- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Designing And Implementing An Effective Information Security Program: Protecting The Data Assets Of Individuals, Small And Large Businesses
- Abstract
- Attacks against computers, in both home and business environments, have grown steadily over the past several years. According to the U.S. Federal Bureau of Investigation, "...worldwide digital attacks reached an all-time high of nearly 20,000 in January, causing more than $8 billion in damages." (Mueller, 2003). Incidents of identity theft the act of impersonating another person for profit or gain are growing at an alarming rate. Identity theft is considered one of the fastest growing crimes in the United States, affecting an estimated 900,000 new victims every year (Pollock & May, 2002). The need for information security should be apparent, but the knowledge and ability to design and implement an effective security program requires substantial research, and often a great investment of time and resources. To compound the problem, many home users lack the knowledge and experience to identify and understand their risk. Moreover, while small businesses may understand, they either do not grasp the severity of the problem, or lack the resources to rectify it.