It doesn’t take a proverbial rocket scientist to figure out basic goals of information security. In fact, the major goal is in the name itself: securing information. The twin sister field called information assurance, also has the main goal in its title.
But if you’ve been reading these all along, the goals of this growing field (and your roles and responsibilities in it) should be getting clearer. Just as there were three large, overarching areas that organizations and companies need to consider in the security realm, so too there are three goals that each security policy should highlight: prevention, detection, and response. No policy should exist that doesn’t address these three goals.
Prevention is the means and methods that security professionals use to block someone from entering a network. Expanded to a more global aspect, prevention is not allowing someone access to your site or building. Prevention is stopping that person before he or she penetrates a system or facility.
Detection is being able to identify activities as they occur. If someone is breaking into your building you want to know this moment that this is occurring. Knowing about it an hour or even a few minutes after the fact is not a good practice. Much damage can be done in five minutes and certainly in 30 minutes or more. Detection is the ability to identify and halt someone at the moment.
Finally, response is methodologies and procedures you have in place to deal with an intrusion. Responses should be appropriate to the incident. For instance, if you discover through detection software that someone is merely pinging your site to check for vulnerabilities, there’s no need to send an alarm to the FBI because you detected the attempt, identified the source and IP address, verified it against all your database and determined that it wasn’t malicious. Those corporate policies should be well established and in place. However, if that same person keeps pinging your site for hours on end trying to find a hole in your security, you will want to take broader actions.
Information security goals should be the norm of every help desk and security professional tasked to guard your company’s or the government’s public sector network. When these are set in motion, securing the information will be a breeze. If, however, management gets lax in implementing the policies or the system administrator neglects her duties, it can have a devastating effect on the company’s entire security posture.