Year
2016
Abstract
The technology industry has evolved since becoming a major factor in all nuclear industries. Information Security management is one of the biggest topics within information technology, that aims to protect information from unauthorized access, use, disclosure, disruption, modification, or destruction. It is a common misconception that information security management systems are built only to prevent hackers from gaining access to a computer or network. An Information Security Management System (ISMS) is meant to protect the integrity, confidentiality, and availability of information, and to ensure that all the protective measures that restrict unauthorized access to this information (barriers, access door, networks, etc.) are effective. The protection of information does not stop by ensuring that the data is safe (confidentiality, availability and integrity) though deployment of virus-protection software and the establishment of strong firewalls. Information security also needs an existing and effective physical security system. We need to protect the environment surrounding this information through physical protection to protect persons, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to any nuclear site. Employees or human factors are the ultimate source of risk; we have to consider employee beliefs, attitudes and behaviours inside and outside the workplace, to ensure that all protection systems are working as required.