Primarily, security is protection from danger. There are various types of security e.g., operation, communication and network security. While information system is made up of hardware, software, data, people, procedures and networks. According to the committee on National Security System, Information security is defined as the protection of information and its critical elements, including the system and hardware that use, store, and transit that information. It includes the broad areas of information security management, computer, data, and network security (Whitman & Mattord, 2012). There are three characteristics of information that gives it value to organization: availability, integrity and confidentiality. Therefore, these three elements have to be secured since they are vital to an organization. However the threats to the characteristics of information have evolved into a vast collection of events including accidental, intentional damage, theft, and unauthorized modification. Hence there is development of a more robust model of information security that addresses this threats ,the model consist of critical characteristics of information :availability,accuracy,authenticity , possession, integrity ,utility and confidentiality.Therefore,upper management drives a top-down and the traditional system development life cycle approach in order to implement security in organizations. Finally information security can also be described as both an art and science as it also comprises aspects of social science (Shimeall & Spring, 2014).
Global perspective in security entails the dynamic security environment and its intrinsic challenges. It includes all the current issues in information security and how they can be managed.Idealy, there are six major aims of security and they are divided into six major categories. Table 1.1