Managing computer and network security programs has become an increasingly difficult and challenging job. Dramatic advances in computing and communications technology during the last years have redirected the focus of data processing from the computing center to the terminals in individual offices and homes. The result is that managers must now monitor security on a more widely dispersed level. These changes are continuing to accelerate, making the security manager’s job increasingly difficult.
The information security manager must establish and maintain a security program that ensures three requirements: the confidentiality, integrity, and availability of the company’s information resources.