Student’s Name: ID Number: Attendance Number: Section: Date of Submission:
Implementation of NIST cyber security framework for insurance company
With the increasing advancements in technology and tremendous development of smart applications, there is a significant amount of information that is shared online or is stored in the electronic system. There is a special framework developed to protect the same from being misused and also cause any kind of damage to the system in which it is stored. There is a different unit of the US Commerce department which is known as “National Institute of Standards and Technology”. It focuses on developing standards and measurement and develops specific and customized framework related to the metric system.
Cyber Security refers to providing security to the information as well as the medium or device that stores and transfers it from getting into the hands of unethical sources that may misuse them for destruction and other evil purposes. As mentioned above, there are a large number of smart devices continuously being introduced in the market and many of them help in reducing the use of paper by storing the data and information online or in any electronic medium. However, it has a major threat from the hackers and other individuals or groups who would get access of this information and then use it for their destructive and selfish motives against the humanity. In one such article by Matthew Scholl, Kevin Stine, Joan Hash, Pauline Bowen, Arnold Johnson, Carla Dancy Smith and Daniel I. Steinberg, they have determined the framework that would help in determining security measures for the health Insurance Company. It has been covered under the “Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.” They have also discussed the implementation of the NIST cyber security for protecting several intellectual properties related to finance like the banks and insurance companies. Health Insurance companies have a major chance of getting accessed by non-trustable sources and it is more prone to fall in the hands of other people due to the lack of security observed in it (Scholl, et al., 2008).
There is a requirement of a framework with International Standards that would help in ensuring cyber security and take strict actions against the one who breaches or violates it. The IP gets stolen from various companies in US and this is a major indication of the threat that the information and data stored in these companies possess. It can also be seen that while adopting a macro-economic framework for the same would help in dealing with the issue of cyber security with greater maturity. The cyber security framework provided by NIST would help the financial sector, especially the insurance companies to secure and protect the information that it carries. It helps in successfully fulfilling the responsibility of personal security that the Insurance companies have to provide to their customers across the globe. There is an anonymous quote on cyber security which states that “They want what you have got, don’t give it to them”. Hence, it can be observed that developing an International cyber security framework is very much necessary in order to protect any country from getting destroyed through hacking and misusing of the data and information stored with the companies in them. In this way, it can be observed that NIST has a significant role in Information Security concerned with the security of the health insurance information and data.
Scholl, M., Stine, K., Hash, J., Bowen, P., Johnson, A., Smith, C. D., et al. (2008). An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. INFORMATION SECURITY, 1-117.