INFORMATION SECURITY MANAGEMENT

Developing Information Security Management Framework in Securing Aviation Logical Sensitive Data in Protecting Against Miss-Use

Developing Information Security Management Framework in Securing Aviation Logical Sensitive Data in Protecting Against Miss-Use

Introduction

The increased threats in Aviation security has generated need to develop the security management system that can protect the highly sensitive and confidential data regarding the aviation its routes and other information. It has become important for the aviation industry to implement highly secure management system that could not be easily generating the information to illegal or unauthorised persons. The information and data protecting will bring in the security effectiveness that is essential for the aviation industry. There are several strategic and operational aspects in developing information security management system especially for the aviation industry.

Aims/ Objectives

The aim of this research is

To investigate the comprehensive ways to protect data through security management system

Aviation security through security management information system

Significant and comprehensive finding of Aviation sensitive data and its protection through developing security management system. \

Literature Review

Information Security Management System (ISMS) is a list of procedures and rules within Aviation, the purpose of strengthening the information security define a permanent basis from control to control, maintain and continuously improve the data security. According to Markarian, Kölle, Tarter (2011) implementation of ISMS is a strategic decision for the Aviation industry. The design and implementation of ISMS affect the organization needs and objectives, security requirements, processes used, as well as the scope and structure of the organization. Security management framework is a continuous and complex process for the safe conduct of the mission in aviation industry. This process occurs in a constantly changing environment, in the presence of ever new forms of threats and challenges for institutions, as well as the unprecedented technological progress. Jeffrey & Forrest (2008) stated that aviation industry has several threats of data misuse this data includes the flight operating times, flight numbers, passengers profiles, and even routes. It is important to protect these data. These data are highly sensitive in the aviation industry misuse of this data can bring into a huge loss.

The term used in the standard defining ISMS is ISO / IEC 27002 and ISO / IEC 27001. Cheng, LIU, Quan, (2006) Chinese researchers emphasize that the data security is the major issue in the highly complex environment. The technological intruders and hackers are enough capable of getting the information from the systems, so developing of security management system is highly needed in aviation industry.

Certified Information Security Manager

According to Baskerville (1993) The CISM exam determines the core competencies of an Information Security Manager and shall be internationally valid standards that IT security professionals must take into account.

The CISM exam the expertise of the following subjects will be requested and evaluated:

Information security control (Information Security Governance)

Risk Management (Risk Management)

Information Security Program Management (Information Security Program Management)

Information Security Management (Information Security Management)

Management response (response management)

In Accordance with Farn Kwo-J (2004) managing information security in aviation industry goes far beyond the centralized remote management, and other anti-virus solutions that ...