Introduction to Information Security

Security can be defined as the degree of protection against criminal activity, danger, damage, and/or loss. Following this broad definition, information security refers to all of the processes and policies designed to protect an organization’s information and information systems (IS).

A Threat to an information resource is any danger to which a system may be exposed.

The exposure of an information resource is the harm, loss or damage that can result if a threat compromises that resource.

An Information resource’s vulnerability is the possibility that the system will be harmed by a threat.

Threat                     : Any danger to which an information resource may be exposed

Exposure               : The harm, loss or damage that can reslut if a threat compromises an   information resource

Vulnerability      : The possibility that an information resource will be harmed by a threat


Five key factors are contributing to the increasing vulnerability of organizational information resources, making it much more difficult to secure them :

  1. Today’s interconnected, interdependent, wirelessly networked business environment
  2. Smaller, Faster, cheaper computers and storage devices
  3. Decreasing skills necessary to be a computer hacker
  4. International organized crime taking over cybercrime
  5. Lack of management support

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: