What is communication security?
This covers two areas of information security:
- Network security
- Information transfer
Network security is internally focused and information transfer has an outward focus.
Let's look at each area in detail.
The objective is to ensure you protect information in networks and its supporting information processing facilities. All businesses have multiple information networks. Therefore list all your networks and the controls you have in place to manage and secure them. Then list how they are segregated.
The objective here is to maintain the security of information transferred within your organisation and with any external entity. Once again you need to list all the communication and information transfer activities in your organisation. You also need to check information transfer policies and procedures, agreements on information transfer, electronic messaging and confidentiality or nondisclosure agreements.