A leaked password on an old account was used by hackers to get into the system which let the employees access the company’s servers through a VPN. The system didn’t require two-factor or multi-factor authentication. After the hackers gained access, they placed the malware, got into the system, and asked for ransom.
This is a classic example of compromised information security standards (and cybersecurity) and what poor data and information security processes could lead to.
If you thought the above example was a cybersecurity incident alone but not an information security incident, then you are wrong. Don’t worry. Most people use cybersecurity and information security interchangeably. Let’s look at each of them separately and discuss their examples and their differences.
What is information security?
Information security protects the confidentiality, integrity, and availability of any data; it is also referred to as the CIA triad. The CIA triad is at the heart of information security, and it is a part of information risk management. It could also be about protecting the physical files in your filing cabinet at the office, as much as it is about not letting unauthorized users access the network.
Broadly speaking, it is the process of securing your data, regardless of the form. Codes for access to a building or passwords for login are examples of information security.
Let us look at real-life examples of information security incidents:
- In 2019, more than 1 billion pieces of user data were leaked from Alibaba’s Chinese shopping site, Taobao.
- 93% of Linkedin’s user base, numbering 700 million in June 2021, had their data for sale on the black market. The hacker scraped data using the site’s API and captured a variety of information that could have led to social engineering attacks.
Examples of information security:
- Unauthorized access: Through brute force attacks, phishing, and other methods, hackers steal confidential information.
- Theft of information that contains potentially sensitive information
- Attempts to gain unauthorized access to data or systems
- Internal theft by team members with malicious intent
- Advanced Persistent Threat (APT) where the hackers gain access to frequently monitor activity and steal data to cause damage to the network
- Malware attacks that are characterized by a sudden loss in memory space, repeated crashes, unexpected pop-up ads, slow speeds, etc
What is cybersecurity?
The National Institute of Standards and Technology (NIST) defines cybersecurity as- “ability to protect or defend the use of cyberspace from cyber attacks.” In simple terms, it takes care of external attacks targeting an organization. Cybersecurity is exclusively for protecting data present in a digital format, and that’s a key differentiator with information security.
It protects against attacks and unauthorized access to an organization’s computers, servers, programs, and devices. Some of the common cybersecurity attacks are hacking, malware, spoofing, ransomware, spamming, and denial-of-service (DOS) attacks.
Let’s look at real-life examples of what happens when cybersecurity is compromised:
Examples of cybersecurity:
- Encryption: Encrypting data in transit, storage, and use.
- Authentication: It securely identifies people and digital entities.
- Sandboxing: Running untrusted software in a virtual environment where no harm can come.
- Internal controls: It is the requirement that different people write code, review it, and launch it into production.
- Audit trail: Recording interactions with applications, systems, and databases so that malicious activity and be tracked, and its path chased.
- Vulnerability management: Tracking down the vulnerabilities to the software and hardware and applying fixes in a phased manner.
Reasons why information security is different from Cybersecurity:
Cybersecurity defends attacks from external threats. Information security protects information from unauthorized access or user, data modification or removal that affects its confidentiality, integrity, and availability.
Information security protects information in all its forms. Cybersecurity only protects data that is in the cyber realm.
Cybersecurity deals with preventing ransomware attacks, DOS attacks, hacking, etc., while the work of an information security officer is all about understanding and identifying confidential information that is critical.
Information security officers take care prioritizing resources before managing threats. Cybersecurity experts deal with Advanced Persistent Threats (APT) on a regular basis.
There are multiple similarities between cybersecurity and information security. A significant portion of the sensitive information available these days is stored on digital platforms. Therefore it is always alluring for criminals to target such data. Information security Vs cybersecurity is not something to be ignored; understanding the nuances helps businesses stay secure the right way.