Examine the importance of cybersecurity

Security Policies Definition

Information security encompasses the policies established by an organization to ensure that all users of information technology within the organization's domain adhere to rules and guidelines pertaining to the protection of digitally stored information across networks and within the organization's premises.

Security Layers

Three things that may help to protect information systems

• Education: Education of what could have happened if lost or in the wrong hands
• Awareness: Awareness of what information you have. How important it is? How secure It is?
• Technology: Technological precautions to secure information systems?

Key Concepts of Information Security:

• Access: Access control regulates legal and illegal access to a system. Authorized users have legal access, while hackers have illegal access.
• Asset: Assets refer to the resources, whether physical or logical (such as websites or data), that need protection.
• Attack: Attacks, intentional or unintentional, compromise or cause damage to information systems. They can be active or passive, direct or indirect.
• Vulnerability: Vulnerabilities are weaknesses or faults in a system that can be exploited by individuals to launch attacks.
• Threat: Threats are circumstances or weaknesses that pose a danger or potential harm to assets or systems.
• Control or Safeguard: Controls, also known as countermeasures, are actions, devices, procedures, or techniques that reduce or eliminate vulnerabilities. They help block threats.

Need for Information Security:

• Confidentiality: Confidentiality refers to preventing unauthorized disclosure of information. Measures such as information classification, secure document storage, security policies, and end-user education can protect confidential information.
• Integrity: Integrity ensures that information remains unmodified by unauthorized users. Corruption, damage, or disruption can threaten the integrity of information. Monitoring changes in file integrity can help detect viruses.
• Availability: Availability ensures that authorized users can access information without interference or obstruction. It allows retrieval of information in the required format.
• Authenticity: Authenticity ensures that information remains genuine and original throughout its lifecycle, including storage, transmission, and transformation.
• Possession: Possession relates to ownership and control of information. A breach of confidentiality results in a breach of possession, not the other way around.
• Utility: Utility refers to the value of information for a specific purpose. Information is useful when it can serve a purpose and is available in a meaningful format to end-users.
• Privacy: Privacy concerns the protection of personal information stored on computer systems. It encompasses data privacy and applies to various types of collected personal information.
• Non-repudiation: Non-repudiation provides assurance that someone cannot deny their actions or transactions.

These concepts and the need for information security underscore the importance of implementing appropriate measures to safeguard information and mitigate risks.