An Effective Information Security Program - 1289 Words

SETA programs are effective tools in helping to change an employee’s attitude and opinion on information security, by making them take the initiative in protecting information. This creates an information security culture in which everybody undertakes accountability for security. Chen, Ramamurthy, and Wei-Wen support the idea that while building the mindset of a security consciousness culture may be a long-term process SETA programs offer substantial support building a security culture within organizations (Chen, Ramamurthy, Wei Wen, 2015, p. 18). A decent information security program will not be sufficient enough. SETA is essential in having an effective information security program in an organization by helping to reduce the loss of†¦show more content†¦In 2005 a MSSP was the victim of theft which resulted in 40 million credit cards stolen. Restaurants in the states of Louisiana and Mississippi sued a MSSP for not being compliant with current PCI DSS standards and poor business practices lead to several cases of identity theft. Studies have shown that although there are inherited risks with MSSPs, with implementation of stricter security requirements and larger clientele the risk could be offset (Hui, Hui, Yue, 2012). According to Merriam-Webster ethics is an area of study that deals with philosophies around what is good and bad behavior and what is morally right or wrong (Definition of, n.d.). In a generic sense it is the common comprehension of what constitutes proper behavior, basically doing the right thing. Behavior is connected to three things: the favorableness felt towards the behavior, social pressures concerning the behavior, and the awareness about the capability to carry out the behavior (Chatterjee, Suprateek, Valacich, 2015, p. 53). There are several professional associations required by law to have clear-cut guidelines governing ethical codes of behavior in their work environment. Physicians and lawyers and other professionals who can have an impact on other individual’s lives receive formal training concerning communal ethical issues in their occupation. If any of these professionals commit any type of flagrant ethical violation they can be removed from their