Information security managers play a key role in avoiding disasters by identifying any weak areas that might make information systems vulnerable. They assess an organization’s security measu
An information security manager takes responsibility for overseeing and controlling all aspects of computer security in a business. The job entails planning and carrying out security measures that will protect a business’s data and information from deliberate attack, unauthorised access, corruption and theft.
There are many threats to electronic information, and an information security manager would need to deal with risks that include:
Denial of service attacks, where systems are overloaded with useless data and brought to a standstill
Hacking, or unauthorised access to a computer system
Phishing, where users are lured into entrusting their confidential details to spoof websites
Viruses, spyware, worms and Trojans
The abuse of permissions granted to authorised system users
Pharming, where users are redirected to fake websites after genuine websites have been hacked.
Specific work would entail:
Assessing the risks to computer systems and planning to minimise possible threats
Upgrading existing security systems or designing new ones
Testing security products and evaluating them
Simulating security breaches to test procedures
Making plans for disaster recovery in case security is breached
Carrying out corrective actions in the event of a breach
Looking for weak points in the system and securing them
Ensuring that international and national network security standards are met
Preparing technical documentation and reports for users and managers.
Managers in senior level posts would also be expected to be responsible for training and supervising staff, as well as working closely with operations managers on the overall security strategy of the business.