Information security refers to the securing of digital information from unauthorized access, alteration, theft, and use.
Information security is often conflated with cybersecurity. Actually, though, infosec differs slightly from cyber. While cybersecurity strives to prevent unauthorized access to information systems and networks, data security aims to protect the sensitive information those systems contain.
In other words, cybersecurity is about protecting things: computers, mobile devices, cables, routers, etc, from breaches and malware including ransomware, viruses, worms, Trojan horses and other threats to network security. Infosec protects data, especially digital information. Both entail vigilance and planning from risk management, which helps reduce the risk of breaches, to incident response, which involves minimizing damage and loss after an intrusion.
Security professionals may use a variety of cybersecurity tools including systems event and incident management (SEIM) software, intrusion detection applications, and security awareness programs that teach users of a system or network how to detect and avoid the most common cybercrime techniques. These techniques include “phishing,” in which hackers embed malware in an email that, upon being opened, installs itself and starts wreaking havoc. These tools can be used for information security, as well.
Information security management uses a variety of data protection tools such as information assurance, encryption, certificates, and two-factor authentication to protect the information in five areas:
- Confidentiality, which restricts access to and disclosure of data
- Integrity, or ensuring the accuracy and completeness of data
- Availability, or timely and reliable access to information
- Non-repudiation, which provides the ability to determine whether an individual took a particular action such as creating information, sending or receiving a message, or approving information
- Authentication, which ensures that the user is who they claim to be