Protection

In order to minimize our information security risks, we need to ensure that we clearly define and precisely know what we are protecting, how we plan to protect it and its overall value. In this regard, the protection pillar is one of the first and most crucial for information security. Mistreatment of its correct definition and implementation will result in either a false sense of security or a waste of finances (which has a higher risk rating associated with it than the actual insecurity itself). Building a garage that is worth twice as much as the automobile placed inside it is obviously not a feasible protective measure either. Measuring and maintaining the protection pillar addresses the first and most basic step in minimizing any information security risk.