Organizations are being hacked on daily basis. Security breaches can damage a company's reputation. Every organization needs to have an organized approach to handle and speak to aftermath of a security attack. Organizations can't survive if no plans are in place to minimize damage, along with lessening recovery cost and time. Our operation is completely dependent on wired/wireless computer networks. We use information technology daily to conduct business. Just like every small or large organization integrity, confidentiality and availability of our systems, data is very critical for our success. Commitment is a must need in protecting our systems from variety of security threats.
Our information systems are extremely important for our daily success. To keep our organization becoming more successful, many objectives pertaining to security should be adopted by every employee. Each employee is responsible for using information systems in an ethical and lawful manner. Security policies will explain and identify how to safe guard our data. As our organization grows more threats can occur. As we all know, technology is growing rapidly our security policy will be a living document. This document will be modified on as needed basis. Our IT security team will responsible for reviewing our security policies on annual basis for corrections. .
Cyber attacks are very destructive to public order, these attacks should be controlled. There are a lot of different types of attacks, just to name some: Virus, Trojan, Worms, Spyware, Scareware, Backdoor and SQL Injection. All types of attacks are harmful, regardless of the impact to operations. There are several types of perpetrators for example, Hacker, Insider, Cracker, Cyber criminal and Industrial Spy. Some of these perpetrators can/will use their skills to gain/ gather organization personal data and sell to competitors. A strong security policy needs to be established, which will define our organization's requirements.