Professional Documents
Culture Documents
Information Assurance
Information Assurance
Information Assurance
The purpose of AI is to identify, understand and manage the risk related to the
organization’s use of information and information systems (Hernandez, 2014).
Five pillars to ensure and maintain the AI (Wilson, 2012):
Confidentiality – Safeguard sensitive information from unauthorized access.
Integrity – Prevent unauthorized changes in the information during its transmission or while it is
in use.
Availability – Allow users access to information for their work’s needs and responsibilities.
Nonrepudiation – Provide evidence that information was sent and received.
Authentication – Guarantee that authorized users are who they say they are.
Risk associated with non-adherence to AI
processes
Organization Data Breach – Social engineering attacks are caused by phishing and pretexting attacks,
and email is the most common attacking medium used by hackers with 93% and 96% of total successful
breach attacks, respectively (Data Breach Investigations Report, 2018).
Organization’s Financial Damage – According to hosting tribunals, 40 to 60% of small businesses will
not open after data loss (Branko, n.d.).
Operations Losses - Small businesses can pay up to $8,000 for an hour of downtime, as reported by
hosting tribunals (Branko, n.d.).
Loss of Reputation and Brand Image - According to a Centrify study, 65% of consumers lose trust in
organizations affected by data breaches (The Impact of Data Breaches On Reputation & Share Value: A
study of marketers, IT practitioners and consumer in the United Kingdom, 2017).
Customer Losses –According to Veronis, 52% of consumers consider moving to another service and
product provider with better security (Hospelhorn, 2020).
Countermeasures to mitigate risk
Hernandez, S., Schou, C. (2014).Information Assurance Handbook: Effective computer security and risk management.
McGraw-Hill
(2018). Data Breach Investigations Report. Verizon.
Branko, K. (n.d.). 15+ Scary Data Loss Statistics to Keep in Mind in 2021. Retrieved from Hosting Tribunal:
https://hostingtribunal.com/blog/data-loss-statistics/#gref
The Impact of Data Breaches On Reputation & Share Value: A study of marketers, IT practitioners and consumer in the
United Kingdom. (2017, May). Retrieved from Centrify:
https://www.centrify.com/media/4772757/ponemon_data_breach_impact_study_uk.pdf
Hospelhorn, S. (2020, March 29). Analyzing Company Reputation After a Data Breach. Retrieved from Varonis:
https://www.varonis.com/blog/company-reputation-after-a-data-breach/
Melnick, J. (2021, April 16). Top 12 Data Security Solutions to Protect Your Sensitive Information. Retrieved from
Netwrix: https://blog.netwrix.com/2019/09/12/top-12-data-security-solutions-to-protect-your-sensitive-information/
Wilson, K. (2012, February 14). Conflicts Among the Pillars of Information Assurance. IT Professional, 15(4), 44-49.