Question 1) Explain the need for a sound information security in organizations.
Question 2) How will you justify the need of introducing information security procedures, policies or awareness training to enterprises of various sizes, taking into consideration the cost involved, the industry (e.g. small banks?), the level of threat, and exposure to possible risks (whether external or insider)?
400 words