• Skip to main content
  • Skip to primary sidebar

Information Security Management ResourceKit

A Public Service of SecureTheVillage

  • Home
  • Return to SecureTheVillage

The Objective of Information Security Management

The Objective of Information Security Management is to Manage Information Risk

  • Cyber Fraud
  • Business Email Compromise
  • Information Theft
  • Ransomware
  • Denial of Service Attack
  • Regulatory compliance
  • Disaster

Information Risk Impacts Business Risk

  • Loss of Money
  • Loss of Brand Value
  • Loss of Competitive Advantage

Information Risk Measures

  • Thirty percent (30%) of cybercrime victims are smaller organizations
  • Sixty percent (60%) of these victims are out of business within 6 months
  • Eighty percent (80%) of these breaches are preventable with basic security management

Managing information risk means ensuring four things

  1. The confidentiality and privacy of sensitive information
  2. The integrity of information and data
  3. The availability of critical information
  4. The authenticity of communications

The Context of Information Security Management

Information security management augments insurance and other forms of risk transfer. It also takes place in the legal context of commercial reasonableness.

 

Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.

Filed Under: Information Security Management & Governance

Primary Sidebar

Resources Areas

  • Cyber Threats
    • Ransomware
    • Online Bank Fraud
  • Information Security Management / Leadership
  • Information Security Policies and Standards
  • Information Security Risk Assessment
  • Information Classification and Control
  • Securing the Human
  • Third-Party Security Management
  • Managing Security of the IT Infrastructure
  • Legal & Related
    • Basic Cyber Laws
    • Payment Card Industry Data Security Standard (PCI DSS)
    • General Data Protection Regulation (GDPR)
    • California Consumer Privacy Act (CCPA)
    • Cybersecurity Maturity Model Certification (CMMC)
  • Getting Cyber-Prepared: Incident Response & Business Continuity
  • Managing Cyber-Risk and Insurance
  • Personal Cybersecurity
  • Cyber Freedom

Copyright © 2023 · SecureTheVillage