Information Security vs Cyber Security

Anyone who spends time researching or reading around the subject of security, will have likely asked themselves the "Information Security vs Cyber Security" question at some point. How is it that information security and cyber security differ, and why is it that people frequently use these terms interchangeably? Perhaps the best place to start is with some definitions.

Cyber Security

As the name suggests, Cyber security refers to the practice of securing and protecting data and information across electronic networks, servers and systems. Cyber security professionals concern themselves with protecting these systems etc. from both compromise and attack.

Information Security

Whereas cyber security deals exclusively in the realm of the digital, information security is a far broader category which encompasses cyber security, whilst also concerning itself with physical information that exists in a non-digital form. In this field of infosec, professionals rely on 3 key areas: confidentiality, integrity and availability, or CIA.

  • Confidentiality: secure information is only accessible to authorised individuals.
  • Integrity: secure information is always accurate and complete.
  • Availability: secure information is always accessible to those who use and need it.

The Evolution of Information and Cyber Security

It’s safe to say that over the last few decades there has been seismic changes within each of these fields, all of which has been fuelled by the precipitous explosion in the value of data. Whilst information and data have always had its value, the complexity involved in the securing of said information has likewise grown exponentially.

As our information has migrated towards digital systems, it’s unsurprising that these terms have experienced a good degree of interchangeability. The Venn diagram of Cyber/Information security certainly overlaps more than it differs; an intersect that is mirrored in the duties and roles of Information Security Officers and IT Security Engineers. Having said that, it certainly looks as though information security is winning (just take a search on any job site).

The value of strong information security is one that is demonstrated every day, and though there may be some that make the distinction between information and cyber security, the interchangeability of these terms seems now to be common vernacular.

The Value of Information Security

Information security is undoubtedly an invaluable field for any industry, organisation, or indeed, individual. As 2020 rapidly approaches we are increasingly beholden to the to the digital systems and networks that facilitate many areas of our personal and professional life, but also introduce risk.

It’s likely that every person reading this article has, at some point, experience some kind of attack on their information. The most common variety being in the form of phishing. As a type of social engineering, phishing emails are now regularly filtered out of our inboxes, disappeared before we even have the chance to be fooled. Though the rate at which this method works in tricking users to give up their confidential or sensitive information, is still shockingly common.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.


The Cost of a Security Breach

The Cost of Poor Information Security

Facebook ICO fine and the cost of poor information security. Blog from information security awareness training provider Hut Six Security.

Cyber Security Awareness Month

Cyber Security Awareness Month: Once a year, all year.

Cyber security Awareness month creates a problem in focus for companies. Blog from information security awareness training provider Hut Six Security.

Branching Scenarios - Hut Six Product Update

New from Hut Six: Scenario-based branching Tutorials

Cybersecurity training modules that give the user the ability to test their skills. Blog from information security awareness training provider Hut Six.

Social engineering threats to small organisations

Micro-businesses are underestimating social engineering

Are micro businesses underestimating social engineering? Blog from information security awareness training provider Hut Six Security.

GDPR Explained

General Data Protection Regulation

What does General Data Protection Regulation mean for my business? GDPR Blog from information security awareness training provider Hut Six Security.

UK Government Funding for Cyber Security

UK Government - a failure of attention and funding in Cybersecurity?

Blog covering the NHS ransomware attack on the NHS Lanarkshire trust. Blog from information security awareness training provider Hut Six Security.

Speak to us about your Cyber Awareness