- As a result of the Morris worm, International Information Security Day is commemorated every 30 November since 1988.
- Computer security, information security and cybersecurity, although similar, are not the same.
What is the origin of Computer Security Day?
As every year since 1988, 30 November marks International Information Security Day – or Computer Security Day – an initiative that emerged from the ACM, the Association for Computing Machinery, which seeks to raise awareness of the importance of protecting both information and the tools that manage it.
But what led the ACM to establish this day? Well, something known as the Morris worm…
What is the Morris worm?
Created by 23-year-old university student Robert Morris, the worm that bears his name refers to the first malware that affected the Internet (actually ARPANET, its precursor).
The magnitude of the events that took place in November 1988 can be gauged by the fact that 10% (approximately 6,000 out of 60,000) of all servers connected to the network were affected by this computer worm.
Interestingly, this incident marked a turning point from a legal perspective, as Morris became the first person in his country to be convicted under the Computer Fraud and Abuse Act, which had been passed in 1986.
What are the objectives of Computer Security Day?
With this background, International Information Security Day has a number of objectives.
One of them is prevention, understood as promoting the adoption of security measures that not only prevent but also identify and mitigate threats.
Similarly, this day aims to raise awareness among institutions, companies and individual users about the potential security risks in a world where digitalisation is unstoppable.
This day also seeks to promote good practices and encourage security habits such as software updates, caution when browsing, and the creation and management of strong passwords.
What is information security?
Now that we know a few details about International Information Security Day, we can briefly define this concept.
When asked what information security—or InfoSec, as it is known in English—is, we could respond that it is the set of security procedures and tools that seek to protect confidential information from possible misuse, unauthorised access, interruptions, or destruction.
The concept of information security encompasses physical and environmental security, access control and cybersecurity.
What are the differences between computer security, information security and cybersecurity?
It should be noted that computer security, information security and cybersecurity are not the same thing.
Broadly speaking, we could summarise that information security has a broader scope than computer security and cybersecurity, as its main objective is to protect information from potential threats that may arise in different formats, including the physical world.
For its part, cybersecurity refers to information in digital format, while computer security refers to computer systems.
It should be noted that information security refers to the protection of information within organisations, including data ranging from customer information to internal data, while computer security is related to the protection of computer systems, which affects mobile and other devices, servers, networks and computers.
