‘Information protection’ is a vague title for an awareness module … which gives us (and you!) plenty of latitude in the scope.
Information is a valuable yet vulnerable resource. We rely on information to communicate and find out about things, to learn and be entertained, to express ourselves and collaborate, and yet every day:
- People are misled, tricked and manipulated through inaccurate and incomplete information (e.g. fake news, scams and frauds, half-truths and lies);
- Businesses and individuals suffer when their IT systems gets hacked or infected with viruses (e.g. ransomware and spyware);
- Trade secrets and sensitive personal information are disclosed or stolen and exploited inappropriately (e.g. piracy and counterfeiting);
- Important paperwork gets lost, damaged or stolen, and computer disks fail unexpectedly, sometimes for no obvious reason;
- People forget things, misinterpret stuff and presume too much;
- Half way through a sentence, we sometimes get distracted or interrupte
… and so on. There are many risks, some of which are serious, hence information requires appropriate protection, begging questions about what information needs to be protected, protected against what, how, and by whom. The corresponding answers are context- or situation-dependent, and are the subject of this module, touching on topics such as information risk management, intellectual property protection and knowledge management, among others.
Learning objectives
This module aims to:
- Explain the context and purpose for protecting information;
- Promote information risk management, including the four different ways of dealing with information risks;
- Engage with individual readers, resonating with them and persuading them to help protect valuable yet vulnerable corporate and personal information, for example through classification;
- Touch on the issues that arise from over-protecting information, to the point that legitimate business uses are restricted or prevented, reducing its value.
What about your learning objectives in relation to this topic: what does ‘information protection’ imply to you and the organization? What springs to mind in relation to types or categories of information particularly in need of protection, or concerning the process for doing so? Do you face specific or general challenges, maybe persistent problems that have been problematic forever?
Information protection awareness
An information security awareness and training module about protecting valuable information against myriad risks e.g. using classification.