Information Security for an Information Society in Bangladesh

Abstract

Nowadays, public institutions are heavily dependent on modern technology for their office management in Bangladesh. The advancement of modern technology in today’s world has a great influence in daily life. Along with the positiveness of the advancement, somewhere the scope for the negativities tends to increase. As dependency on modern technology and information technology increases, the rate of negative impacts tends to increase as well. Specifically on the performance of Information Systems and therefore they become more exposed to the continuous evolving security risks and vulnerabilities inherent to the momentous growth of digitalization. A semi-structured questionnaire and an experienced key informant’s interview have thoroughly been analyzed during the research. This research focuses on the impacts and necessities of Information Security for an Information Society considering the government organizations only because the government organizations are one holding access to the national database. The findings of this qualitative research indicate what sort of Information threats are being encountered by Bangladeshi public enterprises, how are they managing the major Information threats and what they really need to do if they want to get well ahead of recent cyber criminals’ activities. The study as well includes some of the recent national and international cyber security attack incidents, their impacts and the organization’s attempts to reduce the loss of the attack. The loss and damage already caused by some attacks during the previous decade, made serious impact on organization’s business continuity, reputation, and loss of asset. Sometimes, even the organizations fail to recognize that their security system has already been compromised. Recently, UK-based National Cyber Security Index Report 2021 unveils the fact that Bangladesh has made commendable progress in improving the foundation of its Information security system. Bangladesh Government has formed an e-Government Computer Incident Response Team (BGD e-GOV CIRT), that has been serving as the National CIRT of Bangladesh (N-CERT). They are engaged in receiving, reviewing, and responding to computer security related incidents and activities within Bangladesh. The organization vii | P a g e holds collaboration with international organizations as partners to ensure security in cyberspace. In addition, the goal of the organization is being quick reactive towards security threat and actively reporting as well. However, a good number of literatures and respondents of this study delineate the fact that existing level of security is moderate to good where there is still a lot more to do. Adequate security procedures to manage information security, appropriate office equipment’s along with proper employee trainings are obviously required and organizations need to carefully evaluate their security policies to enhance security infrastructures. The enhancements will act as a shield to protect organizations from future threats. Superior Information Security management can help the nation to expand, and the Government of Bangladesh (GoB) supports such advancements along with the improvements and leaves no stone unturned in supporting the organizations. Currently, corporations' approaches to information security go beyond the fundamentals. They have gradually been adapting their security strategies based on Information Security Policy guidelines 2014 and ISO/IEC 27003 standard ISMS implementation guidance. Authorities must alter the way they think of just responding to threats instead look around necessary measures or possibilities of future threats to prevent or overcome the threats. In addition, the authorities need to analyze, study the security attack incident reports, patterns in order to detect certain pattern or data that may give future lead. Apprehending of Information attack is the most suitable way to be ahead of Cyber espionage. Upon such practices, public institutions will become more difficult to deal with as opposed to being an easy target. As a result, public and organization’s satisfaction remains retained.