Welcome to the ninth issue of ISO 17799 News, designed to keep you abreast of developments and news with respect to ISO17799 and information security.
The newsletter is absolutely free to our subscribers and provides guidance on various practical issues, plus commentary on recent Information Security incidents.
Included in this edition are the following topics:
WHAT IS INFORMATION SECURITY?
We are sometimes asked the most basic of information security question of all: "What is information security?". This can actually be surprisingly difficult to define. However, the introduction to the standard itself characterizes information security as the preservation of what is often known as CIA:
Ensuring that information is accessible only to those authorized to have access
Safeguarding the accuracy and completeness of information and processing methods
Ensuring that authorized users have access to information and associated assets when required.
It further explains that "information security is achieved by implementing a suitable set of controls", and that these need to be "established to ensure that the specific security objectives of the organization are met".