“Is there a difference between cybersecurity and information security?”
This is not only a pertinent question within the tech community, but it is also vital when considering growing the cyber capabilities of a company with roles like information security analysts or cyber security analysts.
Most see Cyber Security as a subset of Information Security, but there's more to the story. The distinction is very important as each field matures and evolves.
What is Information Security?
Information security is another way of saying “data security.” For a more technical definition, NISTdefines information security as “[the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.”
Nowadays, a lot of business data is electronically stored on computer systems and in the cloud, but previously it was kept in physical filing cabinets.
Even though this has changed, some confidential and sensitive information is still kept in that manner. Information security focuses on ensuring that all data, in any format, is kept safe and secure.
The CIA Triad
If you are an information security specialist, your primary concern is for the confidentiality, integrity, and availability of your data (this is often referred to as the “CIA or CIA Triad”). These crucial concepts are at the heart of successful information protection.
Confidentiality - The act of protecting data from being observed by any unauthorized persons. An example of protecting confidentiality would be the act of preventing passwords from being stolen or the theft of an employee’s computer.
Integrity - The act of maintaining and assuring the accuracy and completeness of data over its entire lifecycle(1). Essentially, this means that data cannot and should not be modified by any unauthorized persons. A breach of integrity would include something like the implementation of malware hidden in another program. See Solarwinds as an example of a breach of integrity.
Availability - The act of maintaining the ability to access and use data when needed. If there is an attack that brings down your network, whether temporary or locked out, then that is a failure of availability. See the Colonial Pipeline attack as a good example.
Thus, the role of an Information Security Analyst (or "Info Sec Analyst") vs a Cybersecurity Analyst is that the Info Sec Analyst manages large and small computer systems with the goal of securing any data form against computer-related crimes.
Their duties encompass a broad spectrum, from monitoring network activity to analyzing potential security risks and vulnerabilities
What is Cybersecurity?
Cybersecurity is a practice of safeguarding digital information stored on electronic systems, including computers, servers, networks, and mobile devices, from unauthorized access and malicious threats.
It involves recognizing what data is significant, where it is located, the potential risks, and the methods and tools necessary to protect it from certain risk vectors.
Where the Info Sec Analyst mentioned above manages digital information broadly, Cybersecurity Analysts specifically protect digital data from online threats.
They play a pivotal role in identifying significant data, understanding potential risks, and employing tools and methods to shield it from cyber threats. Their focus is narrower yet highly specialized, dealing with the complexities of digital data security.
