The practice of protecting and securing an organization’s information and systems. This includes activities such as risk management, security planning, and incident response. Information security is used to ensure the confidentiality, integrity, and availability of an organization’s information and systems. Examples of information security practices include data encryption, access control, and security testing.