Information Security Retrieval and Awareness (ISRA) model can be used by industry to enhance information security awareness among employees. A common body of knowledge for information security that is suited to industry must be separated into technical information security issues and non-technical information security issues. Referring to the extract, describe this separation and discuss why this separation is so important. QUESTION 2 (20 Marks) Recent industry surveys show that activities focused on cybersecurity events, cyber threats and cyber incident response are among the most important and fastest growing in many organizations. Their occurrence and severity can quickly bring them to the attention of the highest levels of company management. Considering the damage an organization can sustain in the aftermath of a security breach, this trend ought to be good news for business continuity and disaster recovery professionals. Cyber threats are one of the main security threats that an organisation faces. Discuss how you would ensure business continuity in the presence of cyberthreats. QUESTION 5 Everyone in the organisation plays a part in information security governance from the driver who is responsible for delivering the products to the customers, to the data entry clerk on the shop floor, right up to the chairman on the board. Kritzinger and Smith (2008) grouped the primary responsibilities of information security into six IT authority levels. Discuss the Information Technology Authority Levels within a company. QUESTION 6 6.1. (20 Marks) 6.2. (20 Marks) The purpose of law is to constrain behaviour within a society so that needs are satisfied and harm within it is prevented. However, using laws to solve the issues created by technology is problematic because technology evolving so rapidly and laws inevitably lag behind. Discuss the problems encountered with laws for Information Technology. What are Trends in Technology that raise ethical Issues (10 marks) (10 marks)