Information represents one of the most important factors in the success of any enterprise today. Moreover, confidential information is becoming increasingly integrated into complex info-innovation solutions and is accordingly exposed to novel means of manipulation and theft. The legal requirements concerning information security (IS) policies in organizations are mainly based on reactive approaches that follow the standards applied in this area and are regularly updated every few years. However, a complementary approach that takes into account a fast-changing information/innovation security threats landscape and that is of proactive nature is required. Such an approach is presented in this article by linking the information security field with the field of innovation management.