In Topic 1, we learned that information security is about defending information from unwanted actions like disruption, modification, etc.
Information, however, isn't an independent entity existing by itself: it is kept or held in a physical storage device as data, transmitted through cable or wireless means, and processed by computer programs.
As such, we must provide adequate security to the following categories of assets:
The value of each asset depends on (1) the ease and cost of replacement (in case of damage/loss) and (2) how unique and personally valuable it is to the asset's owner.