Nowadays, organizations are concerned about information security. But, what is information security? Some define it as policies and compliance. Others say it keeps the network and sensitive assets in check. And many say that it’s a barrier. Most organizations fail to implement information security as they don’t understand the subject and does not question conventional thoughts about the subject, and listen to every piece of advice that vendors, auditors, and other outsiders throw at them. Read more at: http://it.toolbox.com/blogs/itmanagement/the-essence-of-information-security-and-why-many-people-often-miss-the-boat-74330