Introduction To CyberSecurity
So how do I start? Well Welcome to a new month. In this month of August we will be looking at a very broad and important topic – Information Security also referred to as InfoSec or Cybersecurity.
By definition Information Security is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical).
From the definition you can see it covers a very wide spectrum. Our goal in this series is to avoid the technical jargon and details of cybersecurity implementation, because that is not what you need to know to make decisions. The purpose is to give you necessary guidance so that you’ll be able to understand the essential building blocks of cybersecurity – this way, you’ll be able to control your cybersecurity specialists better when they start with the implementation.
Using plain language, information security would be the following: if I come to a bank and deposit N10,000, first of all I do not want anyone else to know about this money except for the bank and myself. (This is confidentiality.)
In a few months’ time when I come to withdraw my deposit, I want the amount to be N10,000 plus any interest; I do not want the amount to be N1,000 because someone has played around with my account. (This is integrity.)
Lastly, when I want to withdraw my money I do not want the bank clerk to tell me that the bank’s systems are down and that I have to come back tomorrow. (This is availability.)
The definition of Cybersecurity is not far from information security; “Cybersecurity is to be free from danger or damage caused by disruption or fall-out of ICT or abuse of ICT. The danger or the damage due to abuse, disruption or fall-out can be comprised of a limitation of the availability and reliability of the ICT, breach of the confidentiality of information stored in ICT or damage to the integrity of that information.” (The National Cyber Security Strategy 2011, Dutch Ministry of Security and Justice)
As you have probably noticed, these two terms are quite similar.
Information Security vs. Cybersecurity
Although there is no official position about the differences between information security and cybersecurity, I like to interpret them as follows: cybersecurity is 95% of information security; the only difference between them is that information security includes security of information on non-digital media (e.g., paper), while cybersecurity focuses on information in digital form only. Today, non-digital media is a small portion of total information available, often much less than 5% of all information.
In many cases, information security and cybersecurity are used interchangeably, as synonyms; The point here is – the use of “information security” and “cybersecurity” are usually interchangeable. You can use both of these terms and you won’t miss the point. We will use them interchangeably.
The problem nowadays is there is an abundance of information about cybersecurity; you are probably bombarded with information about new firewalls, anti-virus software, frameworks, methodologies, legislation, and so on. Many companies offer services touted to be the solution to all of your cybersecurity problems. Yet, these individual solutions aren’t going to protect you completely. For instance, you cannot solve the problem of a disgruntled employee with a firewall, the same way you cannot solve the problem of a hacker just by complying with a law.
So, it’s obvious you need something more, something comprehensive. But, the challenge is where to even begin, what steps to take that will best protect your business.
This series will take you through the basics of cybersecurity, explain why safeguarding your information is of strategic importance for your organization, tell how to set the foundations of cybersecurity in an organization, which preparations are needed, and finally, how to plan your cybersecurity and have measurable results.
Call us and we mean it …Call Us! to book your 45minutes free IT Consulting package on IT related issues including Hosting Services, Software and Security Consultation