Since this is cybersecurity blog, I think it's good that we discuss some most common terms and focus on their definitions and meanings. Let's start with two big ones: Information Security and Cybersecurity.
These two are often used interchangeably and they certainly overlap on many occasions. Still there is a reason why The National Institute of Standards and Technology (NIST) recognize these two as separate career areas. I'll firstly focus to Information Security and cover Cybersecurity in similar upcoming post.
”InfoSec, is the practice of protecting information by mitigating information risks. It encompasses strategies, policies, technologies, and practices designed to ensure the confidentiality, integrity, and availability of information.”
What Is Information Security?
According to NIST, infosec’s core function is to safeguard information and information systems against unauthorized access and use. Unauthorized use as NIST defines it can include destroying, modifying or disclosing data, as well as disrupting the functioning of an information system.
The field aims to provide confidentiality, integrity and availability—three guiding principles that form a model commonly referred to as the CIA triad among industry professionals. [source]
In one sense, information security dates back to when humans began keeping secrets; in the early days, physical files and documents were kept under literal lock and key. Once the business world began using computers, network security became essential to protect the electronic network infrastructure of these vital systems and after the breakthrough of internet we started to talk about cybersecurity. [source]
Difference between Information Security and Cybersecurity
The primary focus of both cybersecurity and information security is protecting sensitive information. However, each field has its own clearly defined scope of concern and practice.
Information security protects a variety of types of information. This includes digital data, physical records, and intellectual property (IP). Cybersecurity is a subfield of information security that protects computer systems and networks from cyberattacks.
While cybersecurity covers all internet-connected devices, systems, and technologies, information security also includes offline information. [source]
Back
Viltzu
OSINT and Cybersecurity enthusiast with thirst for learning more.
|
|
|