Information Security:
Definitions

The terms cybersecurity, computer security, and information security are often used interchangeably.  However, each of these terms has a different connotation and popular or technical meaning as follows:

• Cybersecurity — The measures taken to protect computers (and other machines) from Internet-based attacks.
  Cybersecurity is an increasingly popular term, especially for marketing goods and services.  However, use of this term dangerously suggests that (1) the villain is solely on the Internet and that (2) protection from Internet-based attacks is sufficient.  Usually neither of these suggestions is true.
  
  
• Computer Security — The measures taken to protect computers from attacks and unauthorized access.
  The phrase computer security encompasses attacks arriving via any of a computer's input ports — such as from its keyboard, from a USB thumbdrive, from a local network or Internet connection, etc.  Thus computer security is broader than cybersecurity because it is not limited to Internet-based attacks.  Computer security logically includes disgruntled employees' entry of malware into computers as well as their unauthorized copying of confidential data from computers.
  
  
• Information Security — The measures taken to protect data from unauthorized access or modification.
  This is the broadest of the three security terms and the one most frequently used by security professionals.  Also known as infosec, the term reflects the fact that information is the important business or military product to be protected — whereas computers are the vehicles that hold and process the information.   Thus the starting point for infosec is the identification and prioritization of the data to be protected.  Information security measures then can include protections from suicide bombers, from ceiling duct intrusions, from social engineering, from dumpster diving, from DNS and DDoS attacks, from unauthorized employee actions, from applications' buffer overflows, from other Internet-based attacks, etc.
  
  
• Internet — The global system of interconnected computer networks that use the Internet Protocol Suite (TCP/IP) to link devices worldwide.^[2]
  A network of networks, the Internet consists of private, public, academic, business, military, and other government networks linked by a broad array of electronic, wireless, and optical networking technologies.  The Internet carries a vast range of information, such as inter-linked hypertext documents, World Wide Web (WWW) applications, electronic mail, telephony, and file sharing.
  
  The origins of the Internet date from research commissioned by the U.S. Department of Defense in the 1960s to build robust, fault-tolerant communication with computer networks.  The primary precursor network, the ARPANET, initially served as a backbone for interconnecting regional, academic, and military networks in the 1980s.  Added funding of the National Science Foundation Network supported a new backbone in the 1980s, as well as private funding for other commercial extensions.  This led to worldwide participation in the development of new networking technologies, and the merger of many networks.  The linking of commercial networks and enterprises by the early 1990s accellerated the transition to the modern Internet.

1. Cybersecurity and Computer Security are subsets of Information Security.
   
   
2. The Internet definition and associated text above was derived from WikipediA's large and excellent article on the Internet.
   
   
3. The deep web and the World Wide Web are subsets of the Internet.
   
   

Home Page

© 2012, 2018 by Daniel W. Hancock.  All Rights Reserved.

Next Page