The human beings are stepping into the information society. The information industry develops very rapidly, so do the hackers, trick-playing teens, exploring children, fraudsters, and serious white-collar criminals. Thus, information security becomes an impending important issue.
人类步入信息社会。信息产业的发展非常迅速,黑客,特技播放的青少年,探索儿童,骗子,和严重的白领罪犯也是一样。因此,信息安全成为一个迫在眉睫的重要问题。
In case of information breach, the victims-government department, an organization or an institution, or a company will inevitably suffer great or small loss. Government may be threatened with national security. Companies may lose opportunities to develop new projects. And the public’s and users’ confidence will be damaged.
一旦信息被打破,受害者——政府部门,组织或机构,或大或小的公司将不可避免地遭受损失。政府可能会威胁到国家安全。公司可能会失去开发新项目的机会。与公众和用户的信心将被损坏。
Then how to deal with this issue? Technology is only a partial solution to information security. What’s more important is that organizations and companies should promote the awareness on information security to its staff. However, since no system can ever be 100 percent secure, a prevention-only approach to information security management is not enough. Companies and organizations should adopt a dual approach to information security management by combing prevention and detection techniques
那么如何处理这个问题?技术只是解决信息安全的一部分。更重要的是组织和公司应促进其工作人员的信息安全意识。然而,由于没有系统能百分之百的安全,只有一个保护信息安全管理的方法是不够的。公司和组织应该通过预防和检测技术相结合采取一个信息安全管理的二元的方法。