An Information-centric and Proactive Approach to Information Security teaching
Inderscience Enterprises Ltd
Computing, Health and Science
School of Computer and Information Science
This paper examines an approach to developing an Information Security course based on the expansion of the definition of information rather than one based solely on the security aspects of information technology. The paper argues that the definition of 'information' is crucial to the understanding of 'information security'. At present, Information Security concentrates mostly on the technological aspects of data, computer and network security. This techno-centric approach ignores the fact that the majority of information within an organisation is derived from other sources than computer stored data. The outcome is that the course is more human centric in its approach.