Information security and organisations: a non-technical guide to players, offences and effective defencesDiplo Foundation, 2003 - 57 pages |
Contents
Introduction | 7 |
Information security definitions | 15 |
Information insecurity players and offences | 23 |
The catalogue of information security offences | 30 |
The international standard ISO 17799 | 39 |
Dealing with the organisational aspects | 49 |
Employees freedom of expression monitoring and civil rights | 55 |
Common terms and phrases
access control audit availability become best practices booklet business continuity bystanders Chief Information Officers clude complex confidentiality configuration contingency plans Crisis management critical infrastructures cyber-attack cyber-terrorism cybercrime cyberspace cyberwar damage deal Deep Web defences defining Digital Divide diplomacy Disaster recovery disruption document Emergency Response Teams employees example exploit firewall fraud frontier lands Guiding principle hackers Hacktivism honeypot impact implementation individuals information assets information processing Information Security Management information systems information technology InfraGard insecurity integrity intellectual property Internet Intrusion detection systems involved Jovan Kurbalija legislation malicious code malicious software management of information motivation Non-IP operations organisation’s organised crime outsourcing passwords Personal Computers Personal Digital Assistants potential problem protection related offences including residual risk sabotage security breaches security incidents security policies senior management staff systems and facilities systems and networks targets technical teleworking theft threats tion Total Quality Management trusted insider users vulnerabilities weapons websites