Information and Information Security
In order to understand mechanisms which provoke misuse of information and design and create adaptive information security systems, which can adequately respond to constantly changing dynamic environment and threats and can secure functioning of IPS under attacks and threats the IPS should be considered on more general level.
Abstract
Insecurity, threats to information, need to defend information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction are nearly always deliberate. Accidents, which in 90ties were responsible for most Information Security issues a plane flows into an office building destroying all computers in it, employee mistakes ("Format C:"), fire, flood, earthquake, lightning, shooting or otherwise destroying a computer in fit of anger ("You do not have right to access folder 'My Documents'!), issues with ISP or WAN etc account currently only for tiny part of Information Security problems. According to recent report from Panda Labs [PandaSecurity 2014], in 2013 appeared about 82,000 new malware threats per day and in the whole year 30 million new malware threats, Kaspersky Lab is detecting 315,000 new malicious files every day [Kaspersky 2014] most of them (>70%) trojans, especially designed for stealing/damaging Information. Current computerized Information Processing systems are vulnerable, rigid and not adaptive, since the main focus in their development is on computer technology and communication protocols. System environments, culture of system users, reasons for attacks, culture and operating modes of attackers are considered less. Threats to Information are not specific only to computers and computer networks, they are present in nearly any Information Processing System (IPS) social and business organizations, governments, all kinds of living systems down to simplest ones cells and bacteria. In order understand mechanisms which provoke misuse of information and design and create adaptive information security systems, which can adequately respond to constantly changing dynamic environment and threats and can secure functioning of IPS under attacks and threats the IPS should be considered on more general level. But we should also re-consider rules and practices – do they agree with general understanding of right and wrong?