The classic dilemma facing organisations today in this world of ubiquitous connectivity is using state-of-the-art information technology to accomplish critical business functions whilst maintaining the appropriate safeguards necessary to protect businesses against failures. However, in many cases, the information they are charged with protecting and managing may not be as secure as it could be.
With Information Assurance (IA) controls, accreditation and ISO standards becoming being regularly expected or demanded between partners and clients, it is essential that IT systems are secure, robust, and functioning efficiently. This can be achieved through pro-active monitoring of systems and databases for intrusions, vulnerabilities and threats, together with regular audits and inspections to ensure compliance.
Compromises of business systems can generally be attributed to unauthorised disclosure of information (a confidentiality failure), unauthorised modification of information (an integrity failure), or denial of service (an availability failure). Each of these compromises to information or information systems can have an adverse impact on organisational operations, organisational assets, and individuals.
The impact of such failures leave organisations vulnerable to a broad range of risks, including lost revenue through unreliable business systems and processes, commercial 'espionage' or e-crimes, non-compliance with statutory laws and industry regulations, as well as loss of consumer confidence and business reputation.
|