Discussion 2 - The hard reality of information security today
I9ST DIS 2
Information security is an essential part of a business’s operations.
The hard reality of information security today is this: “Bad things will happen!” You must be prepared to handle these “bad things,” such as hacks, security vulnerabilities, data breaches, insider threats, employee errors, privacy mistakes, etc. All of these bad things can cause irreparable damage to a business, and this is why information security is such a vital service for every organization.
Information security is based on three “pillars”:
- Confidentiality of data
- Integrity of data
- Availability of data
In its most basic form, information security seeks to enable the business or organization to remain in business. To do so, it must cover threats to an organization’s information systems, including people, software assets, hardware assets, procedures, and data. With the inclusion of people and procedures, information security is no longer relegated to overseeing technology risks but must also consider physical security controls and administrative controls (human resources practices, policies, education, training, etc.).
The threats are many, including natural disasters, sabotage, industrial espionage, and cyber-crime, which might target your intellectual property or your organization’s finances. The means by which these incidents might occur range from happenstance to repeated, deliberate, and focused attacks on your technology (such as hacks or malware) and/or people (social engineering) by determined threat agents.
For this Discussion, you will analyze current trends in the field of information security. You will examine the three pillars of information security and the threats to these pillars, and you will investigate gaps between existing defenses and emerging security threats that businesses must understand and prepare for.
- Read this week’s resources, keeping in mind the three pillars of information security.
3–4 paragraphs that analyze current trends in the field of information security, examine the three pillars of information security and the threats to these pillars, and investigate gaps between existing defenses and emerging security threats.