Lets start with, what is Network security? Network security means the protection of the information and systems and the hardware In addition to that it also need to ensure the confidentiality, integrity and availability of the data or resources. And talking about the threats which is rapid increase in the network parts. In 2001, the National infrastructure  Protection Center at the FBI released a document summarizing Ten Most Critical Internet Security Vulnerabilities. sans Tops 25 software errors(https://www.sans.org/top25-software-errors) These is the important vulnerabilities which can be common in many other companies to to patch up their hole in the system.

                                                        Sophistication of Threats

Information Security Models

In the more details of the respective subject that is information states can be in the processing, storage or transmission. And the security properties are confidentiality, integrity and availability. The security measures are the policy and procedures, technology and education, training and awareness.

CIA where confidentiality means to prevent the disclosure of sensitive information from unauthorized people and process. And the integrity means the prevention of system information from being modified. Availability means to make available of the data and system to the authorized users when needed. It was the information security properties. Now the information can in the following states like in the storage which means the data is in the rest condition. It can be located in a database or stores in local drive. network shared drive or in cloud storage. Example can be a USB key or external drive if they are not being processed. Now talking about the information in processing state, the data is in use. example can be creating a new document or processing a payment. Similarly the data in transmission is when information is transferred from one network node to another when sending email or retrieving a web page.

And different security measures can be used to be aware of information security that is policy and procedures, through technology, education, training and awareness.