It seeks to prevent unauthorised disclosure of information, whether accidental or intentional assuring the correctness, reliability, availability, safety and security for all aspects of information and information systems.

Information Security is crucial for the economic well-being of all commercial enterprises and for national security as well as for the integrity of global economy.

Major businesses and government departments using the Internet need to ensure
that these networks and computer systems are properly and adequately secure
by protecting information assets such as customer data, financial information and
critical infrastructures.

Corporations need to ensure that their Internet, Intranet, VPN, network and database systems are safe. Government agencies, including the military and law enforcement agencies, need to secure themselves against cyber-terrorism and cybercrime, and to track down and prosecute hackers, fraud artists and terrorists.

Financial organizations and consulting firms need security specialists to ensure protection to their clients. The growing global business environment has given way to a more integrated information system and better sharing of information.

More and more organizations realise the importance of a security manager, who can help the company identify its security needs and develop policies and adapt systems that can help the company deal with the threats to its environment.

Areas of expertise within information security cover a huge range of jobs, both technical and non-technical, although they are as yet limited in India mainly due to the paucity of training programmes and trained experts. They include:
Access control systems and methodology (how people enter and leave the system)
Applications and systems development security (creating new computer programs to protect an organization)
Auditing and monitoring (collecting information for identification and response to
security breaches)
Business continuity planning (BCP) and disaster recovery planning (DRP)
(uninterrupted access to critical data systems)
Cryptography (the coding and decoding of data and messages)
Data communications (what is necessary to operate communications networks)
Law investigation and ethics (computer crime laws and regulations)
Malicious code (counter measures and prevention techniques for dealing with
viruses, worms and other forms of deviant code)
Operations security (setting identity controls; auditing and monitor the
mechanisms and tools)
Physical security (giving physical access to systems solely to those who need it)
Risk, response and recovery (processes to identify, measure and control loss)
Security architecture and models (building the security infrastructure for
a complex organization)
Security management (identification of information assets and development of policies and procedures)
Telecommunications and network security (ensure security through remote access management, network availability, firewall architecures, VPNs, Data Networking,
LAN Devices, etc.)

Getting In
If you are technically sound in IT and abreast of the technological changes then a career in IT security can certainly open up expanding career opportunities. The technical skills in this profession include good programming and analytical skills, reasonable knowledge of databases, networking and operating systems and understanding of the Operating system, IP, Routers and Switches, other networking, firewalls and content security. Security is all about problem-solving, so you need to find out how the system can be broken, then after that, what to do to protect it and buffer it so it doesn't happen again.

You should be abreast of the technological changes since new technologies would most definitely open up new avenues of threat to an IT system. Most of all it is good to keep in mind that a lot of security is about trust, and that your personal integrity and reputation are most important to your ability to function effectively, particularly in this field.

Computer graduates with a course in network administration and database administration activities like CCNA (Cisco certified network administrator), MSCNA (Microsoft certified network administrator), Solaris administrator and Oracle DBA are best suited to jobs in information security. One to two years of experience in networking and systems administration and/or database administration with some coding experience is an advantage.

There are limited courses available in India and most are product-oriented courses or specialised programmes in tie-ups with foreign players. Among the better known is the Certified Information System Security Provision (CISSP) certification, while NIIT also offers a course in Information Security Systems. Besides, there are certain specialised courses being run by companies like Cisco, Global e-Secure, Appin Online and others which help an individual trying to make a career in the security arena.

Experts predict that the next two years will see a heightened frenzy of activity in terms of training the security professionals. Although majority of the organizations that hire information security professionals are in professional services, government, telecommunications, and banking, organizations of all kind and sizes, including a growing number of smaller businesses, and agencies with huge IT systems need and are hiring information security staff. With the rise of terrorist activities, security agencies like IB, RAW, income tax, and defence organizations are also expected to witness a considerable demand for security professionals in the coming times.

Besides, there are immense opportunities in the energy/oil & gas segment, hospitals, call centres, large infrastructure projects and with large IT services and consultancies. In addition, there is scope to run an independent IT security audit service. The salary is also expected to be high, based on requirements and criticality of the job, the starting salary in this sector ranging from Rs 2-4 lakh per annum for a technical specialist.

Today there is an acute shortage of Information Security personnel. Not surprising therefore that Information Systems security is one of the hottest jobs on offer in IT. Microsoft had estimated a requirement of 2.5 million ITS Experts by 2010. According to NASSCOM, the demand for ITS Experts in India will be 10 lakh by 2010 in India. A gaping disparity prevails in the demand and supply of well-trained professionals, so if you are looking for an IT career and have a nose for ferreting out problems, a career in information security presents huge opportunities.