Big burning question....
What is information in the context of information security?
Anything related to the business operations for example
Financial sector - Statements, account details, client details etc..
Manufacturing - Prototypes, cad designs,patented recipes, Bill of material etc
Hospitality - Client details, tour plans, etc..
Real estate - Layouts, approvals etc..
Health care - Research details , patient information , drug recipes etc..
Fashion merchandise - Designs , client information, order details etc..
Supply chain - shipment details, material details, itinerary etc..
Retail - Customer details, payment information etc..
Sports - Game plans, player details, Health information etc..
(Pic courtesy - Google)
In any business irrespective of the criticality of the information, every piece of information needs some level of security.
Now the big challenge is to classify part of details as critical information?
Major business operation is dependent on this piece of information
Impact on the business if competitors get hold of this information
Impact on the business if this piece of the information is not available
Depending on the answers for these questions critical information can be determined.
Level of security is directly proportional to the criticality of the information.
Komentarze