Welcome to the SecAware blog

I spy with my beady eye ...

31 Aug 2011

Securing people: the human side of information security

Information security involves far more than just computer security.  It's about protecting information in all its forms against all sorts of risks using whatever security controls are cost-effective.  Technology-based controls such as logins, firewalls and antivirus programs, plus physical controls such as padlocks, are merely parts of the information security space - important parts, maybe, but not sufficient in themselves to secure our information assets. 

This is where the modern approach to information security departs from traditional IT security in particular.  We need to secure not just the computer systems and networks but also the human beings - the people who design, develop, test, implement, use, manage and maintain the systems and networks, plus those who seem to get by perfectly well without IT ...

Information security is very much a human endeavor, which of course makes it an ideal security awareness topic, not least as security cannot be addressed through technology alone. So we have ... a new awareness module on people security ...

To be honest, it's actually the 102nd module since we released an additional module following the London Underground bombings in 2005, and module #101 is our security orientation module.  But please join with us in celebrating our centenary anyway!

Gary (Gary@isect.com)

No comments:

Post a Comment