Early information security efforts identified confidentiality, integrity and availability as primary security factors which are collectively known as the CIA triad. The CIA triad elements are considered to be the most important components of information securityInformation security is a new field of learning in computer science in that the first people to learn about information security are still learning today as the course is still being deviated into more and more branches this is because the associated course programs are recent, however even before the evolution of the computer age it was still existing for example different ancient cultures such as the Greeks, Romans and the Hebrews used different techniques to conceal sensitive data. The most famous and basic type of cipher is the Ceaser cipher which is named after the infamous military general of the Roman empire Julius Ceaser. Caesar’s cipher was used for diplomatic and military communication of sensitive data. Caesar’s cipher is not secure for it can be decrypted using brutal force so as time has evolves more complex ciphers have been created. Today’s network browsers deal with malware, spyware and adware which may host various threats such as password theftMain drivers and motivation towards information security over the years.The main drivers and motivation towards information security are driven by either loss experience, interests of an organization or experience of top managers. As years pass by Technology has continued to increase and thus the need for advancement on how to protect our data has also increased. From past events of data loss which may have brought catastrophic disaster to an Organization may be a driving force for the organization to seek new innovation towards getting a better security measure than the one in hand, moreover they may be motivated to do so, so as to be a step ahead of the competition and the introduction of state sponsored hacking as an industry on its own. The owners of an organization or system owners feel more at peace knowing that their confidential and sensitive data is well protected this is because security enhances business activities hence providing a deliberate advantage over those of its competitionEvolution of roles of information security professionals.
As the rate of technology advancement keeps growing the information security professionals have developed various information security systems over the years such as ISS checklists, ISS standards, ISS maturity criteria, risk management (RM) and formal methods (FM). These ISS methods are classified into three and five generations. Checklists, ISS standards, ISS maturity criteria, risk management and formal methods belong to the first and second generations. Interestingly, these methods are still widely in practice and thus creating a field for extensive research for improved development of the information security systems by practitioners and scholars. ISS checklists and RM methods are reported to be widely used in practice. Technology Leaders in an organization have over years struggled to gain favor from CEO’s and other senior members of an organization mainly due to negligence and naivety from the top officials but as the years have gone by the successful technology leaders have successfully been able to traverse this gap and thus gaining trust of the top officials in an organization by using suitable techniques to handle a problematic Information System like involving the top officials by educating them on a piece of technology advancement showing its merits to the organization.
The educating of the top officials has made them be tender at heart towards introduction of the new and changing technological solutions of solving various drawbacks of an organizations for example intensive monitoring of data by use of third parties as trusties of securing the sensitive data or looking out for software updates and risk assessments.