Due to the mercurial nature of the technology and information security landscape, information security can be regarded as an ongoing process. The security process involves awareness and training, assessment of risk, the development of procedure and policy, and finally, the implementation of hardware and software security measures. Then, frequently repeat the process, reassessing and enacting the latest measures.
Information security measures should include much more than a firewall and antivirus. A proper security posture is an amalgamation of policy, procedure, and infrastructure. Maintaining an adequate security posture requires active participation and continual awareness in both personal and organizational realms. Information security entails the protection of the Confidentiality, Integrity, and Availability of information stored on computer systems. Information must be protected from unauthorized access, modification, deletion, or service disruption.
The topic of information security ought not be taken lightly or summarily pooh-poohed. Since technology pervades all areas of life, the issues of information security affect each and every one of us. A breach could happen to you or your organization at any time. As my mother used to always say to me, “be aware of what’s around you.”