Security technologies and methodologies used to mitigate
Information Security (IS) protects the confidentiality, integrity and availability (CIA) of information. The increasing demand for securing information in organizations has currently made information be considered a valuable asset. The need to protect information assets in organizations subsequently becomes essential. As a result, a good Information security management (ISM) program has to be established in order to appropriately deal with the certain rights and controls over organizational information.
Most organizations today find the use of Information Technology (IT) systems critical to improve efficiency of operations to meet business objectives. The immense growth in electronic commerce (e-commerce) infrastructure for internet transactions is an example. Companies now need to secure their data, systems, communications and resources from CIA breaches more than ever before as result of these factors. Information has to be accessible in order to be useful, and this accessibility usually puts it at a risk. Information Security Awareness (ISA) programs can be implemented in organizations to ensure that the various roles within an organization understand and carry out information security duties required of them in efficient and effective ways to minimize associated risks.
It has become a necessary norm nowadays to have IT and security specialists in organizations who oversee a department to aid business functions. Several corporations worldwide now have IT and security departments as a functional department(s) that controls certain technological and security issues of the business.
Organizations use complex IT and security related applications to protect business assets and make processes more efficient. These applications are embedded wholly into organizational systems, thus become very critical resources as any damage in these applications