IT Security Manager
2.1 IT-Security
IT-Security, i.e. information security, is a complex and multilayered topic. A uniform definition is difficult at this point because IT security comprises many components. Basically, information security is concerned with all technical measures to reduce the risk potential for IT applications and systems.
Its task is thus to protect companies and their assets from hackers and data robbers and thus also to prevent economic damage in advance. After all, a targeted attack on specific company data or sensitive customer and personnel data can also quickly lead to disruptions and losses in the economic sphere due to a breach of confidentiality.
IT security officers must therefore take protective measures to reduce the risk potential, i.e. develop security concepts, coordinate the allocation of access authorisations and implement security standards. The scope of activities also includes vulnerability analyses, system hardening, data protection, training to sensitise staff and risk analysis of existing IT systems. Thus, IT security is the technical implementation of security concepts under economic aspects (Lipinksi, 2007).
IT security not only includes software and applications, but also all endangered and vulnerable facilities such as buildings, people, networks and hardware. The aim of IT security is thus to protect confidential information, data and systems for the company so that unauthorised persons cannot access files, even during a transmission process, for example. IT security must also ensure the availability and authenticity of data and systems.
The figure below illustrates how complex a security concept is and how it should ideally be structured:
One hundred percent security can of course almost never be guaranteed. Because first of all, the term “security” first arises in the minds of our society. If this idea of security already exists, the urgency or necessity of the problem is usually not recognized and savings are quickly made on security measures or trained personnel in security matters.