Information Security

Welcome To The W3 Journal Information Security Section

Information security is defined by Wikipedia as "the process of protecting data from unauthorized access, use, disclosure, destruction, modification, or disruption". That is indeed a fair description.

It is often considered to revolve around Confidentiality, Integrity and Aavailability (CIA) of data. A more complex view embraces Confidentiality, Possession or control, Integrity, Authenticity and Utility.

Closely associated with information security is risk management. This includes a process to assess the risks in play, and select and implement appropriate controls. Another facet is the application of information security standards, such as ISO 17799.

Information security is now governed by a myriad of laws and regulation. These include the following;
EUDPD Protection Directive
The Data Protection Act
Sarbanes-Oxley Act
GLBA Gramm-Leach-Bliley Act
PCI DSS - Payment Card Industry Data Security Standard
HIPAA Health Insurance Portability and Accountability Act
... and many others.



About Us

  • This is section of the W3 Journal will hold information about the journal itself and forthcoming material. It will also outline some of the more esoteric aspects of the subject, and a number of other ad hoc pieces.

Powered by W3 Journal