Information Security is a discipline to protect information and information systems from threats through security controls to:
- achieve the objectives of confidentiality, integrity, and availability, or CIA for short,
- support the organizational mission and processes, and
- create and deliver values.
The definition of Information Security is revised as Information Security is a business issue and should be aligned with the business mission, goals, and strategies, enable and streamline business processes, and create and deliver values ultimately.