INFORMATION & CYBER SECURITY
Information Security vs. Cyber Security
First of all, we need to understand a commonly misinterpreted phenomenon, though simple yet very complex for beginners to grasp; commonly using Information and Cyber Security as synonyms of each other as both are associated with the security of information and computer systems. While the definition and understanding of both the terms differs a lot and should not be interchanged. In nutshell, Cyber Security deals with the defending of digital data in cyberspace, whereas, Information Security means protecting the data in cyberspace and beyond (all kinds) in general including its physical security, therefore, we will frequently be using the two different terms separately as “Information Security” and “Cyber Security”.
Foundational Information Security Principles
Information and Cyber Security is rapidly shaping itself into a fast-growing industry being among the most in-demand skill sets but with a huge skills gap. This field broadly addresses following three principles; commonly known as CIA Triad: -
Confidentiality
It means to prevent the disclosure of information to unauthorized individuals or systems.
Integrity
It means to prevent any modification/ deletion/ destruction of information in an unauthorized manner.
Availability
It means to assure that the systems responsible for delivering, storing and processing information are accessible when needed and by those who need them.
Information Security Subdivisions
1. Risk Assessment and Treatment
Risk assessment and Treatment is a process of identifying, prioritizing and managing the security risk for the organization. Risks can be treated with different ways like applying controls, transfer risk, avoid risk and accepting the risk which cannot be avoided, reduced, transferred.
2. Incident Management
Incident is a violation, or threat of a violation which can cause potential damage to confidentiality, integrity and availability of an information system or the data being processed, stored or transmitted. Incident Management is a process to ensure CIA triad through identifying incidents, protecting assets, responding and if require, restoring services.
3. Application Security
The software applications are the critical digital assets which need to be protected against attacks. Application security consists of measures taken to improve the security posture of an application by finding, fixing and preventing security vulnerabilities.
4. Information Security Management System (ISMS)
ISMS is a framework which ensures confidentiality, integrity and availability of organizational assets (people, electronics, software and privacy etc.) from threats and vulnerabilities. This is ensured using a systematic risk approach to establish, implement, monitor, review, maintain and improve the information security at organizational level.
5. Data Privacy
Data can be anything like personal health information, personal identifiable information, financial data etc. Data Privacy pertains to respecting the choice of individuals related to sharing their own information. It is very important to exercise extreme care while collecting, accessing, storing, processing or sharing such information. Major challenge is maintaining the data privacy when data is in use and needs continuous reassessment and compliance assurance with data privacy and security regulations.
6. Business Continuity
Business Continuity is defined as the processes and procedures an organization puts in place to ensure that business critical functions can continue during and after a disaster (unpredictable events such as natural disasters, fires, disease outbreaks, cyber attacks, other external threats )and re-establish full functionality of the organization as quickly and smoothly as possible.
Cyber Security Subdivisions
Critical Infrastructure Security
Critical infrastructure describes the physical & cyber systems and assets that are so vital that their incapacity or destruction would have a debilitating impact on physical or economic security or public health or safety.
Application Security
Application security is the process of developing, adding, and testing security features within applications to prevent security vulnerabilities against threats such as unauthorized access, modification and destruction.
Network Security
Network Security encompasses hardware and software solutions inclusive of processes, rules and configurations relating to network use, accessibility and threat protection. It involves access control, virus and antivirus software, application security, network analytics, network types -related security, firewalls, VPN encryption etc. and protect your network and data from breaches, intrusions and other threats.
Cloud Security
Cloud security is the protection of data stored online via cloud computing platforms from theft, leakage, unauthorized modification and deletion. Methods of providing cloud security include firewalls, penetration testing, obfuscation, tokenization, virtual private networks (VPN), and avoiding public internet connections.
Internet of Things (IoT) Security
The term IoT is incredibly broad, and with the technology continuing to evolve, the term has only become broader. IoT security is the technology segment focused on safeguarding connected devices and networks in the internet of things (IoT). Since, IoT field is so broad, IoT security is even broader resulting in a variety of methodologies falling under the umbrella of IoT security. Application program interface (API) security, public key infrastructure (PKI) authentication and network security are just a few of the methods used to combat the growing threat of cybercrime and cyberterrorism rooted in vulnerable IoT devices.