Security Threats and their sources :

Its a dangerous world out there in the World Wide Web. Just as your mother may have told
you to never talk to strangers, the same advice holds true for the virtual world. You may
know to be wary of giving strangers your business bank account details. But can you be sure
the website youre logging into is that of your bank and not a forgery created by a
cybercriminal?Cybercriminals use many different methods to lure you into parting with your
confidential personal or business information. As a small company doing business on the
web, you need to be aware of these methods so you can be extra vigilant when online.

Heres a quick explanation of some of the common security threats you may come across:

Malware: Malware is short for malicious software. Wikipedia describes malware as a term
used to mean a variety of forms of hostile, intrusive, or annoying software or program
code. Malware could be computer viruses, worms, Trojan horses, dishonest spyware, and
malicious rootkitsall of which are defined below.

Computer virus: A computer virus is a small piece of software that can spread from one
infected computer to another. The virus could corrupt, steal, or delete data on your
computereven erasing everything on your hard drive. A virus could also use other
programs like your email program to spread itself to other computers.

Rogue security software: Have you ever seen a pop-up window that advertises a security
update or alert? It appears legitimate and asks you to click on a link to install the update or
remove unwanted malicious software that it has apparently detected. This could be rogue
security software designed to lure people into clicking and downloading malicious software.
Microsoft has a useful webpage that describes rogue security software and how you can
protect yourself.

Trojan horse: Users can infect their computers with Trojan horse software simply by
downloading an application they thought was legitimate but was in fact malicious. Once
inside your computer, a Trojan horse can do anything from record your passwords by logging
keystrokes (known as a keystroke logger) to hijacking your webcam to watch and record your
every move.

In February 2010, a Guardian Analytics and Ponemon Institute study of 500 small businesses
in the U.S. found that 55 percent of respondents experienced a fraud attack in the last 12
months. The study reports that [w]ell-funded cyber criminals executed a full-scale assault
on authentication, leveraging widespread infection of end-user computers with banking
Trojans to sneak into online banking accounts completely undetected.

Malicious spyware: Malicious spyware is used to describe the Trojan application that was
created by cybercriminals to spy on their victims. An example would be keylogger software
that records a victims every keystroke on his or her keyboard. The recorded information is
periodically sent back to the originating cybercriminal over the Internet. Keylogging software
is widely available and is marketed to parents or businesses that want to monitor their kids or
employees Internet usage.

Computer worm: A computer worm is a software program that can copy itself from one
computer to another, without human interaction. Worms can replicate in great volume and
with great speed. For example, a worm can send copies of itself to every contact in your
email address book and then send itself to all the contacts in your contacts address books.

Because of their speed of infection, worms often gain notoriety overnight infecting computers
across the globe as quickly as victims around the world switch them on and open their email.
This happened with the Conficker worm (also known as Downadup), which, in just four days,
had more than tripled the number of computers it infected to 8.9 million.

Botnet: A botnet is a group of computers connected to the Internet that have been
compromised by a hacker using a computer virus or Trojan horse. An individual computer in
the group is known as a zombie computer.

The botnet is under the command of a bot herder or a bot master, usually to perform
nefarious activities. This could include distributing spam to the email contact addresses on
each zombie computer, for example. If the botnet is sufficiently big in number, it could be
used to access a targeted website simultaneously in whats known as a denial-of-service
(DoS) attack. The goal of a DoS attack is to bring down a web server by overloading it with
access requests. Popular websites such as Google and Twitter have been victims of DoS
attacks.

Spam: Spam in the security context is primarily used to describe email spam unwanted
messages in your email inbox. Spam, or electronic junk mail, is a nuisance as it can clutter
your mailbox as well as potentially take up space on your mail server. Unwanted junk mail
advertising items you dont care for is harmless, relatively speaking. However, spam
messages can contain links that when clicked on could go to a website that installs malicious
software onto your computer.

Phishing: Phishing scams are fraudulent attempts by cybercriminals to obtain private

information. Phishing scams often appear in the guise of email messages designed to appear
as though they are from legitimate sources. For example, the message would try to lure you
into giving your personal information by pretending that your bank or email service provider
is updating its website and that you must click on the link in the email to verify your account
information and password details.

Rootkit: According to TechTarget, a rootkit is a collection of tools that are used to obtain
administrator-level access to a computer or a network of computers. A rootkit could be
installed on your computer by a cybercriminal exploiting a vulnerability or security hole in a
legitimate application on your PC and may contain spyware that monitors and records
keystrokes.

Rootkits gained notoriety when, in 2005, a security blogger discovered that a copy-protection
tool inside music CDs from Sony BMG Music Entertainment was secretly installing a rootkit
when users copied the CD onto their computers. At the time, security expert Bruce Schneier
warned that the rootkit could allow a hacker to gain and maintain access to your system and
you wouldnt know it.

Cryptography
Cryptography,[1] or cryptology, is the practice and study of hiding information. It is
sometimes called code, but this is not really a correct name. It is the science used to try to
keep information secret and safe. Modern cryptography is a mix of mathematics, computer
science, and electrical engineering. Cryptography is used in ATM (bank) cards, computer
passwords, and shopping on the internet.

When a message is sent using cryptography, it is changed (or encrypted) before it is sent. The
method of changing text is called a "code" or, more precisely, a "cipher". The changed text is
called "ciphertext". The change makes the message hard to read. Someone who wants to read
it must change it back (or decrypt it). How to change it back is a secret. Both the person that
sends the message and the one that gets it should know the secret way to change it, but other
people should not be able to. Studying the cyphertext to discover the secret is called
"cryptanalysis" or "cracking" or sometimes "code breaking".[2][3]

Different types of cryptography can be easier or harder to use and can hide the secret message
better or worse. Ciphers use a "key" which is a secret that hides the secret messages. The
cryptographic method needn't be secret. Various people can use the same method but
different keys, so they cannot read each other's messages. Since the Caesar cipher has only as
many keys as the number of letters in the alphabet, it is easily cracked by trying all the keys.
Ciphers that allow billions of keys are cracked by more complex methods.

Symmetric
In symmetric cryptography, both the sender and receiver share the key. The sender uses the
key in a certain way to hide the message. Then, the receiver will use the same key in the
opposite way to reveal the message. Most types of cryptography are symmetric. Advanced
Encryption Standard is a widely used one.

Asymmetric
Asymmetric cryptography is harder to use. Each person who wants to use asymmetric
cryptography uses a secret key number, and a different number, a "public key" that they can
tell everyone. If someone else wants to send this person a message, they'll use the number
they've been told to hide the message. Now the message cannot be revealed, even by the
sender, but the receiver can easily reveal the message with his secret or "private key". This
way, nobody else needs to know the secret key.

The details of asymmetric cryptography make it less useful than symmetric cryptography for
actually sending messages[source?]. Instead, it is often used for computer signatures, when a
computer must know that a file was sent from a certain sender. For example, computer
software companies that release updates for their software can sign those updates to prove
that the update was made by them, so that hackers cannot make their own updates that would
cause harm. Computers can also use asymmetric ciphers to give each other the keys for
symmetric ciphers.

Computers
Computers can calculate quickly. They can do very strong encryption, and most 21st century
cryptography uses them. Examples are computer algorithms like RSA, AES, and there are
many others. Using good algorithms like these can make it very hard to read the information
that is sent.
People
Because people are slower than computers, any cryptography they use can probably be
broken if enough of the secret way to change it is known.

Simple forms of cryptography that people can do without machines are Caesar ciphers and
transposition ciphers, but many other kinds were used before computers were used. [4]

Identify risks to your business

The first step in preparing a risk management plan is to identify potential risks to your
business. Understanding the scope of possible risks will help you develop realistic, cost-
effective strategies for dealing with them.

It's important that you think broadly when considering types of risks for your business, rather
than just looking at obvious concerns (e.g. fire, theft, market competition).

Assessing your business

Before you begin identifying risks, you need to assess your business. Think about your
critical business activities, including your key services, resources and staff, and things that
could affect them, such as power failures, natural disaster and illness. Assessing your
business will help you work out which aspects you couldn't operate without.

Ways of identifying risk

Once you have a clear picture of your business, you can begin to identify the risks. Review
your business plan and think about what you couldn't do without, and what type of incidents
could impact on these areas. Ask yourself:

when, where, why and how are risks likely to happen in your business?
are the risks internal or external?
who might be involved or affected if an incident happens?

The following are some useful techniques for identifying risks.

Ask 'what if?' questions

Thoroughly review your business plan and ask as many 'what if?' questions as you can. Ask
yourself what if:

you lost power supply?

you had no access to the internet?
key documents were destroyed?
your premises was damaged or you were unable to access it?
one of your best staff members quit?
your suppliers went out of business?
the area your business is in suffered from a natural disaster?
the services you need, such as roads and communications, were closed?
Brainstorm
Brainstorming with different people, such as your accountant, financial adviser, staff,
suppliers and other interested parties, will help you get many different perspectives on risks
to your business.

1. Identify risks
What are your risks and how likely are they to occur? Some will cause major disruption while
others will be a minor irritation. You must make an educated assessment of both the
likelihood and potential severity of each risk to prioritise your planning efforts.

2. Minimise or eliminate risks

Once risks have been identified you need to either eliminate or minimise those risks. You
should provide specific strategies for minimising risk for each of the six subgroups.

3. Identify who has to do what should a disaster occur

One of the simplest and most powerful tools for a speedy recovery from a disaster is a clear
picture of, and clear directions about, who has to do what should your disaster plan have to be
enacted.

Sample of response checklist

4. Determine and plan your recovery contingencies

Recovery contingencies should be determined by the type, style and size of your business and
by the extent of the damage.

Use our Emergency Contingency Planner to make sure you cover all bases.

5. Communicate the plan to all the people it refers to

This stage of planning is all about ensuring that all people within your business sphere (staff,
suppliers, contractors, service providers) are made aware of the strategies you have put in place to
either mitigate or recover from a disaster situation. Make decisions about whether the physical
communication will be done by phone, email, text or other means. Once these decisions are made,
procedural statements can be created and relevant people can be informed. The next part is to train
staff and ensure everyone practices what has been done so if a disaster occurs the process can take
over and guide the staff.

During day to day operations, any number of risks can pop up in a business so it is important
to know how to identify any potential risks before they escalate. This will help you develop
realistic and effective strategies for dealing with risks if they occur.

6. Prepare a risk management plan

A risk management plan can help minimise the impact of cash flow issues, damage to brand
and other risks. It will also help create a culture of sensible risk awareness and management
in your business. Our Crisis planning for business template below includes a risk
management plan.

Application Development Education and

Training Program Info
Programs in application development are available at the undergraduate and graduate levels,
as both degree and certificate programs. Students become prepared for work developing and
managing software in a variety of positions.

Essential Information
Application developers design and create software for computers, mobile devices and the
Web. Undergraduate degrees in this field include the Associate of Applied Science in
Application Development and the Bachelor of Science in Information Technology.

Undergraduate programs that focus on application development give students a solid

foundation in the field. Students learn about programming languages and data
communications as they move into their application design studies. Beyond a high school
diploma or equivalent, some undergraduate programs may require a placement test.

Application for the Certificate in Web Application Development requires that the student
have experience in creating web content and programming. A bachelor's degree in a relevant
area is preferred. Students learn the coding needed for developing many types of applications,
including those for mobile devices.

Associate of Applied Science in Application Development

Associate's degree programs in application development can be completed in two years.
Students first become familiar with computer operating systems, web development and
database design before learning about scripting and application design. The associate's degree
program focuses on PC applications, including Microsoft Access and Excel. Some programs
prepare students to take the Microsoft Certified Application Developer exam and the Sun
Certified Java Programmer exam.

In addition to application development courses, students take classes emphasizing business

knowledge, such as technical writing, business communications and macroeconomics.
Coding courses include Java, Visual Basic, .Net, Pearl and SQL. Other associate's-level
courses are:

Web programming
Microcomputer applications
Linux configuration
Windows configuration
Web server administration
Visual software

Bachelor of Science in Information Technology - Application Development

Many bachelor's degree programs in information technology are available with a focus in
application development. Completion of these programs typically takes four years and
includes an internship. Undergraduate students learn to troubleshoot hardware and software.
Topics include data communications, relational databases and programming languages.
Students also become familiar with legal and ethical issues as well as standard requirements
for application design, creation, testing and quality assurance.
Many application development programs merge business management with technology
education. General education courses cover communication, professional writing, social
sciences and math. Broad information technology courses on operating systems, computer
security and programming are also included in the bachelor's program. Core class topics
include:

Software testing
Systems design
Human-computer interaction
User interface design
Database management
Web programming

Certificate in Web Application Development

A certificate program in web applications development discusses relevant coding languages
and frameworks, such as .NET and SQL. Certificate students learn to anticipate needs for
services and then design software systems and user interfaces for businesses based on these
needs. Other topics include Internet security and web application hosting infrastructures.
Some programs include a focus on mobile applications.

Certificate programs can be precisely oriented towards application development or contain

generalized computer science courses. Design-related classes may include digital media,
multimedia programming and animation programming. Course topics in web application
development programs often include:

Web technology
Animation programming
Human-computer interfaces
Web application programming and scripting
Mobile application development
Web services and security

Popular Career Options

Graduates of the associate's degree in are prepared for entry-level positions in the information
and technology industry. Common titles for these jobs are:

Database programmer
Software developer
Application developer
Web developer
Web administrator

A bachelor's degree is the minimum degree level for many software development positions.
Graduates may be prepared for careers in customer support, information and technology,
programming and website development. Possible job titles include:

Network communications specialist

Network administrator
Systems analyst
Network system engineer
Employment Outlook and Salary Information
Graduates of these degree or certificate programs may obtain a position as an applications
software developer. According to the U.S. Bureau of Labor Statistics (BLS), computer
software developers for applications had a median annual wage of $98,260 in May 2015. The
BLS also predicted that applications software development will be a fast-growing occupation
between 2014 and 2024, with employment expected to increase by 19%.

Continuing Education Information

Graduate degree programs are also available for students who complete their bachelor's
degree in information technology and wish to continue their career. Master of Science in
Information Systems programs often concentrate on Internet or web application development.

Degrees in application development can be pursued at the associate's and bachelor's level;
certificates in web development are also available at the graduate level. These programs
prepare students for work developing and managing software on a variety of platforms,
including web, mobile applications and network systems.

Health Applications of the Internet

Many health-related processes stand to be reshaped by the Internet. In clinical settings, the
Internet enables care providers to gain rapid access to information that can aid in the
diagnosis of health conditions or the development of suitable treatment plans. It can make
patient records, test results, and practice guidelines accessible from the examination room. It
can also allow care providers to consult with each other electronically to discuss treatment
plans or operative procedures. At the same time, the Internet supports a shift toward more
patient-centered care, enabling consumers to gather health-related information themselves; to
communicate with care providers, health plan administrators, and other consumers
electronically; and even to receive care in the home. The Internet can also support numerous
health-related activities beyond the direct provision of care. By supporting financial and
administrative transactions, public health surveillance, professional education, and
biomedical research, the Internet can streamline the administrative overhead associated with
health care, improve the health of the nation's population, better train health care providers,
and lead to new insights into the nature of disease.

The capability of the Internet to support these applications depends on whether the relevant
technical needs are met and whether the operational aspects of the systems involved are
understood and manageable. As with any information technology system, the technical
requirements depend heavily on the specific characteristics of the individual systemsthe
number of anticipated users, degree of real-time interaction desired, number of simultaneous
sessions that must be supported, and so on.

Consumer Health
Consumer health is one of the areas that could be most dramatically reshaped by the Internet.
Consumer health refers to a set of activities aimed at giving consumers a more pronounced
role in their own health and health care, ranging from the development of tools for self-
assessment of health risks and management of chronic diseases, to home-based monitoring of
health status and delivery of care. This area is similar to public health (discussed later in this
chapter) in that it aims to provide consumers with the information and tools needed to
improve their health, but it is less concerned with the detection of regional outbreaks of
disease and is not part of government-based reporting structures. The Internet could become a
significant enabler of consumer health initiatives in that it provides an increasingly accessible
communications channel for a growing segment of the population. Moreover, in comparison
to televisionalso a widely available medium for reaching consumersthe Internet offers
greater interactivity and better tailoring of information to individual needs. These capabilities
may lead to significant changes in consumer behavior (e.g., cessation of smoking, changes in
diet) that could greatly improve health.

Consumer-Oriented Health Web Sites

Over the past few years, leading providers of health information have identified the Internet
as an effective medium for reaching large numbers of health consumers. The most visible
aspect of this recognition is the explosion of Web sites geared to consumer health issues
(Table 2.1). These sites are dedicated to the diagnosis and management of diseases, the
promotion of various healthy lifestyles, and interventions to prevent the onset of disease. The
formats range from mailing lists to interactive Web sites, chat sessions, or compilations of
online resources. One recent survey suggested that consumers use these sites to gather
information on diseases, medications, and nutrition, as well as to find care providers or
participate in support groups (Table 2.2).

E-mail between Patients and Providers

The Internet can also be used to facilitate electronic communications between patients and
care providers, typically in the form of electronic mail (e-mail). To date, e-mail has been used
only sporadically between patients and providers, but it is of growing interest. It could prove
to be an effective mechanism for improving care and lowering costs because more frequent
communications might enable better tracking of a patient's progress or eliminate the need for
an office visit. This premise has yet to be tested rigorously in clinical settings, and a number
of technical and nontechnical issues need to be resolved (Mandl et al., 1998).

Bandwidth and availability are not issues in the near term because most messages currently
consist of text only and are not used for time-critical communications. The most pressing
technical issue is security. Most e-mail exchanges between patient and provider involve
discussions of personal health information, which must be suitably protected from breaches
of confidentiality and, to a lesser extent, alteration. Most e-mail is not encrypted during either
transmission or storage, and its point of origin is not authenticated. It is therefore much easier
to forge an e-mail message than a clinician's note or telephone call.

Online Health Records

The Internet is emerging as a medium for giving consumers direct access to their personal
health records. Historically, care providers have maintained voluminous records of patient
encounters within their organizations, documenting dates and times of consultations,
diagnoses, lab results, prescriptions, and more. These records are maintained and largely
controlled by care providers, although patients have the right, in some states, to review their
records and propose amendments as necessary. In the past two years, however, a number of
new Web sites have begun to allow consumers to store their own health records online.4 The
potential benefits of these sites are many. With them, consumers can create comprehensive,
longitudinal records that capture information about the care received from different
organizations over an extended period of time. Consumers can use these records to help
monitor and evaluate their health status, and they can grant access, if they wish, to different
providers for purposes of care. Many sites provide some sort of override feature that enables
care providers to gain access to a patient's records in an emergency situationsomething that
is much more difficult to do if the records are not stored online.5

Like e-mail used for clinical purposes, Web-based medical records require considerable
attention to security to minimize the risks of inappropriate disclosure. Personal medical
records must be protected against inappropriate disclosure, both to outsiders who attempt to
break into the system and to those who operate and maintain the Web sites. Most existing
services use SSL encryption to protect data communications between users and the host Web
site and a combination of user names and passwords (transmitted securely over the Internet)
to authenticate end users.

Bandwidth ++
Consumer health applications vary considerably in the bandwidth they demand. The retrieval
of information from health-related Web sites demands little bandwidth on the consumer end,
but the potentially large volume of requests made of any particular site could drive up the
aggregate bandwidth requirement on the information provider's side. Access to patient health
records could demand somewhat greater bandwidth than is typically available today or
significantly greater if records include enhanced content, such as medical images or
videotapes of telemedicine consultations.

Latency +
In general, applications that support consumer health do not require the instantaneous
delivery of information, so the latency requirements of the Internet are not great. In some
patient-monitoring applications, timeliness is a concern, but delays of a few seconds would
not threaten a patient's well-being. Latency could become more of an issue if online medical
records became the norm and care provider organizations needed timely access to them for
purposes of treating patients. In many instances, however, records could be uploaded from
remote sites in advance of scheduled appointments, and latency would be a significant issue
only in emergency situations.

Availability ++
The need for network availability differs significantly among consumer health applications.
The Internet is already sufficiently available for the distribution of health information to
consumers and for exchanges of e-mail between patients and providers. Somewhat greater
availability would be needed for remote monitoring and remote control operations, although
most home monitoring devices and medical equipment could be designed to buffer enough
data to overcome short lapses of connectivity. Home monitoring and control will not become
commonplace, however, until providers (and consumers) of such services receive guarantees
that lengthy network outages will occur very infrequently.

Remote Consultation
Remote medical consultation has long been pursued as a means of overcoming the unequal
distribution of clinical expertise. It is a method of offering expert consultations to patients in
remote rural areas, for example, or underserved urban areas or prisons. Even where clinical
expertise is available, but inconvenient for either the patient or the provider, remote medical
consultations may be a cost-effective alternative to staffing multiple clinics with
subspecialists. Remote consultations may also be useful to specialized service organizations
that attempt to establish economies of scale for particular types of clinical service, such as the
interpretation of radiological images (e.g., CT and magnetic resonance images), while also
developing more effective bargaining units for health care contracting. These organizations,
which are becoming more numerous, can benefit insofar as their reach is extended beyond
their immediate geographical area, allowing them to serve a broader pool of consumers.

The Application of Computers in the

Banking
Computers in the banking sector have enhanced customer service and productivity regarding
account management, while streamlining back-office activities. The biggest impact is in the area of
competition. Small banking institutions can access the same technology as large banking institutions
and, therefore, can compete with them more effectively for business.

Account Management
In banking, activities start with banks automating customer accounts, which allows personnel
to create, update and maintain customer records. Banking hardware and software have
enhanced the accuracy of accounts that tellers and other banking personnel process. Banking
software performs customer transactions through a centralized data record system. Account
management is the genesis and backbone of all banking information systems.

Hardware Technology
In the 1960s, bank hardware consisted of a mainframe and a punch card machine. Punch
cards contained customer account information and were read into the main system by a punch
card machine. Midrange and client/server hardware configurations, which are no larger than a
minitower system, can run an entire bank in addition to receiving transactions from affiliated
bank branches. These new hardware technologies can process more transactions than legacy
banking hardware systems. Hardware technologies have enabled advances into wireless
banking and telecommunications banking.

Electronic Transactions
Banking systems must perform electronic transactions. Direct deposit is an example of an
electronic transaction. Computers processing electronic transactions must have hardware and
software encryption capabilities to keep data from being compromised during a transmission.
After the computer performs electronic transmissions, it transfer the information to the main
computer system for processing and updating. Banks have extended electronic transaction
capabilities through landline and cell phones, the Internet and ATMs.

Web-based Banking
Web-based banking systems use a dedicated server through a bank network system. An area
of the banking system is partitioned for Internet applications. Web-based banking systems by
law must include secure servers and authenticated certificates regarding transactions from the
Federal Deposit Insurance Company and the Federal Reserve Board. Customers who choose
to bank online can access their account through a web interface, which integrates with the
main computer. A customer's credentials -- user ID and password -- pass through several
checkpoints before entering the main system to perform a web-based transaction.

Advantages of E governance: e-Governance is improvement in governance which is enabled

by the resourceful use of Information and Communications Technology. E governance bring
better access to information and excellence services for inhabitants. It also makes simplicity,
efficiency and accountability in the government. Through the use of ICT to governance
combined with comprehensive business process reengineering would lead to simplification of
complicated processes, simplification in structures and changes in statutes and regulations. E
governance is advantageous to citizens and government as rapid growth of communications
technology and its adoption in governance would support to bring government machinery to
the doorsteps of the citizens.

There are many challenges in implementing E governance model in India as well as at global
scale. The actual challenge is how to develop and withstand successful e-governance projects
and deliver state of the art e-services to inhabitants. Unfortunately, it is not as easy to develop
e governance website in service delivery mechanism. Efficacious e-governance initiatives can
never be taken in hurriedness. With reference to India, e-Governance should enable seamless
access to information and seamless flow of information across the state and central
government.

There are several security drawbacks of an E-Governance mechanism.

1. Spoofing: In this practice, the attacker attempts to gain the access of the E-
Governance system by using fallacious identity either by stealth or by using false IP
address. Once the access is gained, the assailant abuses the E-Governance system by
elevation of the privileges.
2. Tampering of E-Governance system: As soon as the system is compromised and
privileges are raised, the classified information of the E-Governance mechanism
becomes very much susceptible to illegal adjustments.
3. Repudiation: Even the attacker can mount refutation attack during the E-Governance
transaction, which is the ability of the user to reject its performed transaction.
4. Disclosure of E-Governance Information: In case of the compromised E-Governance
system, the undesirable information disclosure can take place very easily.
5. Denial of Service: In this technique, attacker can perform Denial of Service (DoS)
attack by flooding the E-Governance server with request to consume all of its
resources so as to crash down the mechanism.
6. Elevation of privilege: Once an E-Governance system is compromised; the attacker
pretending to be a low profile user attempts to escalate to the high profiles so as to
access its privileges to initiate further damage to the system.
7. Cyber Crimes: Advancement of science and technology increase the rate of the
cybercrime. It is a threat to the transactions accomplished between the Government
and its Citizenry within the E-Governance methodology.

What is Social Networking?

Put simply, social networking is a way for one person to meet up with other people on the
Net. That's not all, though. Some people use social networking sites for meeting new friends
on the Net. Other's use it to find old friends. Then there are those who use it to find people
who have the same problems or interests they have, this is called niche networking.

What's Niche Networking?

A niche is a specialized group of something larger.

So niche networking sites are specialized groups of social networking sites. There are niche
networking sites for people who want to learn a language and niche networking sites for
people who want to control their finances. There are niche networking sites on all sorts of
topics. You can probably find a niche networking site on just about anything.
A good example of a niche networking site would be Athlete Focus. This is a niche
networking site just for athletes that are into action type sports. Another example of a niche
networking site is 43Things which is a niche networking site set up for people who have
goals they want to accomplish.

Isn't Social Networking Just For Teens and 20 Somethings?

No way! Most of the people I know on social networking sites are over 30. That's not to say
that there aren't a lot of teens and 20 somethings out there, there are, but they're not the only
group.

The "older" crowd has a lot to offer, and I recommend they get out and do just that.

Join a few social networking sites, find old friends, meet new ones. Offer up help where you
can. Maybe even create your own social networking site.

Is there a problem/issue with governance?

We are moving from an economy of tangibles to an economy of intangibles. We are moving

from a local economy to a global economy. We are moving from a time of closely held
information to a networked society where information is broadly held and shared in near real
time. Responsibilities become more difficult to define as jurisdictional boundaries become
blurred; as production and consumption move from within one country to anywhere in the
world; as networks lead to more and more shared information; as multiple actors participate
in everyday events.

Governance can be defined as "whose hands are on the helm and how did they get there?" We
used to know whose hands were on the helm and we knew the process of how they got there.
To continue with the metaphor, we also had a pretty good idea of where the corporate and
national ship of state was heading and which maps were being used. Today there are multiple
hands on the helm, we are often bewildered as to how they got there and as to the maps, route
and direction of travel there is concern and bewilderment by citizens, elected officials and
public and private bureaucrats alike.

Broadly speaking our bewilderment is a result of the rapid move from an industrial to an
information-based economy. The maps and ways of behaving in an industrial, largely nation-
based economy no longer serve us well in a networked, largely global economy. Public and
private governance structures from an era of smokestacks and railways must be modified in
the new era of electronics and digital networks. We need new mental maps and shared
understandings of where we are. Only then can we evolve a system of governance that will
allow us to optimize the outcomes for all citizens in the new networked economy.

Personal and commercial security

Junk e-mail and information overload

Hackers
Cookies and privacy
Authentication of digital signatures: Where does it take place and who does it?
Stock fraud on the Internet
Cyber crime including vandalism and viruses
Enforcing e-commerce security
 Determining the limits to data mining and sale of information to third parties
Ensuring that all users have trust in the system

Social and Legal

Resolving the "digital divide."

Internet lotteries and gambling-especially those located off-shore
Defining the limits to intellectual property
Respect creativity
Ways of adjudicating disputes in web-based e-commerce
Assessing location for purposes of jurisdiction in net-based legal cases
Ensuring that telemedicine is implemented in such a way that the benefits are
maximized and widely realized
Are there limits to personal authentication?
As a society do we move to a DNA based model of proving who we are?
Is privacy a malleable concept, one that is culturally and temporally defined?
Maintaining competition in a "winner take all" environment
Health (Electro-magnetic radiation) implications of a growing number wireless
devices Extent to which employee e-mail and web surfing can and should be
monitored
Understanding and dealing with the implications flowing from new uses of the
Internet such as Gnutella and Napster, non-ISP peer to peer net traffic

Economic Issues: Fiscal and Monetary

Regulation of global net-based banking-especially offshore banking.

Transparency and openness
The creation and circulation of net-based currency (viz., digi-cash, Mondex, and other
forms of electronic money)
Taxation of local, national and global e-commerce
Understanding the how productivity is created in new networked economy so that we
can put in place future national economic policies that benefit citizens over time
Developing new measures of wealth and well-being that can be used to help to
understand and guide activities at all levels
Respect for competition
Current compensation and pricing schemes may need to be augmented if we are
ensure a continuing supply of digital material