Abstract:Information is a critical resource for
an organisation. Increasingly, information security is becoming an ever-increasing
complex responsibility for IT management responsible for the safe-keeping
of this critical resource. This paper describes that implementing good
security can be greatly simplified by following procedures and processes
already developed and documented by Information Security experts. Augmenting
this is a recommendation that educational institutions offering IT programs
include security education components to develop a pool of IT security trained
graduates to address the huge demand by industry and users of IT systems
for secure systems.