IT security

“The small insight from the introduction into security-relevant incidents shows how comprehensive the topic of IT security is:

• It must be considered both for systems and their functionality as well as for processed information itself.

• Not only individual systems must be secured, but also their networks, i.e. entire technical infrastructures.

• The security of information affects corporate, individual and social interests.

• IT security is no longer just an issue for IT companies and now also for manufacturing companies, but also for states, societies and individual citizens.

• Security measures must not be limited to the technical components, but must include, among other things, organizational and human factors.

For this reason, it is important to view IT security not just as a technical task, but as part of broader information security. For companies there is the ISO standard 27001, which, among other things, provides a catalog of measures for IT security. Kosutic 2011 analyzed these measures and found that only 46% of the measures relate to information technologies, the rest are distributed between physical security measures, organizational measures (including documentation and human resources), legal protection and measures related to relationships customers and suppliers. In this course we want to look at IT security in the larger context of information security, whereby IT security - in the sense of information technology security - only contributes a part to information security. Figure 2.1 is intended to illustrate this point of view: IT security is based on secured technical systems, protected information and caring people.
” [9]
[9] Basics of IT security, //vfhgits.oncampus.de, as of July 17, 2020 11:14 am