4
Why is information security important? The home of free learning from The Open University The home of free learning from The Open University This unit introduces you to information security and its management. A succinct definition of information security might run as follows: Information security is the collection of technologies, standards, policies and management practices that are applied to information to keep it secure. But why is it important to secure information? And how should its security be managed? To start thinking about these questions, consider the following statements about information: In today's high technology environment, organisations are becoming more and more dependent on their information systems. The public is increasingly concerned about the proper use of information, particularly personal data. The threats to information systems from criminals and terrorists are increasing. Many organisations will identify information as an area of their operation that needs to be protected as part of their system of internal control. (Nigel Turnbull, 2003, p. xi) Competitive advantage … is dependent on superior access to information. (Robert M Grant, 2000, p. 186) Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders. (Ronald Reagan, 1989)

Why is Information Security Important

Embed Size (px)

DESCRIPTION

An article of Cyber Security to recognize the significance of protect the business information.

Citation preview

  • Why is information security

    important? ThehomeoffreelearningfromTheOpenUniversityThehomeoffreelearningfromTheOpenUniversity

    Thisunitintroducesyoutoinformationsecurityanditsmanagement.

    Asuccinctdefinitionofinformationsecuritymightrunasfollows:

    Informationsecurityisthecollectionoftechnologies,standards,policiesandmanagementpracticesthatareappliedtoinformationtokeepitsecure.

    Butwhyisitimportanttosecureinformation?Andhowshoulditssecuritybemanaged?Tostartthinkingaboutthesequestions,considerthefollowingstatementsaboutinformation:

    Intoday'shightechnologyenvironment,organisationsarebecomingmoreandmoredependentontheirinformationsystems.Thepublicisincreasinglyconcernedabouttheproperuseofinformation,particularlypersonaldata.Thethreatstoinformationsystemsfromcriminalsandterroristsareincreasing.Manyorganisationswillidentifyinformationasanareaoftheiroperationthatneedstobeprotectedaspartoftheirsystemofinternalcontrol.

    (NigelTurnbull,2003,p.xi)

    Competitiveadvantageisdependentonsuperioraccesstoinformation.

    (RobertMGrant,2000,p.186)

    Informationistheoxygenofthemodernage.Itseepsthroughthewallstoppedbybarbedwire,itwaftsacrosstheelectrifiedborders.

    (RonaldReagan,1989)

    http://www.open.edu/openlearn/science-maths-technology/computing-and-ict/introduction-information-security/content-section-3

  • Itisvitaltobeworriedaboutinformationsecuritybecausemuchofthevalueofabusinessisconcentratedinthevalueofitsinformation.Informationis,asGrantsays,thebasisofcompetitiveadvantage.Andinthenotforprofitsector,withincreasedpublicawarenessofidentitytheftandthepowerofinformation,itisalso,asTurnbullclaims,theareaofanorganisation'soperationsthatmostneedscontrol.Withoutinformation,neitherbusinessesnorthenotforprofitsectorcouldfunction.Valuingandprotectinginformationarecrucialtasksforthemodernorganisation.

    Ifinformationwereeasytovalueandprotect,however,youwouldbeabletobuyofftheshelfinformationsecuritymanagementsolutions.Therearethreecharacteristicsofinformationsecuritythatmakethisimpossible.

    1. Thecollectionofinfluencestowhicheachorganisationisexposedvarieswiththeorganisation:theinformationtechnologythatituses,itspersonnel,theareainwhichitdoesbusiness,itsphysicallocationallthesehaveaneffectoninformationsecurity.

    2. Informationsecurityaffectseverystructuralandbehaviouralaspectofanorganisation:agapinasecurityfencecanpermitinformationtobestolenavirallyinfectedcomputerconnectedtoanorganisation'snetworkcandestroyinformationacupofcoffeespiltonacomputerkeyboardcanpreventaccesstoinformation.

    3. Eachindividualthatinteractswithanorganisationinanywayfromthepotentialcustomerbrowsingthewebsite,tothemanagingdirectorfromthemalicioushacker,totheinformationsecuritymanagerwillmakehisorherownpositiveornegativecontributiontotheinformationsecurityoftheorganisation.

    Thusinformationsecurityanditsmanagementneedtobeexaminedwithinanorganisationalcontext.Tothisend,amajoraimofthisunitistogiveyoutheopportunityto:

    investigateyourorganisationanddeterminetheprecisemixofinformationsecurityissuesthataffectit

    explainthelinksbetweenareasofanorganisationandnavigateyourorganisation'sinformationsecurityweb

    identifythesecuritycontributionsofeachindividual,andsosuggeststrategiestomakethesumofthepositivecontributionsgreaterthanthesumofthenegativeones.

    Beforeyoucaninvestigateinformationsecurityanditsmanagementwithinyourorganisation,weneedtointroduceyouinmoredetailtothecomplexitiesofthetopic.Thisisthepurposeofthisunit.Section2discussesthemeaningofthetermsinformation,informationsecurityandinformationsecuritymanagement.Section3looksatinformationsecurityanditsimperativesandincentives.Section4discussesinformationassets.Section5examinestheplanningofaninformationsecuritymanagementsystem.Section6addresseshowriskstoinformationsecuritycanbeassessedandhowinformationassetscanbeidentified.

  • Section7describeshowasystemforinformationsecuritymanagementcanbeimplementedandcontinuallyimproved.Whyisinformationsecurityimportant?Thisunitintroducesyoutoinformationsecurityanditsmanagement.Asuccinctdefinitionofinformationsecuritymightrunasfollows:Informationsecurityisthecollectionoftechnologies,standards,policiesandmanagementpracticesthatareappliedtoinformationtokeepitsecure.Butwhyisitimportanttosecureinformation?Andhowshoulditssecuritybemanaged?Tostartthinkingaboutthesequestions,considerthefollowingstatementsaboutinformation:Intoday'shightechnologyenvironment,organisationsarebecomingmoreandmoredependentontheirinformationsystems.Thepublicisincreasinglyconcernedabouttheproperuseofinformation,particularlypersonaldata.Thethreatstoinformationsystemsfromcriminalsandterroristsareincreasing.Manyorganisationswillidentifyinformationasanareaoftheiroperationthatneedstobeprotectedaspartoftheirsystemofinternalcontrol.(NigelTurnbull,2003,p.xi)Competitiveadvantageisdependentonsuperioraccesstoinformation.(RobertMGrant,2000,p.186)Informationistheoxygenofthemodernage.Itseepsthroughthewallstoppedbybarbedwire,itwaftsacrosstheelectrifiedborders.(RonaldReagan,1989)Itisvitaltobeworriedaboutinformationsecuritybecausemuchofthevalueofabusinessisconcentratedinthevalueofitsinformation.Informationis,asGrantsays,thebasisofcompetitiveadvantage.Andinthenotforprofitsector,withincreasedpublicawarenessofidentitytheftandthepowerofinformation,itisalso,asTurnbullclaims,theareaofanorganisation'soperationsthatmostneedscontrol.Withoutinformation,neitherbusinessesnorthenotforprofitsectorcouldfunction.Valuingandprotectinginformationarecrucialtasksforthemodernorganisation.Ifinformationwereeasytovalueandprotect,however,youwouldbeabletobuyofftheshelfinformationsecuritymanagementsolutions.Therearethreecharacteristicsofinformationsecuritythatmakethisimpossible.Thecollectionofinfluencestowhicheachorganisationisexposedvarieswiththeorganisation:theinformationtechnologythatituses,itspersonnel,theareainwhichitdoesbusiness,itsphysicallocationallthesehaveaneffectoninformationsecurity.Informationsecurityaffectseverystructuralandbehaviouralaspectofanorganisation:agapinasecurityfencecanpermitinformationtobestolenavirallyinfectedcomputerconnectedtoanorganisation'snetworkcandestroyinformationacupofcoffeespiltonacomputerkeyboardcanpreventaccesstoinformation.Eachindividualthatinteractswithanorganisationinanywayfromthepotentialcustomerbrowsingthewebsite,tothemanagingdirectorfromthemalicioushacker,totheinformationsecuritymanagerwillmakehisorherownpositiveornegativecontributiontotheinformationsecurityoftheorganisation.Thusinformationsecurityanditsmanagementneedtobeexaminedwithinanorganisationalcontext.Tothisend,amajoraimofthisunitistogiveyoutheopportunityto:investigateyourorganisationanddeterminetheprecisemixofinformationsecurityissuesthataffectitexplainthelinksbetweenareasofanorganisationandnavigateyourorganisation'sinformationsecuritywebidentifythesecuritycontributionsofeachindividual,andsosuggeststrategiestomakethesumofthepositivecontributionsgreaterthanthesumofthenegativeones.Beforeyoucaninvestigateinformationsecurityanditsmanagementwithinyourorganisation,weneedtointroduceyouinmoredetailtothecomplexitiesofthetopic.Thisisthepurposeofthisunit.Section2discussesthemeaningofthetermsinformation,informationsecurityandinformationsecuritymanagement.Section3looksatinformationsecurityanditsimperativesandincentives.Section4discussesinformationassets.Section5examinestheplanningofaninformationsecuritymanagementsystem.Section6addresseshow

  • riskstoinformationsecuritycanbeassessedandhowinformationassetscanbeidentified.Section7describeshowasystemforinformationsecuritymanagementcanbeimplementedandcontinuallyimproved.


Food Security – Why is it Important? Food Security

Food Security – Why is it Important? Food Security

Documents
Chapter-4 Software Security Why Software? Why is software as important to security as crypto, access control and protocols? Virtually all of information

Chapter-4 Software Security Why Software? Why is software as important to security as crypto, access control and protocols? Virtually all of information

Documents
Infographic: Why Environment, Power & Security Management is so important

Infographic: Why Environment, Power & Security Management is so important

Technology
Information Security - Why is it important for the ... · PDF fileWhy is it important for the Healthcare Industry? Glen Gooding IBM Security Leader ... Information Security - Why is

Information Security - Why is it important for the ... · PDF fileWhy is it important for the Healthcare Industry? Glen Gooding IBM Security Leader ... Information Security - Why is

Documents
Why Informal Seed Sector is Important in Food Security

Why Informal Seed Sector is Important in Food Security

Education
Why is Data Security Important? · PDF file1 1 Why is Data Security Important? 2 Ward Against Identity Theft Identity theft occurs when somebody steals your name and other personal

Why is Data Security Important? · PDF file1 1 Why is Data Security Important? 2 Ward Against Identity Theft Identity theft occurs when somebody steals your name and other personal

Documents
Security vs UX: Why UX is an important factor in designing secure systems

Security vs UX: Why UX is an important factor in designing secure systems

Software
Why computer security certification is important

Why computer security certification is important

Technology
Why is email security important?

Why is email security important?

Documents
Why information security is becoming the most important for mid size business to large size business

Why information security is becoming the most important for mid size business to large size business

Technology
Les Assises 2015 - Why people are the most important aspect of IT security?

Les Assises 2015 - Why people are the most important aspect of IT security?

Education
Security-Centric Traffic Analysis · Why Is Security-Centric Traffic Analysis Important? • Constant increase of cyber-attacks required NTAs to focus on security aspects in addition

Security-Centric Traffic Analysis · Why Is Security-Centric Traffic Analysis Important? • Constant increase of cyber-attacks required NTAs to focus on security aspects in addition

Documents
3433 IBM messaging security why securing your environment is important-feb2016.4

3433 IBM messaging security why securing your environment is important-feb2016.4

Software
Video Why math is important Video Why math is important

Video Why math is important Video Why math is important

Documents
INFORMATIONppdcagra.dcmsme.gov.in/ppdcagra/web/Pages/isjm.pdf · introduction: what is information security, why is it important. principles of information security.: key concepts

INFORMATIONppdcagra.dcmsme.gov.in/ppdcagra/web/Pages/isjm.pdf · introduction: what is information security, why is it important. principles of information security.: key concepts

Documents
Airport Security : Why it’s Important - HID Access Cards

Airport Security : Why it’s Important - HID Access Cards

Business
Security Intelligence - · PDF file · 2016-02-20What is Security Intelligence –and why is it important? ... Security intelligence reduces risk, facilitates compliance, ... Firewall

Security Intelligence - · PDF file · 2016-02-20What is Security Intelligence –and why is it important? ... Security intelligence reduces risk, facilitates compliance, ... Firewall

Documents
Why Information Security is very important? What is Key Logger ?

Why Information Security is very important? What is Key Logger ?

Documents
Unit 7. Confidentiality and Data Security · Unit 7: Confidentiality and Data Security Page 7.9 Confidentiality and Security Considerations Why is confidentiality important Confidentiality

Unit 7. Confidentiality and Data Security · Unit 7: Confidentiality and Data Security Page 7.9 Confidentiality and Security Considerations Why is confidentiality important Confidentiality

Documents
COMPUTER AND NETWORK SECURITY ISSUES UNIT 2. Why is Information Security Important? Legal professionals and clients depend on computers and technology

COMPUTER AND NETWORK SECURITY ISSUES UNIT 2. Why is Information Security Important? Legal professionals and clients depend on computers and technology

Documents
UNIT 2 Computer and Network Security Issues. Why is Information Security Important? Legal professionals and clients depend on computers and technology

UNIT 2 Computer and Network Security Issues. Why is Information Security Important? Legal professionals and clients depend on computers and technology

Documents
Software 1 Software and Security Software 2 Why Software? Why is software as important to security as crypto, access control and protocols? Virtually

Software 1 Software and Security Software 2 Why Software? Why is software as important to security as crypto, access control and protocols? Virtually

Documents
Security Intelligence - ISACA · PDF file · 2016-02-20What is Security Intelligence –and why is it important? ... Security intelligence reduces risk, facilitates compliance,

Security Intelligence - ISACA · PDF file · 2016-02-20What is Security Intelligence –and why is it important? ... Security intelligence reduces risk, facilitates compliance,

Documents
Why Physical Security is So Important!

Why Physical Security is So Important!

Documents
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user

Documents
Security Threats to Electronic Commerce. Objectives Important computer and electronic commerce security terms Why secrecy, integrity, and necessity are

Security Threats to Electronic Commerce. Objectives Important computer and electronic commerce security terms Why secrecy, integrity, and necessity are

Documents
Why is Data Security Important? - Purdue University · Why is Data Security Important? 2 Ward Against Identity Theft Identity theft occurs when somebody steals your name and other

Why is Data Security Important? - Purdue University · Why is Data Security Important? 2 Ward Against Identity Theft Identity theft occurs when somebody steals your name and other

Documents
Securing Hybrid Workloads · 2017. 10. 6. · Securing Hybrid Workloads Why is a consistent view important? Why is continuous security important? 32 12 47 What is the cloud shared

Securing Hybrid Workloads · 2017. 10. 6. · Securing Hybrid Workloads Why is a consistent view important? Why is continuous security important? 32 12 47 What is the cloud shared

Documents
  · Web viewInformation Security: Why is Information security important to me and you? - Joining our suite of information security talks, this session outlines the main reasons

  · Web viewInformation Security: Why is Information security important to me and you? - Joining our suite of information security talks, this session outlines the main reasons

Documents
Food Security – Why is it Important? Food Security ...oaklandfoodsystem.pbworks.com/f/OFSA_FoodSecurity.pdf · Food Security – Why is it Important? Food Security means access

Food Security – Why is it Important? Food Security ...oaklandfoodsystem.pbworks.com/f/OFSA_FoodSecurity.pdf · Food Security – Why is it Important? Food Security means access

Documents