SUPERHEROES IN INFORMATION PROFESSIONAL 1015

Transcription

1

2 SUPERHEROES IN INFORMATION PROFESSIONAL 1015 EDITORIAL BOARD EDITOR'S ACKNOWLEDGEMENT CONDESCENDENT Assoc. Prof. Dr. Mohd Sazili Bin Shahibi Assalamualaikum ADVISOR Encik Azmi Bin Abd Rahman First and foremost, I would like to thank to Allah s.w.t. because giving us strength and determine to finish the publication of TINTA about Superheroes in Information Professional. CHIEF EDITOR Akmal Shahmeen Bin Ahamad Sabarudin DEPUTY CHIEF EDITOR Nur Atiqa Binti Saleh SECRETARY Hafawati Husna Binti Mohamed Khairudin Thank you to our lovely advisor, Mr Azmi Bin Abdul Rahman who always tries to make us understand the actual process of publication and amend the mistake arises during the preparation of this task. With his guidance, we are now clearly understood the publication process. I also like to express our greatest appreciate to lecturer from Faculty of Information Management who contribute their article. TREASURER Noor Izzaty Binti Mohd Radzi For my entire group, thank you for all of your work in this TINTA publication which willing to help in writing, editing, designing and etc. With all of your commitment, we could produce the high quality publication of TINTA. DESIGN AND LAYOUT Nadia Fazira Binti Nor Amir Nurul Aida Binti Jamil Sincerely, Akmal Shahmeen Bin Ahmad Sabarudin Chief Editor, EDITORS Fatin Eleena Binti Sha'mar Nor Adaviah Binti Mohd Sabri Norshahida Binti Kalis Nurul Amirah Binti Md Suhaimi Siti Nur Athirah Binti Saiffuddin Zuhri REPORTERS Fatin Syahirah Binti Pawzi Siti Aishah Binti Yahpar TINTA Jun 2015 TINTA has established by Universiti Teknologi Mara, Faculty of Information Management or also known as FPM since TINTA is a medium to highlight FPM students' article as well as lecturers to PUBLISHER Faculty of Information Management UiTM Puncak Perdana publish in TINTA. The theme of TINTA Bil 25, Vol. 2/2015 is Superheroes in Information Professional. ISSN CONTENTS 1 Pa ge

3 PAGE PERIBADI PENGURUS REK0D YANG CEMERLANG Ahmad Azman B. Mohamad Rami BUKU-BUKU YANG PERLU Dl BACA SEBELUM 'MATT Shaharom TM Sulaiman INFORMATION TECHNOLOGY COMPETENCY TO INVIGORATE INNOVATIVE PERFORMANCE IN MALAYSIAN ACADEMIC LIBRARIES Haziah Sa'ari COMPLETE CRITERIA TO BE INFORMATION PROFESSIONAL Akmal Shahmeen B. Ahamad Sabarudin & Naqiuddin B. Abd Haris THE ISSUES IN ACADEMIC LIBRARIES Noor Farahain Bt. Abdul Razak, Nur Aliah Bt. Zainal & Nur Athirah Hanani Bt. Jailani EFFECTIVENESS MALAYSIAN ARCHIVAL INSTITUTIONS NOW AND FUTURE Fatin Eleena Bt. Sha'mar, Nur Atiqa Bt. Saleh & Nurul Aida Bt. Jamil 2 Page

4 HOW TO BE 21 S T CENTURY LIBRARIAN Hafawati Husna Bt. Mohamed Khairudin & Nor Adaviah Bt. Mohd Sabri INFORMATION SECURITY SUPERHEROES Nurul Aishah Bt. Samin & Nurul Amirah Bt. Md Suhaimi LIBRARIANS JOB SATISFACTION Noor Izzati Bt Mohd Radzi, Nurul Nadia Bt. Karim & Wan Nurul Syahida Bt. Wan Kamaruddin Mukri LIBRARIES' EFFORT TO ATTRACT USER Nursyafiqah Bt. Wahid & Siti Aishah Bt.Yahpar THE SURVIVAL OF LIBRARIAN IN NEW ERA Fatin Syahirah Bt. Pawzi & Nor Ashikin Bt. Ngadiron THE FATHER OF LIBRARY Nadia Fazira Bt. Nor Amir & Nur Sarah Syafiqah Bt. Ismail

5 INFORMATION SECURITY SUPERHEROES By: NURUL AMIRAH BINTI MD SUHAIMI NURUL AISHAH BINTI SAMIN Faculty of Information Management, Universiti Teknologi MARA Abstract: This paper discussed about the information security careers that describe about the role, responsibility and importance of each career in the organization. The criteria for those who works in this field also being stated. This paper also to investigate the different career in Information Security which has a different roles and responsibility that were related to information system and network system. Other than that, this paper discussed about the agency that involves information security in Malaysia which is Malaysian Communication and Multimedia Commission (MCMC). Keywords: Information Security Architecture, Information System Administrator, Information Security, Network Security Engineer, Data Security Analyst, Information Security Manager, Information System and Network System. Malaysian Communication and Multimedia commission 1. Introduction The use of ICT nowadays has become the main business in the worldwide. In today's world everything were done by using internet it is including the communication process, information searching and sharing, entertainment and also daily business such as buying and selling process, bill payment and money transferring. It is much easier to use internet and save a person time in this busy world. Even though there are many benefits from using the internet, there are also related risks emerged from the rapid developments of ICT that evolved in almost all of the life aspects that later on will become a threat. There are also many cyber-related crimes happened due to the misuse of ICT. Cyber security has become the important thing to the government, local 71 P a g e

6 authorities, public sector and especially in business and financial sector. This is due to the holding of important data and information dealing with their business related field. Data breach, fraud and cyber attack might happened and become cyber threat when users do the online transaction. In order to secure all of these essential data from falling to the wrong hands, there are important person who will in-charge to secure the data which can be called as information security superheroes. 2. Information security superheroes Each of these information security superheroes should have three main criteria which are intelligence, visibility and control. In order for these information security superheroes to handle the network security, it is essential for them to be intelligence so that they can have capability to protect the system from any cyber threats that might occur in the information technology world. This is because the vulnerabilities of the system network require the person in charge of network security to be extraordinary protectors as they are dealing with the information in the organization. Next is the visibility in detecting the malicious intrusion in the system. Information network security should have high awareness in all network activities happened. Visibility can be said as the first thing in securing the information. This is because the individual need to take an immediate action if there are any cyber threats happened to the system. So, to become information network superheroes they should have a very good control. They need to take immediate action and have the ability to give a good solution if there are any problems occur to the system. They should prevent the system from being attack by viruses, malware, hackers and other kind of threat in order to keep the information safe. It is necessary for the good information security superheroes to have all the three intelligence, visibility and control. 72 I P a g e

7 SUPERHEROES IN INFORMATION PROFESSIONAL Roles and responsibility of information security architect Information security architects is the person that in charge to plan and carry out security measures in order to protect the company or organization's computer network and system. Their responsibilities are high due to the increasing number of cyber attacks that may occur to the network and system. They are responsible to develop security measure of data protection from data loss or being modified illegally. The job responsibility of information security architect including system analyzed, development and implementation of security procedure and all of the policies related, access control, malware intrusion detection, virus protection, audit and security engineering. In addition, they are also responsible in monitoring the industry security updates and technologies update in order to improve the security management of the particular organization. It is the job of information security architect to design the security models for the system and network protection. The job demand of information security in the market is high. This is because the use of ICT in the daily business as main and the possibility of cyber threats is high. 4. Roles and responsibility of network security administrator Network security administrator which is known as computer security specialist or network security analyst handles all the aspect that relates to information security in the particular organization. They are responsible to design, implement and maintain all the security infrastructure of the network usage in the particular organization. Network security administrator also responsible to teach and give guidelines to their junior or the other technical staff about the computer security and checking if there is any violation towards information security they should install the software to protect the systems. So, they should take immediate actions if there are any cyber attacks happened towards the systems. If there are any problem regarding the system, network security administrator need to find the solution to it. The most important for the network security administrator 73 I P a g e

8 is they need to keep up-to-date with the current technologies that are rapidly improved day by day. 5. Role and responsibilities of network security engineer The new the technologies such as network system are become more challenges in this era. The organizations should have hired this career to secure the network system in the organization or institution. Book of the Network security Auditing stated that security engineer are person who control the selected of the security architecture (Jackson, 2010). In generally network security engineer are responsible in aspect of the networking system that are need to plan, implement audit, optimize and troubleshoot network security of the product. Means that, this career also were contributes to design, integration and installation of hardware and software. The network security engineer is responsible on analyzing and troubleshoot related on information system. The examples of the responsibility of the network security engineer to install, support and manage the system network of the organization.in addition, they will evaluate the problem or the weakness in term host, server and network where it stated in magazine Network World in 1998.Furthermore, they need a skill which is soft skill and hard skill. The example of soft skill is communication with the client or staff in the organization and hard skills are need to knowledge in network system, programming and PC maintenance. The organizations are involve with the network system should have a network security engineer that will control, manage or handle of the system and also secure the information in from exposed to unauthorized person. 74 P a g e

9 SUPERHEROES IN INFORMATION PROFESSIONAL 10^3 6. Role and responsibilities of data security analyst Data security analyst is another specialist in information security who was responsible in maintaining the security and integrity of data. Another responsibility of data security are in creating and maintaining a system of the organization and ensure the information and computer network are not expose to other unwanted person or modified in accidently. Means that, data analyst are needed to ensure the network have sufficient security to avoid unauthorized access the information. In addition the data analyst are should have a knowledge regarding the aspect of information security in the organization or company. The main career of the data security analyst is to measure the effectiveness of the security of the company. This person are need to know how and measure effectiveness of the security system for the company either suitable or not, this is to avoid unnecessary thing which might happen. Besides that, data securities analysts are needed to ensure the security system are current and up to date the software or hardware that related to the company. All regarding in security information in the company either physical and internet security should be plan and documented by the data security analyst. Thus, data security analysts usually work in business administration as information technology professional in communication security system. 7. Role and responsibilities of information security manager In the organization, Information security manager are responsible in information security management by providing the line management of the organization, strategic direction for the function of the system and liaising with other manager in the organization. For example the information security manager will liaison with Human Resource, Information technology and all department in the organization regarding to system. One of the responsibilities of the Information Security Manager are protecting the organization network, computer's and avoid the data threats such as the,computer 75 I P a g e

10 virus or attack from cyber criminals or crime.information security manager will responsible to all regarding system in the organization, if anything happens, they will solve it. Other responsibilities of this career are to promote security to organization; implement the security initiative provides the daily security administration of the organization such as access control. (Tipton, 2006).These person have perform routine security activities of the system in the organization and to control the technologies that will be use in the organization. 8. Malaysian Communication and Multimedia Commission (MCMC) In Malaysia, there is an agency that was related to communication and media also related to the information security and also the network security.malaysian Communication and Multimedia Commission (MCMC) are the regulatory body for communication and multimedia in Malaysia that are responsible for information security in the Malaysia. The Malaysian Communication and Multimedia Commission was established under the Communication and Multimedia Commission Act (1998) and the Communication and Multimedia Act (1998). The primary role of MCMC is to implement and promote the Government national policy objective for the communication and multimedia sector. The MCMC also in charge in overseeing the new regulatory framework for the converging industries, telecommunication, broadcasting and online activities. The information security in Malaysia is part of the Malaysian Communication and Multimedia because one of the policies is "to ensure the security and network reliability and integrity". Therefore the MCMC is responsible related to information security and also the network in Malaysia. 76 P a g e

11 9. Conclusion In conclusion, information security is very important in organization because the information is needed to be secure and protected by the people that have a qualification in the field of information system and network system. The organization will face the challenges where the increasing of duplication of the digital data, increasing of unauthorized access or cybercriminal, and increasing of distributed data sources by organization.in addition, the organization will have a problem if they provide and store the data in the internetwork computer based system. In order to solve and avoid these kind of challenges, the organization need to employ qualified person regarding to information system and network in the organization These qualified person will develop, manage, implement and maintaining the security system in the organization. Therefore, the information security superhero, or called as the person responsible in information security should have in organization especially for the organization that use the computer based system and network system in their business transaction. 77 P a g e

12 REFERENCES Hearst Newspaper (2015) "The Job Description for an Information Security Manager". Retrieved from Info Sec Attitude (n.d) "Security analyst". Retrieve from jobs/security-analyst, html. Malaysian Communications and Multimedia Commission (2015)."History and responsibility of Malaysian Communications and Multimedia Commission".Retrieve from Philips,Jeff (1998) " Network security engineer", Network World: the Newsweekly of enterprise network computing. Vol. 15, No. 10 pp.56 Tipton,Harold.F (2006) "Information Security Management Team ", Information Security Handbook pp 9. Weldon, D. (2014). IT's hottest jobs: Information security architect. Newton: Questex Media Group LCC. Retrieved from Iibrary.uitm.edu.my/docview/ ? accountid= P a g e

13 LIST OF TINTA'S CONTRIBUTORS TINTA (Lecturers) SHAHAROM TM SULAIMAN AHMAD AZMAN BIN MOHAMAD RAMLI HAZIAH BINTI SA'ARI (Students) AKMAL SHAHMEEN BIN AHAMAD SABARUDIN NOOR IZZATI BINTI MOHD RADZI SITI NUR ATHIRAH BT SAIFFUDDIN ZUHRI NURUL AMIRAH BINTI MD SUHAIMI NURULAIDABT. JAMIL NUR SAHIDA BT KALIS SITI AISHAH BINTI YAHPAR FATIN ELEENA BINTI SHA'MAR NOR ADAVIAH BT MOHD SABRI NADIA FAZIRA BINTI NOR AMIR FATIN SYAHIRAH BT PAWZI HAFAWATI HUSNA BT. MOHAMED KHAIRUDIN NUR ATIQA BT SALEH OTHER CONTRIBUTORS ASLAM BIN KAMARUDIN NUR SARAH SYAFIQAH BINTI ISMAIL NOR ASHIKIN BINTI NGADIRON NAQIUDDIN BIN ABD HARIS NURUL NADIA BINTI KARIM WAN NURUL SYAHIDA BINTI WAN KAMARUDDIN MUKRI NURUL AISHAH BINTI SAMIN NOOR FARAHAIN BINTI ABDUL RAZAK NUR ALIAH BINTI ZAINAL syida P a g e