Information security requires that information and information systems are protected from unauthorized access, use, disclosure, disruption, modification or destruction.

Implementing security systems ensures the availability and correct operation of a system without concern for the information stored or processed within the system.

Governments, military, corporates, financial institutions, hospitals, and private businesses create and use a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is collected, processed and stored on electronic computers and transmitted across networks to other computers.

Should confidential information about a businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is an operational requirement, and in many cases also an ethical and legal requirement.

For the individual, privacy of information is very significant, and can be based on many different interpretations.

Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution.