School of Computer and Information Science, Edith Cowan University
Faculty of Computing, Health and Science
School of Computer and Information Science
This paper argues that the definition of 'information' is crucial to the understanding of 'information security'. At present, information security concentrates on the technological aspects of data, computer and network security. This computer-centric approach ignores the fact that the majority of information within an organisation is derived from other sources than computer stored data. The implications for security are that much data can be leaked from an organisation even if the computer and network systems are secured.