Abstract
Information protection and Cyber security is a demanding task for all organizations. To ensure protection and to avoid Cyber-attacks organizations need to redefine the Information Security Policy to Detoxify Cyber Crime Attacks. Cyber-attacks causes damage to reputation, brand, stakeholder dissatisfaction, business and financial losses. The paper proposes a systematic approach for Strategic Planning for Information Security using Defense in Depth (DID) Mechanism. Organizations need to implement appropriate preventive measures to protect the business operations from any such damages. The Information Security Plan should be built as an integrated one comprising of confidentiality, integrity, availability and reliability of its information assets are secured in the vulnerable cyber space around. The multi layered Defense In Depth Mechanism will help organizations in reducing an attacker's chance of having success entry into organization's network and physical perimeters if one layer of security controls fails another layer of controls will come for rescue.