Malware, intrusion and natural disasters are constantly threatening information systems. Information system security is critical for business continuity and competitiveness. However the IT manager faces numerous challenges when it comes to security. Discuss the popular security challenges that an organisation should consider when establishing a security policy.