Introduction Over the past years, there have been increasing cases of information security threats. As the information technology professionals stay up to date with the latest technologies, they navigate through complicated playing field. There has been a newly introduced terminology that has brought a lot of confusion in the area of technology. This paper focuses on the background of information security. It also looks at the information technology threats as well as the importance of planning policies to mitigate these risks. History of Information Security The computers were initially created to facilitate the swift exchange of information from one person to another (Jouini, 2014). The initial information technology infrastructure was created around the mainframe computers while others were established around the personal computers. At first, it seemed impossible to advance these computers to the present generation computers and information technology gadgets. However, as information technology revolutionize, new avenues are opening for the possibility of crimes. Cyber criminals take advantage of these opportunities to steal the passwords of the computers and get access to the private information as well as make devastating effects on computers and networks. The nature of the use of computers has changed over the years. Various networks have been developed to enable the sharing and circulation of information and data. Regulating the access to these possessions is problematic as one need to stabilize the need for access to free information with the value of the content of the data he or she receives (Layton, 2016). Most of the information today is very sensitive while others are not. The information technology has today progressed over just the usernames and passwords. The field today encompasses digital strategies, the process of biometric identification and integrated security strategies. The Need for Security Many organizations agree that putting up the policies for information security is expensive and time-consuming. Most users also get interrupted by the substantial security policies that complicate their works and in turn develop bad politics within organizations (Omar, 2017). As such, it is essential to plan an audit policy on large networks that may consume a lot of time and money. Most users believe that there is no need to implement the security policies if there is no secret work done. Developing a poor security plan can lead to detrimental effects and even devastating disasters. A password policy which enables the users to use weak or poor passwords is the paradise for the hackers (Von Solms, 2013). The absence of firewall or protection for the proxy between the firm and the local area network is a loophole for the company to become a cybercrime target. Organizations should figure out the amount it may take them to efficiently implement the information security policies to safeguard their information as well as their ass.