Understanding the importance of information security in your business
According to ISO 27000 and Information Security: A Combined Glossary, information security denotes the preservation of the confidentiality, integrity, and availability (CIA) of information. Additionally, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.
Information security, often called data security, is a governance issue, not an IT department functional responsibility. It involves the understanding and compliance with corporate IT policies which are not only aimed at directors, but also employees who have access to the same computer network within an organisation.
Cyber Security in India
The Indian Government has issued a number of regulations and strategies to combat cyber crime and reduce the risks that threaten businesses nationwide.
The IT Act 2000, the IT (Amendment) Act, 2008 and the National Cyber Security Policy all use best practices and guidelines, many of which are found in the standard of ISO 27001.
The IT Act even states that those organisations who have implemented ISO 27001 “shall be deemed to have complied with reasonable security practices and procedures”.
Information security and government regulation in India
Since the development of new technologies (Cloud Computing, social media etc.) and the growing number of people using the internet, data privacy has been under immense threat from cyber terrorists and hackers. This puts individuals, organisations and India (as a whole) at risk. As a result, the government of India brought about changes to the IT Act 2005, which projects India as a responsible and data-secure nation.
The Act states that anyone in a company who has access to corporate data automatically exposes their organisation to some risks. Therefore, corporate network security is of paramount importance and is something every organisation should take very seriously.
Discover the world of information security by reading our latest free white paper. Simply enter your details below:
Information security and ISO 27001
Information security is a top board responsibility that affects all your stakeholders. Failure to implement effective policies and procedures to strengthen your information security practices can leave your organisation open to brand damage, fines and loss in customer trust.
Thousands of organisations across the world have implemented an information security management system that sits in line with ISO 27001 - the international information security standard. Recognised worldwide, complying to this standard ensures your organisation is using the best practices to prevent your information getting from into the wrong hands.
Find out more about ISO 27001 >>
Gain a greater understanding of information security with our resources:
View more information security titles >>