Cyber Security and Information Security are so closely linked to each other that sometimes they are refer to as synonyms of each other. So it is very important to understand the difference between cyber security and information security because it creates a lot of confusion among security professionals.
So let’s start with the data security. So now another question would come up to your mind “What is the difference between data and information?“. Answer is very simple, every data cannot be an information or we can say that information is a subset of data but data cannot be a subset of information.
For example: ‘15081947’ is data, but if we tell you that it’s a date of India’s independence then, it is an information. So information is the processed form of data or data which has some meaning.
Information Security
Data security in other words is “Information Security”. If you are an information security expert or specialist then you have to ensure that digital and physical data is protected from unauthorized access, disclosure, use, modification, and destruction. In Information Security you are generally concerned with CIA – Confidentiality, Integrity, and Availability of information that is all about protecting the information.
- Confidentiality – prevents unauthorized disclosure of information
- Integrity – protects information from being modified by unauthorized individuals
- Availability – ensures the information is readily available for authorized users
Although, most of the data is now stored electronically but a decade ago, all the confidential information was residing inside the manual filing cabinet and some part of it still is. Information security is to make sure the data is kept secure in any form whether it’s physical or electronic.
Our next article is on “Information Security Awareness” where you can have detailed knowledge about Information Security.
Cyber Security
Cyber Security , a subset of Information Security, is all about protecting electronic format data. Cyber Security is to identify what the critical/important data is, where it resides, and what technologies to implement in order to protect the critical/important data.
In other words, it is the collection of tools, policies, procedures, security concepts, safeguards, guidelines, risk management approaches, root cause analysis, corrective and preventive actions, training, best practices, and latest technologies to defending your organization’s computers, networks, and data from unauthorized access, damage, or attack.
Conclusion
Whether it’s Cyber Security or Information Security, they both consider value of data.
In Information security, your main concern is to protect your company’s data from unauthorized access of any sort while, in Cyber Security your main concern is to protect data from unauthorized electronic access.
