Analysis Of Information Security Based On The Family Iso / Iec 27000

1113 Words Nov 10th, 2014 5 Pages
INTRODUCTION

The necessity to protect information has evolved through human history: from protect information about the best place for hunting or phishing in ancient times, to information related to trade secrets in our days.

People responsible to protect that information have developed many techniques to achieve that goal. Some of them are designed for a specific purpose and are very effective, but they are not replicable or sustainable over time. Drivers as the spread of knowledge and the globalisation made necessary to develop an effective standard which permit to any organisation implement controls to protect their information, and a management system to handle those controls, procuring their permanently update to treat new threats, as well as new legal requirements related to the changes in the business environment.

This paper will analyse the evolution of the main components of the methodology for information security based on the family ISO/IEC 27000, considering the changes described previously.

NECESSITY OF INFORMATION SECURITY

Information is one of the most critical resources for all companies, whatever the business environment in which the company works. The new recipe for an ice cream factory, the route of an armoured truck for a bank, or the list of VIP clients for a financial consultant, must be protected against threats which are permanently attacking the company’s infrastructure to get and use that information for unauthorized or even illegal…
Open Document