Justifying the need for sound information security management in SMEs.
Sound information security management among the SMEs in Australia is significantly constrained by the resources required for the implementation of security controls in comparison with larger organizations and government agencies. Research studies have reported that there are significant constraints associated with information security culture, awareness and use of information security policies among the Australian SMEs. The inference in the context of Australia is that the establishment of an Information Security Management System is primarily dependent on the size of the organizations, implying smaller organizations such as the SMEs have a minimal capability of implementing information security strategies and controls. In addition, the industry sector also plays an important role in influencing the implementation of an Information Security Management System (Blackley, Peltier, & Pelitier, 2003). The basic argument is that industry sectors like banking prioritize the significance of information security management. For instance, most of the individual financial institutions have implemented their own information security management system. The justification of implementing ISMS in SMEs in Australia is backed by the increasing lack of awareness of the significance of information security in the SME business context (Bansal, 2004).
Incident response management and disaster recovery.
The main objective of incident response is to facilitate a quick and efficient data recovery from an information security incident. It also aims at reducing the impacts imposed by information theft or data loss, or a critical disruption of the functionality of an information system in cases whereby an incident has taken place. The plan of approach is basically systematic in accordance with the standard procedures of computer forensics in order reduce the possibility of reoccurrence. It is also important that the...