An Information Security Program Mission

1462 Words Mar 12th, 2015 6 Pages
An Information security programs mission should be developed in a way that “aligns with organizational strategies by evaluating business requirements, applicable laws, regulations, standards, and best practices” (Module 2). More importantly businesses, governments, and other types of organizations need to incorporate cyber security to conduct business transactions, share information, and interact with customers and suppliers. Threats to the confidentiality, integrity and availability of cyberspace capabilities (e.g., hardware, software, and networks) are threats against the “economic activities and social interactions that depend upon cyberspace” (Module 2).These threats drive the need for cyber security, thus an information security program must define and gather all the components that protect its information systems, data, finances, and customers.
Providing a well written mission statement will allow your employees to framework your business agendas by providing a highly detailed security policy that makes your organization compliant and secure. More importantly you must be able to identify the types of threats, attacks, and vulnerabilities that include; data breach, data theft, denial of service (DOS) attacks, insider theft of intellectual property, and deliberate corruption through the use of viruses and worm infections. A comprehensive risk analysis or risk management process must be completed to define the likelihood or probability of an undesirable outcome prior to…
Open Document