Julius Caesar-Caesar Cipher c50 B.C., which was created in order to prevent his secret messages from being, read should a message fall into the wrong hands.
The end of the 20th century and early years of the 21st century saw rapid advancements in telecommunications, computing hardware and software, and data encryption.
Information technology is the vehicle that stores and transports information—a company’s most valuable resource—from one business unit to another. But what happens if the vehicle breaks down, even for a little while? As businesses have become more fluid, the concept of computer security has been replaced by the concept of information security.
Because this new concept covers a broader range of issues, from the protection of data to the protection of human resources, information security is no longer the sole responsibility of a discrete group of people in the company; rather, it is the responsibility of every employee, and especially managers.
Organizations must realize that information security funding and planning decisions involve more than just technical managers: Rather, the process should involve three distinct groups of decision makers, or communities of interest:
Information security managers and professionals
Information technology managers and professionals
Nontechnical business managers and professionals These communities of interest fulfill the following roles:
The information security community protects the organization’s information assets from the many threats they face.
The information technology community supports the business objectives of the organization by supplying and supporting information technology appropriate to the business’ needs.
The nontechnical general business community articulates and communicates organizational policy and objectives and allocates resources to the other groups.