Information Security for Managers by Michael Workman, Daniel C. Phelps, John N. Gathegi

WHEN PEOPLE THINK ABOUT INFORMATION SYSTEMS, most often computers come to mind. However, an information system (IS) extends to all organizational information infrastructure, including networks, databases, hardcopies of documents, computer server rooms, and even physical storage vaults. The primary purpose of an information system is to facilitate the business and its mission; therefore, it is critical to take actions to help protect against threats to IS. In this chapter, we will broadly survey threat categories and provide a few examples. We will take note that employees are on the front lines and need to be trained, made aware, and made vigilant. Technological measures also need to be put into place, ...