InfoSec and Cyber Security

What is information and data? Information is the meaningful form of data that has context while data is the processed information that has no context. For example, computer is data. This computer has MacOS is information.

InfoSec [Information Security] is protecting data from unauthorized access. Cyber security is the part of InfoSec. What is the difference between Cyber security and InfoSec? Every domain has information thus need InfoSec but security of information or data on machines is Cyber security.

There are three types of InfoSec Threats:
1: Threat is a constant danger to an asset. Example: Wi-Fi, Employee’s laptop, Website, etc.
2: It can be a person, an object or an event. Example: Employee disclosing critical information, etc.
3: Threats can be categorized and ranked. Example: System attacks, etc.

Types of InfoSec threats:
1: Inadvertent threat [Human Failure].
2: Physical threat [Natural disasters].
3: Technical failure [Hardware/ Software].
4: Deliberate acts [Hacking/ Espionage].

Information Security does not deal with:
1. Cyber warfare [Govt web hacks, DDOS, etc.].
2. Information warfare [intel].
3. Negative impact of people on internet [sexual abuse, cyber stalking, etc.].
4. IoT security.
Cyber Security deals with it.

What is the role of Cyber Security?
1. Protection of Cyber Space against Cyber Threats and Cyber Space vulnerabilities.
2. Protection from any threats to Information via Cyber Space.
3. Deal with Deliberate acts.
4. Doesn’t deal with physical and personal security.
5. Threats via Cyber Space, not threats for Cyber Space.

Objective of Cyber Security:
1. Confidentiality : Preventing disclosure of information to unauthorized parties.
2. Integrity : Completeness and accuracy of data.
3. Availability : It is the assertion that a computer system is available or accessible by an authorized user whenever it is needed.
4. Non-repudiation: Statement’s author cannot successfully dispute its authorship or the validity of an associated contract.
5. Authenticity : It involves a proof of identity.

Thus there is a huge difference between Information Security and Cyber Security. Information Security contains Cyber Security along with providing security to all the critical information of an organisation or a company.