Information Security

Information Security refers to the processes and methodologies which are designed and implemented to protect the print, audio, video, digital, or any other form of confidential, private, and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

Definitions of information security are suggested below: Preservation of confidentiality, integrity, availability, reliability accountability, and authenticity of the information or in other words, the protection of information from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. The fundamental principles of information security are confidentiality, integrity, and availability. 

1. Confidentiality – means information is not disclosed to unauthorized individuals, entities and process. 
2. Integrity – means maintaining the accuracy and completeness of data. 
3. Availability – means information must be available when needed.

In any organisation, Information Security is the process of protecting the intellectual property of an organisation. Information security is a risk management discipline or protection of information.

Information is created, processed, stored, transmitted, and destroyed, free from threats in any organisation. Threats to information or information systems belong to organisation may be categorized and a corresponding security goal may be defined for each category of threats. 

A set of security goals, identified as a result of a threat analysis. The currently relevant set of security goals may include: confidentiality, integrity, availability, privacy,"Information security is the protection of information and minimises the risk of exposing information to unauthorised parties.

Information system-related security risks are those risks that arise from the loss of confidentiality, integrity, or availability of information or information systems and reflect the potential adverse impacts to organisational operations (including mission, functions, image, or reputation), organisational assets, ...

To begin risk assessment, take the following steps:

1. Find all valuable assets across the organization that could be harmed by threats in a way that results in a monetary loss. ...
2. Identify potential consequences. ...
3. Identify threats and their level. ...
4. Identify vulnerabilities and assess the likelihood of their exploitation.