why

Cybersecurity vs. Information Security (infosec)

Somebody asked me why do I have in my LinkedIn profile “IT Security Expert” and in my company website www.mustaca.com “Sorin Mustaca Cybersecurity”. In order to answer that, I need to clarify the difference between Cybersecurity and Information Security (infosec). I googled a bit because I don’t have too much time and I did find something which is closest to my opinion. See Sources for a list.   Information security (or “InfoSec”) is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical). The CIA triad of confidentiality, integrity, and availability is at the heart of information security. The members of the classic InfoSec triad — confidentiality, integrity and availability — are interchangeably referred to in the literature as security attributes, properties, security goals, fundamental aspects, information criteria, critical information characteristics and basic building blocks. There is continuous debate about extending this classic trio. Other principles such as Accountability have sometimes been proposed for addition and it has been pointed out in various sources that issues such as Non-Repudiation do not fit well within the three core concepts. Well, no…


%d bloggers like this: