Question

Computer security experts devote their time and energy to the protection of sensitive data and the prevention of an outside attack on the internal network. They specialize in building secure firewalls as well as complex intrusion detection systems designed to keep intruders out. They watch and monitor the incoming message traffic very closely. But no matter how well they protect the private network from outside access without proper authority, they do not help prevent an attack by a malicious or disgruntled employee from the inside. And they cannot prevent breaches due to a simple lack of understanding of security policy by internal employees.When do YOU think an organization needs information systems security policies? Why?

Answer 1

Information security policy are used for the prevention of intruders hacking a network when an organization start getting IT related attacks.

Step-by-step explanation:

Information security policy are used for the prevention of intruders hacking a network when an organization start getting IT related attacks.

An information security policy are set of rules/policies designed to guide employees for the protection of the security of company information and IT systems. The reasons for these policies are:

1. It defines what is required from organization’s employees for the security of the IT systems
2. Information security policies provide a means to secure the organization against external and internal threats
3. Information security policies are a mechanism to for ensuring an organization’s legal and ethical responsibilities
4. Information security policies are created to hold each employee responsible with regard to information security