[BreachExchange] Understanding the differences between IT security and cybersecurity

Destry Winant destry at riskbasedsecurity.com
Tue Aug 7 21:01:59 EDT 2018


https://www.ifsecglobal.com/understanding-the-difference-between-it-security-and-cybersecurity/

Is there a difference between IT security and cybersecurity?

Many people assume they are just alternating terms for the having a
form of security on electronic devices. Others believe that they
cannot work as separate entities, that they become useless if not
combined.

Cybersecurity and IT security do share similarities; they do also
create maximum protection and efficiency when combined.  Despite
similarities, there are key differences that distinguish the two.

IT security

IT security can be referred to as information security or data
security. IT security is utilised to ensure the protection and safety
of all information created and available to an organisation. The
security process is inclusive of all electronics along with physical
data.

IT security allows processes and procedures to be in place to ensure
that all information is protected. This prevents unauthorised access,
misuse, destruction or disruption of data.

The primary purpose is to ensure that information remains of high
integrity, confidential and accessible. This is essential, to ensure
that the quality of information is not diminished, along with ensuring
that personal or valuable information remains confidential and only
available to those authorised.

Physical data is often easier to protect in locked filing cabinets,
but electronic data requires greater protection

IT security incorporates various forms of technology and methods to
protect all information and information systems. Physical data is
often easier to protect in locked filing cabinets, but electronic data
requires greater protection.

This can include passwords to access specific files, ensuring all
personnel use password protection for all electronic devices along
with establishing secure individual and company networks.

IT security procedures allow data to be protected while ensuring the
quality and integrity of the information. Incorporating security
measures for information and information systems reduces the risk of
unauthorised access or misuse of confidential information.

Cybersecurity

Cybersecurity’s primary purpose is to protect electronic data from
unauthorised access gained through cyberspace. Unauthorised access can
be referred to as cyber-attacks; they are any form of unauthorised
access to a company’s data that corrupts or damages the integrity of
the data.

Cybersecurity ensures that all confidential, valuable or vulnerable
information cannot be downloaded, shared or utilised by an unknown
third party.

Cybersecurity limits and prevents this threat or attack of
unauthorised access to a company’s information. It allows the
necessary precautions to be in place to ensure the safety of all
electronic data.  Cyber threats go beyond securing valuable data, they
can influence operations, inhibit actions and have control over
networks.

Hacking or corruption of data not only affects the quality of the data
but can be expensive and time-consuming to correct. There are also the
risks of what a third party can achieve by holding this information,
especially if it is financial or highly confidential.

Hacking and unauthorised access of networks can occur for many
reasons. Cyber threats include downloading files from websites or apps
that contain viruses.  Having weak or easily guessed passwords or
storing data in one place, such as the cloud without backups.

IT and cybersecurity go hand in hand; both are essential in protecting
the information of your company.  Both security systems should be
incorporated into your organisation to ensure that all channels being
used are secure and protected against any threat, corruption or
misuse. To summarise, below is a table highlighting some key
differences between the two security systems.

IT SECURITY
Protects electronic and physical data
Secures information for confidentiality, integrity and availability
Protects against a more defined threat
Protects against more channels – goes beyond cyberspace
Focuses on access, integrity and confidentially of information

CYBERSECURITY
Protects electronic data only
Protects valuable and vulnerable information from unauthorised access,
hacking etc
Protects against a more extensive threat – all of cyberspace
Protects against one area – cyberspace
Focuses on the protection of the intranet, channels, servers and
networks allowing only those permitted to have access


IT and cybersecurity must be embraced as a daily business issue for
businesses to truly mature. It’s worth conducting a security risk
assessment and identifying cyber threats to business.

Best practice IT security and cybersecurity willprotect your business
and personal information, allow employees to work safely and
productively, and inspire confidence in your business among your
customers.


More information about the BreachExchange mailing list