ABSTRACT
Networks have become common structural elements in our lives, industrial production, services and other social relationships. Along with their growing use, new kinds of risks and dangers have sur-faced, which, as is seen in media, have grown well. These comprise hacking attacks of web pages and applications used by administrations or download of client data records from financial systems, etc.
There is no such thing as absolute network security unless one cuts off any external connections and blocks all users. Once an organisation has opted for internal and external networks, and there is generally no way around this, the element of risk arises, and risk assessment is necessary.
This chapter discusses a security strategy for organisations. A security strategy has to be designed in such a way that the main objective of information processing, i.e. the maximum availability of IT instruments is not impeded taking into account all measures demanded by emergency management. This is the balancing act to be achieved.
