Information Security:
Protecting the Global Enterprise
by Donald L. Pipkin, CISSP, CISM
Information security is more than computer data security. It is the process of protecting the
intellectual property of an organization. This intellectual property is paramount to
the organization's survival. Businesses are built on their information -- their company secrets.
These secrets may be manufacturing methods, secret ingredients, pricing agreements with
suppliers, or customer lists. All of these business secrets contribute to the profitability of
the company. They all must be protected.
Everyone is involved in, and in some part responsible for, the safekeeping of information.
One leak can sink the entire organization. Information must be continuously protected from all sides.
This requires that everyone must understand and utilize the security that protects information.
There are no simple answers to the issues of security. Unfortunately, all too often, people are
convinced that all they need to do to secure their information systems is to install a firewall,
or improve their authentication method, or write a security policy. True, each of these things can
help improve the security, but none of them is a complete solution.
Information Security takes you through the process of designing an information security program,
from evaluating current processes to reviewing incident response procedures, with each section of the book
addressing one of these major steps which are required for a complete, cohesive information security program.
Anyone who is responsible for securing information or who needs to understand what must
be done to provide the necessary level of protection must have
Information Security.
