What is Information Security?

Information Security also known as Data Security revolved around protecting information in all its forms. It emphasizes the precautionary measures against unauthorized access, disclosure, disruption, inspection, data alteration, or destruction of information.

Information Security shortened as infosec focuses on the principle of the CIA triad aimed to implement an enhanced security structure to keep data secure. The form of information can be physical or electronic. Considering any sort of information even your personal information on social media, mobile phones, your biometrics, etc.

Information Security further divides into:

·         Cyber Security

·         Information Protection 

Cyber Security vs Information Security:

Cyber Security is relatively a new term that focuses on the safety of the data stored in Electronic devices are connected to the internet or intranet - IDS, IPS, Firewall and Ethical Hacking are the modern world concern. However, information security is intended to protect data from tangible assets.

Cyber Security focuses on cyberspace like servers, computers, mobile systems, laptops, or so forth. While Information Security pivots on physical or digital assets like documents, files, facilities, etc.

NIST Definition:

“Measures that protect and defend information and information systems by ensuring their Availability, Integrity, Authentication, Confidentiality, and Non-Repudiation. The measures include providing for restoration of information system by incorporating protection, detection, and reaction capabilities.”

As we can see two new terms apart from the CIA Triad that governs the information security programs – Non-Repudiation and Authentication.

Information Assurance:

Information Assurance further extends the parameter of Information Security with the inclusion of Authentication and Non-Repudiation.

Authentication means checking the identity before allowing access while Non-Repudiation precise about who sends or receives the message.

Information Assurance is the bigger picture or you can say a big umbrella where the infosec falls.

Information Assurance vs Information Security:

The distinguished difference between Information Security and Information Assurance; Information Security and Cyber Security both ensure the CIA Triad whereas Information Assurance ensures the five triads include the CIA or the other two mentioned triads.

What is Ethical Hacking?

Ethical Hacking is a specific domain of cybersecurity is the process or technique to promise security. Ethical Hacking utilizes offensive techniques often called (Red team) to check the vulnerability and the loopholes in the systems while the defender or (Blue team) monitors the incident or responds accordingly.

What is Network Security?

Network Security is a sub-branch of cybersecurity which deals with implementing network security measures to protect the network systems and programs against hacking.

As the SANS institute explains, "the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critically function within a secure environment."