ABSTRACT
Over the past few years, information security has evolved from a technology issue to a boardroom issue. Companies are affected every day by security-related incidents such as network intrusions, viruses, or denial-of-service attacks. Some of these incidents are reported but many probably are not. Business is becoming increasingly dependent on technology and the Internet to the point where some businesses would come to a screeching halt if they did not have it. This is particularly true in larger companies, where the ability to communicate and access information is the lifeblood of the business.
