Information and System Security

Importance of Information and System Security

Information and system security are essential for both individuals and organizations as they protect sensitive data, uphold trust, and ensure business continuity.

For individuals, information security helps protect and safeguard personal data. It guarantees that personal information remains confidential against unauthorized individuals. Information security also prevents the risk of identity theft and uses security measures to protect individuals from financial scams and fraud.

For organizations, information and system security are essential for maintaining a competitive edge. Implementing measures such as multi-factor authentication helps protect sensitive data and ensures customers are safeguarded against fraud. Businesses must prioritize their cybersecurity posture in their plans and business strategies. To do so, a business must safeguard its networks, ensuring that only authorized personnel have access and preventing unauthorized users from seeing proprietary information. A complete and proactive cybersecurity plan as part of a company's business strategy preserves the trust of customers and the company's reputation. (Ashar & Slonpas, 2024)

Computer Security Incidents: Computer Viruses and Phishing

A computer virus is a set of self-replicable instructions or program codes embedded in computer programs to adversely affect the computer use by damaging specific functions or data of the computer. Such malicious computer programs are known as computer viruses, or virus for short, due to the features they share with biological viruses. (Cuicui, 2024) They often infect computers through everyday web activities such as sharing files, downloading music or photos, visiting compromised websites, or opening malicious email attachments. Viruses can spread in various ways, including opening spam emails with attachments, enabling macros, or clicking harmful links. Common symptoms of an infected computer include slow performance, erratic behavior, and frequent crashes. Some examples of viruses are worms, trojans, and ransomware. Users should protect their computers by using antivirus protection and firewalls and updating their operating systems regularly. Users should always question any email and attachments from addresses they do not know and delete or report them.

Phishing is the practice of sending fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messaging. The attacker's goal is to steal money, gain access to sensitive data and login information, or to install malware on the victim's device. (Cisco, 2025) Attackers use seemingly benign emails or text messages to trick unsuspecting users into taking an action such as downloading malware, visiting an infected site, or divulging login credentials in order to steal money or data. (Cisco, 2025) Attackers are seeking valuable user data such as personally identifiable information (PII) or login credentials that can be used to commit fraud by accessing the victim's financial accounts. Once attackers have login information, personal data, access to online accounts, or credit card data, they can obtain permissions to modify or compromise more cloud-connected systems and in some cases, hijack entire computer networks until the victim pays a ransom. (Cisco, 2025) Phishing works by luring a victim with legitimate-looking (but fraudulent) emails or other communication from a trusted (or sometimes seemingly desperate) sender who coaxes victims into providing confidential information—often on what looks to be a convincingly legitimate website. Sometimes malware or ransomware is also downloaded onto the victim's computer. (Cisco, 2025) Protecting against phishing can be accomplished by not providing personal information to unauthorized or unsolicited requests, contacting the financial institute by phone if there is suspicious activity, never provide passwords over the phone, and review account statements regularly. (Office of the Comptroller of the Currency, 2025)

References
Cuicui, J. (2024, 01 09). What is a Computer Virus? Retrieved from Info-Finder: https://info.support.huawei.com/info-finder/encyclopedia/en/Computer+Virus.html

Linda Asher & Andre Slonpas. (2024, 04 16). Should Cybersecurity Be Part of a Business Strategy for You? Retrieved from American Public University: https://www.apu.apus.edu/area-of-study/business-and-management/resources/should-cybersecurity-be-part-of-a-business-strategy-for-you/#:~:text=They%20work%20to%20secure%20an,customers%20and%20the%20company's%20reputation.

Cisco. (2025). What is Phishing? Retrieved from Cisco: https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html

Office of the Comptroller of the Currency. (2025). Phishing Attack Prevention: How to Identify and Avoid Phishing Scams. Retrieved from OCC.gov: https://www.occ.gov/topics/consumers-and-communities/consumer-protection/fraud-resources/phishing-attack-prevention.html#howtoprotect