What is Information Security? | ITEnterpriser<\/title>\n<meta name=\"description\" content=\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Information Security? | ITEnterpriser\" \/>\n<meta property=\"og:description\" content=\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\" \/>\n<meta property=\"og:site_name\" content=\"ITEnterpriser\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-15T09:11:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"696\" \/>\n\t<meta property=\"og:image:height\" content=\"460\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Dave McKay\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TheGurkha\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dave McKay\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\",\"url\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\",\"name\":\"What is Information Security? | ITEnterpriser\",\"isPartOf\":{\"@id\":\"https:\/\/itenterpriser.com\/#website\"},\"datePublished\":\"2021-01-15T09:11:26+00:00\",\"dateModified\":\"2021-01-15T09:11:26+00:00\",\"author\":{\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e\"},\"description\":\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\",\"breadcrumb\":{\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itenterpriser.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is Information Security?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itenterpriser.com\/#website\",\"url\":\"https:\/\/itenterpriser.com\/\",\"name\":\"ITEnterpriser\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itenterpriser.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e\",\"name\":\"Dave McKay\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png\",\"contentUrl\":\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png\",\"caption\":\"Dave McKay\"},\"description\":\"Dave McKay first used computers in the industry when punched paper tape was in vogue and he has been programming ever since. His use of computers pre-dates the birth of the PC and the public release of Unix. He has programmed in everything from 6502 assembly to Lisp, and from Forth to C#. Don't let his six years at two different Universities fool you. He isn't a theoretical academic sheltered from the stark realities of the modern digital world. He has over 30 years of front-line experience working with IT in demanding business and industrial settings. His first IT technology article was published in Personal Computer World in 1985. Dave has worked as a freelance programmer, manager of an international software development team, and an IT services project manager. Latterly he was the Data Protection Officer for a managed services provider, responsible for the data protection and regulatory compliance of businesses ranging in size from tens of users up to multiple thousands of users. He is now a technology journalist and independent Data Protection and Compliance consultant. Dave is a Linux evangelist, an open-source advocate, and an inveterate tinkerer.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/davemckay\/\",\"https:\/\/twitter.com\/@TheGurkha\"],\"url\":\"https:\/\/itenterpriser.com\/author\/dave-mckay\/\"}]}<\/script>\n","yoast_head_json":{"title":"What is Information Security? | ITEnterpriser","description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","og_locale":"en_US","og_type":"article","og_title":"What is Information Security? | ITEnterpriser","og_description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","og_url":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","og_site_name":"ITEnterpriser","article_published_time":"2021-01-15T09:11:26+00:00","og_image":[{"width":696,"height":460,"url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png","type":"image\/png"}],"author":"Dave McKay","twitter_card":"summary_large_image","twitter_creator":"@TheGurkha","twitter_misc":{"Written by":"Dave McKay","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","url":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","name":"What is Information Security? | ITEnterpriser","isPartOf":{"@id":"https:\/\/itenterpriser.com\/#website"},"datePublished":"2021-01-15T09:11:26+00:00","dateModified":"2021-01-15T09:11:26+00:00","author":{"@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e"},"description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","breadcrumb":{"@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itenterpriser.com\/"},{"@type":"ListItem","position":2,"name":"What is Information Security?"}]},{"@type":"WebSite","@id":"https:\/\/itenterpriser.com\/#website","url":"https:\/\/itenterpriser.com\/","name":"ITEnterpriser","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itenterpriser.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e","name":"Dave McKay","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/image\/","url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png","contentUrl":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png","caption":"Dave McKay"},"description":"Dave McKay first used computers in the industry when punched paper tape was in vogue and he has been programming ever since. His use of computers pre-dates the birth of the PC and the public release of Unix. He has programmed in everything from 6502 assembly to Lisp, and from Forth to C#. Don't let his six years at two different Universities fool you. He isn't a theoretical academic sheltered from the stark realities of the modern digital world. He has over 30 years of front-line experience working with IT in demanding business and industrial settings. His first IT technology article was published in Personal Computer World in 1985. Dave has worked as a freelance programmer, manager of an international software development team, and an IT services project manager. Latterly he was the Data Protection Officer for a managed services provider, responsible for the data protection and regulatory compliance of businesses ranging in size from tens of users up to multiple thousands of users. He is now a technology journalist and independent Data Protection and Compliance consultant. Dave is a Linux evangelist, an open-source advocate, and an inveterate tinkerer.","sameAs":["https:\/\/www.linkedin.com\/in\/davemckay\/","https:\/\/twitter.com\/@TheGurkha"],"url":"https:\/\/itenterpriser.com\/author\/dave-mckay\/"}]}},"jetpack_featured_media_url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png","_links":{"self":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647"}],"collection":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/comments?post=3647"}],"version-history":[{"count":5,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647\/revisions"}],"predecessor-version":[{"id":3977,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647\/revisions\/3977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/media\/3658"}],"wp:attachment":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/media?parent=3647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/categories?post=3647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/tags?post=3647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

Deprecated: Creation of dynamic property InsertHeadersAndFooters::$plugin is deprecated in /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php on line 41

Deprecated: Creation of dynamic property InsertHeadersAndFooters::$body_open_supported is deprecated in /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php on line 48

Deprecated: Creation of dynamic property WP_Rocket\Engine\Preload\SitemapPreloadSubscriber::$options is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-rocket/inc/Engine/Preload/SitemapPreloadSubscriber.php on line 26

Deprecated: Creation of dynamic property WP_Rocket\Engine\Preload\SitemapPreloadSubscriber::$sitemap_preload is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-rocket/inc/Engine/Preload/SitemapPreloadSubscriber.php on line 27

Deprecated: Automatic conversion of false to array is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-rocket/inc/3rd-party/plugins/seo/yoast-seo.php on line 10

Deprecated: Constant FILTER_SANITIZE_STRING is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-smushit/core/modules/helpers/class-parser.php on line 229

Deprecated: Constant FILTER_SANITIZE_STRING is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-smushit/core/modules/helpers/class-parser.php on line 234

Deprecated: Creation of dynamic property Smush\Core\Modules::$webp is deprecated in /home2/itenterp/public_html/wp-content/plugins/wp-smushit/core/class-modules.php on line 95

Deprecated: Creation of dynamic property Advanced_Editor_Tools::$toolbar_classic_block is deprecated in /home2/itenterp/public_html/wp-content/plugins/tinymce-advanced/tinymce-advanced.php on line 347

Deprecated: Creation of dynamic property Advanced_Editor_Tools::$toolbar_block is deprecated in /home2/itenterp/public_html/wp-content/plugins/tinymce-advanced/tinymce-advanced.php on line 349

Deprecated: Creation of dynamic property Advanced_Editor_Tools::$toolbar_block_side is deprecated in /home2/itenterp/public_html/wp-content/plugins/tinymce-advanced/tinymce-advanced.php on line 350

Deprecated: Creation of dynamic property Advanced_Editor_Tools::$panels_block is deprecated in /home2/itenterp/public_html/wp-content/plugins/tinymce-advanced/tinymce-advanced.php on line 351

Deprecated: Creation of dynamic property Advanced_Editor_Tools::$used_block_buttons is deprecated in /home2/itenterp/public_html/wp-content/plugins/tinymce-advanced/tinymce-advanced.php on line 354

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831

Warning: Cannot modify header information - headers already sent by (output started at /home2/itenterp/public_html/wp-content/plugins/insert-headers-and-footers/ihaf.php:41) in /home2/itenterp/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1831
{"id":3647,"date":"2021-01-15T18:11:26","date_gmt":"2021-01-15T09:11:26","guid":{"rendered":"https:\/\/itenterpriser.com\/?p=3647"},"modified":"2021-01-15T18:11:26","modified_gmt":"2021-01-15T09:11:26","slug":"what-is-information-security","status":"publish","type":"post","link":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","title":{"rendered":"What is Information Security?"},"content":{"rendered":"

Information security and cyber security are terms that get used interchangeably, but are they really the same thing? We explain the subtle differences between these two closely allied and yet different disciplines.<\/p>\n

Same But Different?<\/h2>\n
Cyber security<\/a> is the name for the suite of behaviors, controls, and technologies that make up an organization\u2019s response to the risk of a cyberattack. Cyber security protects data, hardware, users, and the organization itself from all types of cyberthreats.<\/p>\n
Related: 32 Cyber Security Terms Everyone Should Know<\/a><\/strong><\/p>\n
Information security\u2014infosec<\/em>\u2014is concerned with protecting information. That includes unauthorized access or destruction, but it also includes the unlawful use of the information, and its unauthorized disclosure, disruption or modification. And notably, the information need not be stored digitally: information security also includes physical records.<\/p>\n
So cyber security is about protecting all of your IT and cyber-based assets and activities, whereas information security is solely concerned with information. Infosec safeguards the information and ensure that it is gathered, processed, and transmitted lawfully.<\/p>\n
Some of your infosec objectives will be satisfied by virtue of your general cyber security efforts, but other infosec objectives are governance measures or physical controls that you must implement, maintain, and run to satisfy the organization\u2019s needs as well as any applicable data protection legislation.<\/p>\n
Also, information is not the same as data. Not all data is information. Data is raw values. Only when the raw data is interpreted and infused with meaning does it become information. But we\u2019re not going to go down this philosophical rabbit hole. The information we\u2019re discussing is private knowledge about topics such as your organization, products, staff, or business relationships whether it is stored in a digital or physical medium.<\/p>\n

The Objectives of Information Security<\/h2>\nPersonally identifiable information (PII) in particular must be adequately protected, and information such as medical information or information relating to children should be considered special category or sensitive information. Your local data protection legislation such as the\u00a0 General Data Protection Regulation<\/a>\u00a0or the\u00a0 California Consumer Privacy Act<\/a>\u00a0will list which categories of information are classed as special category data.<\/p>\n
Your infosec activities should be designed to ensure the integrity, confidentiality, and availability of the information.<\/p>\n
\n
Confidentiality<\/strong>: Controlling who has access to the information and how they may share or otherwise disclose the information will preserve the confidentiality of PII and other sensitive business information.<\/li>\n
Integrity<\/strong>: You must safeguard and protect the information so that unauthorized modification or destruction of the information is not possible. This preserves the quality and authenticity of the information.<\/li>\n
Availability<\/strong>: The information must be available to those who have authorization to access and use it. Unavailability can be a noncompliance under certain data protection legislations, such as GDPR.<\/li>\n<\/ul>\n
These three principles gave rise to the well known three-letter acronym\u00a0CIA<\/em>. In addition to these, information security incorporates the principle of non-repudiation.<\/p>\n
\n
Non-Repudiation<\/strong>: Repudiation is when someone denies receiving some information that was transmitted to them, or the sender denies sending the information, or there is a suspicion that the information was altered in transit. Cryptography can help here, if digital signatures and private keys are used. The data cannot be altered in transit because of the encryption. The digital signatures prove who sent the information. Message tracking and delivery verification can prove that the information was delivered.<\/li>\n
Authenticity<\/strong>: This requires that users are robustly identified and that it can be verified that the information received has genuinely come from a trusted sender. The digital signature is usually produced by creating a hash value of the sender\u2019s private<\/em> key and the message content. The recipient can decrypt the message with the sender\u2019s public<\/em>\u00a0key which generates another hash value. If the message is hashed once more and the two new hashes match, the transmission can be considered authentic.<\/li>\n
Accountability<\/strong>: Accountability means having the ability to audit the actions of individuals and to trace the individual who performed an action. It also requires a change request procedure for changes that are not able to be made by the average user and are managed on their behalf by an authorized team or department.<\/li>\n<\/ul>\n
Information Security Governance<\/h2>\n
Within your IT governance framework of policies and procedures, you will have an overall IT Security Policy. Depending on the size of your organization, the needs of your organization, and the demands of local legislation you may have appointed a Chief Information Security Officer<\/a>\u00a0(CISO) or a\u00a0 Data Protection Officer<\/a>\u00a0(DPO). These roles are not entirely equivalent. Briefly, a CISO is concerned with security and confidential data, and a DPO is focused on privacy and personal data.<\/p>\n
A CISO and a DPO are not directly equivalent roles. A DPO can request\u2014straight to the highest level of management\u2014that, for example, penetration testing takes place or that another security measure be implemented. A CISO can generally make it happen.<\/p>\n
If you don\u2019t have a CISO then someone else must take responsibility for infosec. This isn\u2019t something that can be tossed at IT just because it looks like a networking and security thing. Infosec isn\u2019t IT, although IT is involved\u2014just as infosec isn\u2019t cyber security but cyber security is involved. When you allocate these roles beware of conflicts of interest. In fact, Article 38, Clause 6<\/a> of the GDPR forbids a DPO from having other tasks and duties that may result in a conflict of interests. So they can’t be your head of IT.<\/p>\n
Whoever holds the post of CISO or DPO must have input to your governance framework to ensure that the particular needs of infosec are met, as well as satisfying relevant data protection legislation. Your governance has to have provisions to ensure the integrity, confidentiality, and availability of your information, and<\/em> that you are street legal. That means the information must be collected, stored, processed, transmitted, and deleted in accordance with data protection legislation or any other standards that you have adopted, and that any rights the data subjects have regarding their data are upheld by your organization.<\/p>\n
Your general security governance should call for the following measures:<\/p>\n
\n
Technical<\/strong>: Technical measures include all hardware and software that protects data. Firewalls, encryption, intruder detection systems, and end-point protection suites are technical measures.<\/li>\n
Organizational<\/strong>: Organizational measures include the infosec governance framework, and the measures and resources, including human, that are deployed to uphold the requirements laid out in the policies and procedures.<\/li>\n
Human<\/strong>: This includes staff awareness training, education, and recruitment for suitably skilled candidates for key infosec positions.<\/li>\n
Physical<\/strong>: These measures include controlled and restricted access to digital information stores and asset clusters such as server rooms and data centers, and also to areas where physical records are stored.<\/li>\n<\/ul>\n
In addition to the infosec-related entries in the general IT governance documentation you need to have a dedicated Information Security Policy. This should include such sections as:<\/p>\n
\n
Purpose, Scope, and Objectives<\/strong>: A section describing the purpose of the infosec program, its scope within the organization\u2014is it company-wide or site specific\u2014and its overall objectives.<\/li>\n
Access Control<\/strong>: A description of the access controls that are in place, and what an employee must do to apply for access.<\/li>\n
Operations Plan<\/strong>: An operations plan is the set of active provisions that are designed to ensure that your information is always available to those who need it.<\/li>\n
Responsibilities<\/strong>: A list of the organization\u2019s staff roles and positions that are involved in the safeguarding, including who is ultimately responsible for infosec. Nominated individuals<\/li>\n
Glossary<\/strong>: A glossary of key terms used in the document. Whoever reads it must understand it. Impenetrable policy documents are not impressive, they are an impediment to their own efficacy.<\/li>\n<\/ul>\n
It\u2019s About Handling Risk<\/h2>\n
Like cyber security, information security is about risk. Understanding the risks, using technology and other measures to mitigate the risks, and governing the use of information through policies and procedures to ensure that it is used safely and lawfully.<\/p>\n","protected":false},"excerpt":{"rendered":"
Information security and cyber security are terms that get used interchangeably, but are they really the same thing? We explain the subtle differences between these two closely allied and yet different disciplines. Same But Different? Cyber security is the name for the suite of behaviors, controls, and technologies that make up an organization\u2019s response to […]<\/p>\n","protected":false},"author":10,"featured_media":3658,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"yoast_head":"\nWhat is Information Security? | ITEnterpriser<\/title>\n<meta name=\"description\" content=\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Information Security? | ITEnterpriser\" \/>\n<meta property=\"og:description\" content=\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\" \/>\n<meta property=\"og:site_name\" content=\"ITEnterpriser\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-15T09:11:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"696\" \/>\n\t<meta property=\"og:image:height\" content=\"460\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Dave McKay\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TheGurkha\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dave McKay\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\",\"url\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\",\"name\":\"What is Information Security? | ITEnterpriser\",\"isPartOf\":{\"@id\":\"https:\/\/itenterpriser.com\/#website\"},\"datePublished\":\"2021-01-15T09:11:26+00:00\",\"dateModified\":\"2021-01-15T09:11:26+00:00\",\"author\":{\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e\"},\"description\":\"Information security and cyber security are related disciplines. We explain the overlap and the differences.\",\"breadcrumb\":{\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itenterpriser.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is Information Security?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itenterpriser.com\/#website\",\"url\":\"https:\/\/itenterpriser.com\/\",\"name\":\"ITEnterpriser\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itenterpriser.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e\",\"name\":\"Dave McKay\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itenterpriser.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png\",\"contentUrl\":\"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png\",\"caption\":\"Dave McKay\"},\"description\":\"Dave McKay first used computers in the industry when punched paper tape was in vogue and he has been programming ever since. His use of computers pre-dates the birth of the PC and the public release of Unix. He has programmed in everything from 6502 assembly to Lisp, and from Forth to C#. Don't let his six years at two different Universities fool you. He isn't a theoretical academic sheltered from the stark realities of the modern digital world. He has over 30 years of front-line experience working with IT in demanding business and industrial settings. His first IT technology article was published in Personal Computer World in 1985. Dave has worked as a freelance programmer, manager of an international software development team, and an IT services project manager. Latterly he was the Data Protection Officer for a managed services provider, responsible for the data protection and regulatory compliance of businesses ranging in size from tens of users up to multiple thousands of users. He is now a technology journalist and independent Data Protection and Compliance consultant. Dave is a Linux evangelist, an open-source advocate, and an inveterate tinkerer.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/davemckay\/\",\"https:\/\/twitter.com\/@TheGurkha\"],\"url\":\"https:\/\/itenterpriser.com\/author\/dave-mckay\/\"}]}<\/script>\n","yoast_head_json":{"title":"What is Information Security? | ITEnterpriser","description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","og_locale":"en_US","og_type":"article","og_title":"What is Information Security? | ITEnterpriser","og_description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","og_url":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","og_site_name":"ITEnterpriser","article_published_time":"2021-01-15T09:11:26+00:00","og_image":[{"width":696,"height":460,"url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png","type":"image\/png"}],"author":"Dave McKay","twitter_card":"summary_large_image","twitter_creator":"@TheGurkha","twitter_misc":{"Written by":"Dave McKay","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","url":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/","name":"What is Information Security? | ITEnterpriser","isPartOf":{"@id":"https:\/\/itenterpriser.com\/#website"},"datePublished":"2021-01-15T09:11:26+00:00","dateModified":"2021-01-15T09:11:26+00:00","author":{"@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e"},"description":"Information security and cyber security are related disciplines. We explain the overlap and the differences.","breadcrumb":{"@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/itenterpriser.com\/knowledge-base\/what-is-information-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itenterpriser.com\/"},{"@type":"ListItem","position":2,"name":"What is Information Security?"}]},{"@type":"WebSite","@id":"https:\/\/itenterpriser.com\/#website","url":"https:\/\/itenterpriser.com\/","name":"ITEnterpriser","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itenterpriser.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/d8365c87c188eca7de34b2fed7d1078e","name":"Dave McKay","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itenterpriser.com\/#\/schema\/person\/image\/","url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png","contentUrl":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/04\/Dave-McKay.png","caption":"Dave McKay"},"description":"Dave McKay first used computers in the industry when punched paper tape was in vogue and he has been programming ever since. His use of computers pre-dates the birth of the PC and the public release of Unix. He has programmed in everything from 6502 assembly to Lisp, and from Forth to C#. Don't let his six years at two different Universities fool you. He isn't a theoretical academic sheltered from the stark realities of the modern digital world. He has over 30 years of front-line experience working with IT in demanding business and industrial settings. His first IT technology article was published in Personal Computer World in 1985. Dave has worked as a freelance programmer, manager of an international software development team, and an IT services project manager. Latterly he was the Data Protection Officer for a managed services provider, responsible for the data protection and regulatory compliance of businesses ranging in size from tens of users up to multiple thousands of users. He is now a technology journalist and independent Data Protection and Compliance consultant. Dave is a Linux evangelist, an open-source advocate, and an inveterate tinkerer.","sameAs":["https:\/\/www.linkedin.com\/in\/davemckay\/","https:\/\/twitter.com\/@TheGurkha"],"url":"https:\/\/itenterpriser.com\/author\/dave-mckay\/"}]}},"jetpack_featured_media_url":"https:\/\/itenterpriser.com\/wp-content\/uploads\/2020\/11\/what-is-information-security.png","_links":{"self":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647"}],"collection":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/comments?post=3647"}],"version-history":[{"count":5,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647\/revisions"}],"predecessor-version":[{"id":3977,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/posts\/3647\/revisions\/3977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/media\/3658"}],"wp:attachment":[{"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/media?parent=3647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/categories?post=3647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itenterpriser.com\/wp-json\/wp\/v2\/tags?post=3647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}