Which of the following is NOT a goal of information security?

Reducing IT operational costs is not typically considered a primary goal of information security. The main objectives of information security focus on protecting and safeguarding digital information, ensuring the confidentiality, integrity, and availability of that information, as well as shielding systems from unauthorized access and attacks.

Protecting systems from unauthorized access is crucial because it is essential to prevent data breaches and maintain privacy. Controlling network traffic is also a significant goal, as it helps monitor and filter data flow to identify and prevent potential security threats. Safeguarding sensitive information is a fundamental aspect of information security, which aims to protect confidential data from unauthorized disclosure and cyber threats.

While cost reduction may be an indirect benefit of robust information security measures—due to potentially fewer incidents and less need for recovery—it is not a goal of security initiatives in themselves. The primary focus of information security is establishing a secure environment rather than directly minimizing costs.