Scribd
Upload
9 views12 pages

Cyber-Security Vs Information Security

Uploaded by

mr9342388
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
9 views12 pages

Cyber-Security Vs Information Security

Uploaded by

mr9342388
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Introduction to Cyber Security

Terminology Overview

What is cybersecurity?
What is Information Security?
Why are these terms confused so often?
How Does cybersecurity relate to information
security?
Cybersecurity vs Information Security
Cybersecurity vs Information Security:
What's the difference?
• Cybersecurity and information security are often used
interchangeably, even among some of those in the
security field.
• The two terms are not the same, however. They each
address different kinds of security, and it’s important for
any organization that’s investing in a proper security
framework to understand each term, what it means, and
the difference between the two. So, what are they, how
are they different, and why are these terms so often
confused?
What is cybersecurity?

• Cybersecurity is defined by NIST as the “ability to protect


or defend the use of cyberspace from cyber attacks.”
While there are other definitions — CISA has its own
definition as does ISO — most of them are similar.
• Put simply, cybersecurity is related to attacks from the
outside of an organization. It is the framework of
protecting and securing anything that is vulnerable to
hacks, attacks, or unauthorized access which mainly
consists of computers, devices, networks, servers, and
programs.
What is Cybersecurity?

• Cybersecurity also pertains exclusively to the protection of data


that originates in a digital form — it’s specific to digital files, which
is a key way it differs from information security. So when we talk
about cybersecurity, we are automatically discussing digital
information, systems and networks,
• Cybersecurity is all about protecting data that is found in
electronic form (such as computers, servers, networks, mobile
devices, etc.) from being compromised or attacked. Part of that is
identifying what the critical data is, where it resides, its risk
exposure, and the technology you have to implement in order to
protect it.
What is Information Security?

• We tend to think of computers and digital information when we think of


information security, but meaningful, valuable data can be stored in many forms.
• Information security primarily refers to protecting the confidentiality, integrity,
and availability of data, no matter its form. Information security can just as easily
be about protecting a filing cabinet of important documents as it is about
protecting your organization’s database.
• Information security is, broadly, the practice of securing your data, no matter its
form.
• Below is NIST’s definition of information security:
• Protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction in order to provide: Integrity,
Confidentiality, Availability,
What is Information Security?

• Information security (or “InfoSec”) is another way of saying “data


security.” So if you are an information security specialist, your concern is
for the confidentiality, integrity, and availability of your data. (This is often
referred to as the “CIA.”) Most modern business data resides
electronically on servers, desktops, laptops, or somewhere on the internet
—but a decade ago, before all confidential information migrated online, it
was sitting in a filing cabinet. And some confidential information still is!

• Info security is concerned with making sure data in any form is kept
secure and is a bit more broad than cybersecurity. So, someone could
likely be an information security expert without being a cybersecurity
expert.
Why are these terms confused so often?

• To be fair, there is some overlap between cybersecurity and


information security, and that causes some justified confusion
about the two terms.
• Most information is stored digitally on a network, computer, server
or in the cloud. Criminals can gain access to this information to
exploit its value.
• The value of the data is the biggest concern for both types of
security. In information security, the primary concern is protecting
the confidentiality, integrity, and availability of the data. In
cybersecurity, the primary concern is protecting unauthorized
electronic access to the data.
Why are these terms confused so often?

• In both circumstances, it is important to understand what


data, if accessed without authorization, is most damaging to
the organization, so a security framework can be established
with proper controls in place to prevent unauthorized access.
• Where there are dedicated resources in separate teams, it is
likely that both teams will work together to establish a data
protection framework, with the information security team
prioritizing the data to be protected and the cybersecurity
team developing the protocol for data protection.
Cybersecurity vs Information Security
(Review)
• Cybersecurity: The ability to protect or defend the use of cyberspace from cyber
attacks.
• Information Security (1): The protection of information and information systems
from unauthorized access, use, disclosure, disruption, modification, or destruction in
order to provide confidentiality, integrity, and availability.
• Information Security (2): Protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, or destruction in order
to provide — 1) integrity, 2) confidentiality, 3) availability.
• Going by these definition, cyber security is all about security of anything in cyber
realm, while information security is all about security of information regardless of the
realm. So, from these definitions, one can think that information security is super set
of cyber security.
Continued….

• Worldwide:
• We can see that search volume for term “information security” was
higher than terms cyber security historically, but presently they have
similar search volume. And search volume for term “cyber security” is
higher than term “cybersecurity”. While both terms cyber security and
cybersecurity shows positive trends.
• In United States:
• US shows similar trend as worldwide, and the reason for this is
domination of U.S. in security market.
Final Verdict?

• Cybersecurity is meant to protect attacks in cyberspace such as data,


storage sources, devices, etc. In contrast, information security is
intended to protect data from any form of threat regardless of being
analogue or digital. Cybersecurity usually deals with cybercrimes,
cyber frauds and law enforcement. On the contrary, information
security deals with unauthorized access, disclosure modification and
disruption.
• Cybersecurity is handled by professionals who are trained to deal with
advanced persistent threats (APT) specifically. Information security, on
the other hand, lays the foundation of data security and are trained to
prioritize resources first before eradicating the threats or attacks.

You might also like