1. List and describe the three communications ofinterest that engage in an Organization’s efforts to solve InfoSec problems.Give two or three examples of who might be in each community. The communication of interest that engagein an organization in order to protect informationsecurity (InfoSec) include the following:· Members from thefield of Information Security· Members from thefield of Information Technology· Members of therest of the Organization Itis important to realize though the Planning, Organizing and Assisting activitiesof information security may come from the first two communication of interestit is the role of entire organization to work as a team and execute theactivities related to Information Security Few examples of members involved in every communityinclude· Members from thefield of Information Security – IT Directors and Managers· Members from thefield of Information Technology – IT Customer Support and Technicians· Members of therest of the Organization – All the employees of the Organization who shouldabide by the rules of InfoSec department. 2.
What is information security? What essentialprotection must be in place to protect to protect information systems fromdanger?Information security(InfoSec) refers to a set ofactivity that takes place in order to protect all the data that is consideredto be of great value to any Organization or an Individual. This mainly is donebecause the information is considered confidential and in the hands of thewrong individuals they may cause a great deal of loss. InfoSec process involvesa variety of mechanisms to protect the Information warehouses from hacking.They also involve awareness programs, training, policies and technologies toprotect themselves from having their security breached.The main areas of Information security managementinclude Computer Security, Data Security and Network Security. 3. Describe the CNSS security model. What are its threedimensions?The CNSS (Committee on National Security Systems)security model is referred to as Mc Cucumber Cube, named after its developer,John Mc Cucumber.
It includes three main dimensions which is considered to helpunderstand the important aspects of information security which are –Information Characteristics, Information location and Security controlcharacteristics. The extension of this 3 dimension characteristics is toprovide with 27 intersections shown below http://www.ckpsonline.com/myblog/wp-content/uploads/2016/07/CNSS.
jpg Theintersection of every cell is to be reviewed carefully for all decisionspertaining to InfoSec. Every dimension has some activity that needs to getsaddressed by the one of the communities of Interest. Example: Education,Integrity and Processing will help the InfoSec department in understanding therequirement of training and need to follow them with complete integrity andalso discuss the gaps if any. References Whitman, M.
E., & Mattord, H. J.
(2013). Introduction to the Management of Information Security. In Managementof information security(pp. 2-7).