The relationship between information security and technology can be traced back to ancient times. The Egyptians engraved the puzzling hieroglyphics on the stone tablets; The Spartans used a tool called a cipher stick to communicate the military plan, and the Roman Kaiser Julius Caesar was one of the ancient generals of the cipher, and the "Caesar cipher" was rumored to be the Guromache's encryption system used to protect important military intelligence. It is an alternative password, which is used to encrypt the letters by delaying the 3-bit in order, such as the letter A in the letter D, and the letter B in the letter E. Alan Turing, the father of British computer science, helped break the German Navy's Enigma secret code in the British Bletchley Manor and changed the course of the two world wars. NIST in the United States divides information security controls into 3 categories.
(1) technology, including products and processes (e.g. firewalls, anti-virus software, intrusion detection, encryption technology).
(2) operation, mainly including strengthening mechanisms and methods, correcting operational defects, various threats caused by the operation of defects, physical access control, backup capabilities, protection from environmental threats.
(3) management, including the use of policies, staff training, business planning, information security-based non-technical areas. Information system security involves policies and regulations, education, management standards, technology, and any single level of security measures can not provide a full range of security, security issues should be considered from the perspective of systems engineering. Figure 8-1 shows the NSTISSC security model.
Information Security Impact factors
