Viewing Security Management as a Business Practice, Part 1: Lessons Learned in a Medical Setting
Think about how much you rely on access to information and systems to do your job. Today, information systems are essential to most organizations, because virtually all information is captured, stored, and accessed in digital form. We rely on digital data to be accessible, dependable, and protected from misuse. Systems are interconnected in ways that were unimaginable 10 years ago. Networked systems have provided unprecedented access to information. Unfortunately, they've also exposed our information to a variety of new threats. These threats can affect your organization's ability to achieve its mission and meet its business objectives.
This three-part series looks at the link between information security and business issues by examining how two organizations managed their information-security risks. This article, Part 1 of the series, illustrates how a mid-sized hospital improved its security posture. Part 2 focuses on managing security risks in a small nonprofit organization. Finally, Part 3 of the series contrasts the paths that the two organizations took to improve their security postures and explores the relationship between security and business management.