Data has become the new currency of business. It moves across organisational and international boundaries and is exchanged for value. Imagine this data landing in the wrong hands and the massive information security breach that would occur in your company if it did. In overhauling the company’s data protection strategy, many managers ask the question, Should I invest information security dollars in buying new technology, in hiring a chief information security officer (CISO), or in administering awareness training for employees?
Information security is the methodology that is used to protect information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. It pertains to the confidentiality, integrity, and availability of data in various forms (i.e., print, electronic, or other forms) and can be applied by any type of organization (i.e., corporations, financial institutions, hospitals, military, and governments).
We believe that the purely technical aspects of security are no longer the most important factor. Too many businesses thought they were protected just because they installed technical devices (firewall, IDS, IPS and etc…), which ended up being bypassed all together.
The key to security is elsewhere. "25 % of security is technical, 50 % is internal organisation, and 25 % is regulatory and legal.
It's like a three-legged stool, we need all three.
Businesses, then, need to make their employees aware of computer security and train them on the subject; employees are ‘vulnerable points.’ Companies need to set clearly defined IT/information security rules. Security managers need to be in close contact with general management. A company must also remember to keep its existing security procedures up to date.
SACFiS is information security advisory, research and executive skills development organisation established to provide optimal support in any possible situation of information security by implementing high level management-related solutions and protecting your important information assets from various emerging threats in cyber space. We are at the forefront of a war on cyber crime.