In today’s corporate environment, the topic of information security has become a top concern for several organizations. Due to the various laws and government regulations that have recently been implemented to hold an organization liable for the loss of data, information security is an issue that can no longer be overlooked. Effective information security is comprised of multiple layers of defense which work together to protect information. The premise is that if one layer fails, the following layer will succeed. Often when information security is discussed, the technical layers such as firewalls, software patches, intrusion detection systems, anti-virus programs, and encryption are the only areas addressed. However, an important layer of information security defense that is not given the attention that it deserves is the human layer. The human element is the arguably the most important layer of defense for information security. If an individual with malicious intent is able to effectively bypass the human layer, they can circumvent all of the other defensive layers of information security. The time, money and resources directed towards the other layers of information security defense are wasted if the human layer is breached. Therefore the human layer requires the most attention.
This document is in PDF format. To view it click here.