Belief & Culture: Build Awareness
Why is it important to build one's awareness and proper perception of information security? And how does one build such awareness/proper perception in the management of an organization?
Now a day, it is obvious of how people are just interested in making an effort to get up-to-date with information. This information may be confidential for themselves or company. Date Security may be defined as safeguard of any information from any threats. Information security involves securing of information in a system. This may be defense from illegal use; inspection and other threats. Some of these people acquire information with bad intentions like using information somewhere else or threatening with someone else. Moreover, highly skilled hackers and increased competition have made security on information to be intensified and more insecure. To keep this information secure is one of the great challenges for the company and people.
Bruce Schneier suggested a framework to create awareness and perfect perception of information security. According to his framework, he termed security as a trade off. It means that individual need to deeply understand how security works psychologically. Schneier also claimed that any benefits in matters of security involve one trading off. Usually employees and people working within the organization are the main source of information breaches. The employee’s behavior in regard to data access impacts information systems in a great way (Schneier, 2008). The tradeoff can be security with time, capability or money. People are required to choose the best security trade off as something may go undesirably wrong when trading off. It also shows how the cost and the threats can be compared when it comes to security (Schneier, 2008).
Bruce suggested that when individual gets something wrong related to the system the perception of the security then does not full fill the security reality. People do overlook the...