." IBM Systems Journal, 40(3): 769-780. [Online] Retrieved October 29, 2009 from, http://pdf.textfiles.com/security/palmer.pdf.
- Thomson, K. (2006, Aug. 23). Would you hire a hacker? [Online] Retrieved October 29, 2009 from, http://www.windowsecurity.com/whitepapers/Would-You-Hire-Hacker.html.
Cite this Term Paper:
Information Systems Management - An Overview (2012, June 03) Retrieved February 28, 2020, from https://www.academon.com/term-paper/information-systems-management-an-overview-151353/
"Information Systems Management - An Overview" 03 June 2012. Web. 28 February. 2020. <https://www.academon.com/term-paper/information-systems-management-an-overview-151353/>