Information Security

Refers to the protection of information and data assets from unauthorized access, use, disclosure, alteration, or destruction

Security measures, policies, procedures, and controls

All forms of information

Information protection focused: e.g. encryption and least privilege access controls

What about the system itself, that can store, process or transmit information (data)? 🤔

Information Systems Security

Refers to the protection of computer systems and the associated infrastructure that store, process, transmit, and manage information

Protect Computer Systems and Infrastructure Measures, Policies, Procedures, and Controls Computer Hardware, Software, Networks and Databases

System and network infrastructure focused.

Examples: deployment of firewalls, intrusion detection systems, and antivirus software to protect a company’s network infrastructure and systems from external threats.

“Amateurs hack systems, professionals hack people.” - Bruce Schneier

Beyond blinky light network appliances, what about the human firewall? 🤔

Information Assurance

Encompasses both Information Security and Information System Security

Beyond Technical Controls: integrating People, Processes, and Technology

This broader, newer concept, emphasizes a more holistic approach of ensuring confidentiality, integrity, availability, and non-repudiation of information

A comprehensive program is needed that includes security policies, regular risk assessments, security awareness training, incident response planning, and ongoing monitoring.

Can we get a cooler name please? 😎

Cybersecurity

Focuses on protecting computer systems, networks, and digital information from cyber threats, which include unauthorized access, cyber-attacks, data breaches, and other malicious activities conducted through digital means.

Involves a combination of technical, operational, and managerial measures to identify, protect, detect, respond to, and recover from cyber incidents.

The new term for Information Security

Focuses on modern threats and modern technologies.

Involves a combination of technical, operational, and managerial measures to identify, protect, respond to, and recover from cyber incidents.

Some examples include multi-factor authentication, conducting regular vulnerability assessments, and establishing incident response plans.

Confidentiality

Refers to the protection of sensitive information from unauthorized access or disclosure by ensuring that only authorized individuals or entities can access and view confidential data

Protect sensitive information

Mitigate the risk of data breaches and unauthorized disclosures

Maintain trust

Meet compliance requirements associated with various privacy regulations

Integrity

Ensures that data remains accurate, consistent, and unaltered throughout its lifecycle by protecting it against unauthorized modification, deletion, or corruption

Ensure data remains unaltered

Protect from fraud or worse

Availability

Refers to the accessibility and usability of digital assets and services when needed

Ensure resources are available

There’s little tolerance for downtime from internal and external customers

Non-repudiation

The assurance that the originator of a digital communication or transaction cannot deny their involvement or the authenticity of the data being exchanged

Prevent denial of involvement

Deep fakes

Audit trail

Authentication

Verifies the identity of individuals or entities attempting to access digital systems or resources

Verify user identities

Social engineering

Unauthorized access

Cybersecurity Incident

Any unauthorized or malicious event that compromises the confidentiality, integrity, or availability of an organization’s digital assets, systems, or networks.

2022 average cost of a data breach: $4.2 million

Risk

The potential for loss, damage, or harm resulting from the occurrence of threats exploiting vulnerabilities in digital systems or assets

If there is no threat to exploit a vulnerability, or there is no vulnerability for the threat actor to exploit, then there cannot be a risk, negative consequence, or cybersecurity incident

Threat

Any potential source or actor that has the capability to exploit a vulnerability, weakness, or flaw that causes harm to an organization’s digital systems, networks, or data

Cybercriminals want to steal your money, identity and critical data

Hurricanes causing power outages can render your network and systems unusable

Vulnerability

A weakness or flaw in a system, network, or software that a threat actor can exploit to compromise the security and integrity of digital assets

It might not be practical for a hospital to immediately pull the plug on an end-of-life version of Microsoft Windows on its file servers. They need your help to make a road map that reduces their cyber risk over time