Information security refers to the protection of data and information against unauthorized access, loss, or manipulation. This involves not only IT systems but also organizational and physical measures.
The goal is to ensure three key protection objectives (CIA-Triad):
Companies systematically implement information security through an ISMS (Information Security Management System) and often follow standards such as ISO 27001.