The human beings are stepping into the information society. The information industry develops increasingly, so do the hackers, trick-playing teens, exploring children, fraudsters, and serious white-collar criminals. Thus, information security becomes an impending important issue.人类正在步入信息社会。信息产业日益发展，黑客、玩把戏的青少年、探索儿童、骗子和严重的白领罪犯也在发展。因此，信息安全成为一个迫在眉睫的重要问题。
In case of information breach, the victims — a government department, an organization or an institution, or a company, will inevitably suffer great or small loss. Government may be threatened with national security. Companies may lose opportunities to develop new projects. And the public’s and users? confidence will be damaged.在信息泄露的情况下，受害者——一个政府部门、一个组织、一个机构或一家公司——将不可避免地遭受巨大或微小的损失。政府可能受到国家安全的威胁。公司可能会失去开发新项目的机会。公众和用户呢？信心将会受损。
Then how to deal with this issue? Technology is only a partial solution to information security. What’s more important is that organizations and companies should promote the awareness on information security to its staff. However, since no system can ever be 100 percent secure, a prevention-only approach to information security management is not enough. Companies and organizations should adopt a dual approach to information security management by combining prevention and detection techniques.那么如何处理这个问题呢？技术只是信息安全的部分解决方案。更重要的是，组织和公司应该向员工宣传信息安全意识。然而，由于任何系统都不可能是100%安全的，因此仅采用预防的方法进行信息安全管理是不够的。公司和组织应结合预防和检测技术，采取双重方法进行信息安全管理。