Information Security vs Cyber Security

Anyone who spends time researching or reading around the subject of security, will have likely asked themselves the "Information Security vs Cyber Security" question at some point. How is it that information security and cyber security differ, and why is it that people frequently use these terms interchangeably? Perhaps the best place to start is with some definitions.

Cyber Security

As the name suggests, Cyber security refers to the practice of securing and protecting data and information across electronic networks, servers and systems. Cyber security professionals concern themselves with protecting these systems etc. from both compromise and attack.

Information Security

Whereas cyber security deals exclusively in the realm of the digital, information security is a far broader category which encompasses cyber security, whilst also concerning itself with physical information that exists in a non-digital form. In this field of infosec, professionals rely on 3 key areas: confidentiality, integrity and availability, or CIA.

• Confidentiality: secure information is only accessible to authorised individuals.
• Integrity: secure information is always accurate and complete.
• Availability: secure information is always accessible to those who use and need it.

The Evolution of Information and Cyber Security

It’s safe to say that over the last few decades there has been seismic changes within each of these fields, all of which has been fuelled by the precipitous explosion in the value of data. Whilst information and data have always had its value, the complexity involved in the securing of said information has likewise grown exponentially.

As our information has migrated towards digital systems, it’s unsurprising that these terms have experienced a good degree of interchangeability. The Venn diagram of Cyber/Information security certainly overlaps more than it differs; an intersect that is mirrored in the duties and roles of Information Security Officers and IT Security Engineers. Having said that, it certainly looks as though information security is winning (just take a search on any job site).

The value of strong information security is one that is demonstrated every day, and though there may be some that make the distinction between information and cyber security, the interchangeability of these terms seems now to be common vernacular.

The Value of Information Security

Information security is undoubtedly an invaluable field for any industry, organisation, or indeed, individual. As 2020 rapidly approaches we are increasingly beholden to the to the digital systems and networks that facilitate many areas of our personal and professional life, but also introduce risk.

It’s likely that every person reading this article has, at some point, experience some kind of attack on their information. The most common variety being in the form of phishing. As a type of social engineering, phishing emails are now regularly filtered out of our inboxes, disappeared before we even have the chance to be fooled. Though the rate at which this method works in tricking users to give up their confidential or sensitive information, is still shockingly common.