What is information security?
This is the first instance in a series of articles covering the basics about information security. What could be more basic to begin with than talking about information security in general? Let's have a look at the official definition from ISO 27000:2018 first.
"Information security ensures the confidentiality, availability and integrity of information."
Information is essential for the success and continuity of most organizations. This is why information is considered as an asset that requires rigid protection. Information can be stored in many forms.
Security Objectives
Organizations are increasingly depending on the confidentiality, integrity and availability of their information and the related information systems. These security objectives are often referred to as the CIA triad.
领英推荐
Confidentiality
Keeping information confidential is all about preventing unauthorised people from gaining access to it. This implies that organizations need to classify their information which allows them to define access and protection levels that have to be enforced by implementing controls like physical security or cryptography.
Integrity
Integrity is the second component of the CIA triad. Information has to be protected from unauthorized modification, so people can rely on the integrity of the information. This is why changes need to be tracked, so the damage of in case of a mistake can be reversed.
Availability
Because of the importance of information for the ongoing operations of most organizations, information has to be available. To support that security objective organizations require backups and technical controls to ensure the availability of information systems
?? Ready to shake up your routine with a newsletter subscription that can help you crush your learning objectives? Give it a try and subscribe and to InfoSec Insights, your weekly source of educational content for everything information security related.
Seasoned Global Information Security & Privacy Risk Governance, Strategy and Transformation leader | MBA | CISSP | CCSFP | CCSK | CIPT | CRISC | PMP
3 年Hi Aron, Congrats on this new knowledge-sharing initiative, and Thanks a lot for the invite.
AI & ML Product Security
3 年Hi Aron Lange, thank you for the subscription invitation. I remember when I was a fresher and new to InfoSec industry, I used to look for bite size articles to help me get started. I am sure folks from all fields will be able to find this helpful (either from educational or awareness perspective)! Great work!
PhD Candidate (Cybersecurity), CISSP, CISA, CISM, ACCA
3 年Good work, Aron Lange.
Business Psychology Student @ Hochschule Neu-Ulm
3 年Hi Aron, thanks for the subscription invitation and congrats on the release of your article!
Encarregado de Prote??o de Dados Pessoais (DPO) | Compliance Officer | Privacidade de Dados | Seguran?a da Informa??o | Gest?o e Melhoria de Processos
3 年Congratulations Aron Lange!!