Cyber security refers to information security applied to networks, programs, data, and computers. This field covers mechanisms and processes by which computer based information, services and equipment are protected from untrustworthy individuals, unauthorized activities, natural disasters and unplanned events. Cyber security has five elements, namely network, end user education, information, application, and disaster recovery. The increase in the use of internet technology has come with an increase of the rates and modes of threats such as viruses and malware. This prompted the need to develop security standards and policies to manage network issues. Cyber security standards are generated to facilitate the practice of safe measures and techniques (Satyanandan, 2010).
Cyber security aims at preventing data loss, unauthorized access, maintain data integrity, accuracy, and availability. When planning for information systems, various issues need to be considered. They include possible threats, cost of data protection, changing technology, and importance of data protection. To improve security and make safeguard information systems more effective, the government and specific organizations must develop procedures, policies, measures, develop computer ethics and standards. This should facilitate implementation of the best methods to prevent and deal with security threats. Protection softwares such as antivirus, antispyware and firewall programs provide qualitative information security (NSAA & U.S. GAO, 2001).
A number of measures can be taken to improve information security and reduce the operating risks. It is crucial for an organization to ensure that weekly server updates are done to improve security vulnerabilities, patch operating system deficiencies, security and performance. Application should be done on a daily basis in order to facilitate quality performance, availability and performance. For a comprehensive information protection, security suite should be done to achieve adequate security of the system. This may include tape rotation, full backup of information, regular testing of data restoration, and monitoring. Organizations should promote a more adaptive and proactive approach to deal with the current security environment (Satyanandan, 2010).