The aim of this blog is to discuss the terms of information security and cybersecurity. Even though these two terms are strongly related to each other, they are different. On the other hand, when we talk about cybersecurity we are at the same time talking about information security. Each of our digital identities like banking credentials, passwords of various services can only be protected by securing the cyber environment.
Image 1. IT- security concepts
Information security can be defined as the protection of the information which is processed in information systems. The question is how can we design and create information security policies. At that point, the CIA triad comes to help for guidance. “CIA triad” explains how to secure the information by using the concepts of confidentiality, integrity, and availability. Confidentiality is keeping the data safe from unwanted and unauthorized individuals. For example, using password and authentication systems is one particular way to provide confidentiality. “I” in the CIA triad stands for integrity. Integrity is keeping the data errorless and as it should be. Data can be changed only by a specified and intended manner by an authenticated user. It makes us sure that data is not changed or manipulated. The last concept of CIA triad is availability. It means data should be available and accessible to authenticated users when needed. There shouldn’t be a kind of denial when an authorized individual wants to access the data.
Image 2. The CIA triad
According to CISA (Cybersecurity and Information Security Agency ), cybersecurity is protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information in cyberspace. In our age, everything relies on computers and the internet now—communication (e.g., email, smartphones, tablets), entertainment (e.g., interactive video games, social media, apps ), transportation (e.g., navigation systems), shopping (e.g., online shopping, credit cards), medicine (e.g., medical equipment, medical records), and the list goes on.
Systems are protected by using appropriate hardware or software. It can be said that in today’s world it is crucial to provide cybersecurity in order to ensure the continuity of the services in different kinds of fields.