As our society and the world come to depend on computers and information systems more and more, firms must put better effort in making their systems less vulnerable and more reliable. The systems must also be more secure when processing transactions and maintaining data.

As firms become more technologically oriented, they must become more aware of security and control issues surrounding their information systems and protect the resources.


Why Systems Are Vulnerable?

Vulnerability is weakness or flaw in a computer system that can be exploited by a threat. Security threat is a possible danger that might exploit vulnerabilities in a computer system to breach security and thus cause possible harm. Information systems are vulnerable to technical, organizational, and environmental threats from internal and external sources. If managers at all levels don‘t make security and reliability their number one priority, then the threats to an information system can easily become real. The figure below gives you an idea of some of the threats to each component of a typical network.




Figure: Contemporary Security Challenges and Vulnerabilities


Businesses that partner with outside companies are more vulnerable. Partnering companies may not protect information as strictly. Employees of the partnering firm may not view security as diligently as the primary business. In today‘s business environment, it‘s not enough to protect hardware and software physically located within an organization. Mobile computing devices like smartphones, cell phones, netbooks, and laptops, add to the vulnerability of information systems by creating new points of entry into information systems.

Internet Vulnerabilities

If you connect to the Internet with a cable modem or DSL you are much more vulnerable to hackers on your home PC than if you connect with a dial-up modem. That‘s because you are always connected, with a permanent IP address, which makes it easier for hackers to find you. The only smart thing to do is keep your software up-to-date and include firewall protection.


Because distributed computing is used extensively in network systems, you have more points of entry, which can make attacking the system easier. The more people you have using the system, the more potential for fraud and abuse of the information maintained in that system. That‘s why you have to make it everybody‘s business to protect the system.