Information Security – Where should it start from?

Information Security of any Organization should start from the employees. The employees should know the seriousness of the data they handle and of course the value of it too. Many organizations has a false believe that an ISO (Information Security Officer) and a Security Team will make the organization secure, you can’t expect the Information Security Officer to make your organization 100% secure. ISO is like all other employees, he has limitations. So if you need the organization to be secure, the employees should work together for the common objective of achieving a 100% security (Although 100% security is a myth, at least the organization will be at its best to preserve the CIA of the information it handles).