What is information security or InfoSec?
Information security (often referred to as InfoSec) is defined as a set of security tools and procedures to protect confidential information from misuse, unauthorized access, disruption or destruction.
Information security comprises physical and environmental security, access control and cybersecurity.
Key elements of information security
Microsoft has established a series of security tools, solutions and processes that serve to keep information secure between devices and locations, helping in the face of cyberattacks or any other type of disruptive event.
These are the main key elements of information security:
- Application security. Procedures, policies and tools to protect applications and their data.
- Cloud security. Procedures, policies and tools to protect all aspects related to the cloud.
- Incident response. Plan to manage or correct the consequences of possible attacks or other disruptive elements,
- Security of the organization’s technological infrastructure, including software and hardware systems.
- Cryptography. Algorithms that seek to protect communication with the aim of ensuring that only those recipients of a particular message are able to view and decrypt it.
- Vulnerability management to identify, evaluate and correct hypothetical vulnerabilities in systems, software or connection points.
- Disaster recovery to restore technological systems in the event of disruptive events, whatever their nature.
What is the CIA triad: Confidentiality, Integrity and Accessibility?
The three legs of the CIA triad (Confidentiality, Integrity and Accessibility) could be considered as the pillars of a solid information protection.
Confidentiality refers to the efforts of organizations to keep their data private or secret, i.e. to prevent unauthorized disclosure.
This confidentiality can be broken unintentionally (by human error, carelessness, etc.) or voluntarily through attacks aimed at stealing or manipulating the data.
Integrity in information security refers to ensuring that data are reliable because they have not been tampered with.
To ensure this integrity, it is necessary to protect data in use, in transit and when it is stored, whether physically or in the cloud.
Like confidentiality, this integrity can be compromised unintentionally (human error, carelessness or coding failures) or voluntarily (manipulations of intrusion detection systems, modification of files or changes to system logs to evade detection).
Measures to protect integrity include digital signatures and certificates, audits, authentication mechanisms or encryption.
Accessibility is defined as the ability for users to have access when they need it, and to achieve this, networks, systems and applications must be fully operational to ensure timely, reliable and consistent access.
There are numerous factors that can jeopardize accessibility, such as hardware or software failures, human supply problems, human error or even natural disasters.
Among the many measures that serve to ensure accessibility are hardware fault tolerance for servers and storage or redundancy in servers, networks, applications and services.
Main threats to information security
Threats to information security threaten the confidentiality, integrity and accessibility mentioned above, and generally speaking they have three origins: human error, natural disasters and malicious attacks.
Some of the main threats to information security are:
- Phishing. Phishing can be defined as a computer scam in which the identity of an organization or person known to the victim is impersonated in order to obtain confidential data.
- Social engineering. Social engineering refers to the set of techniques used to try to trick users into sending them confidential data, giving them private passwords, infecting their computers with malware, opening links to infected sites, buying from fraudulent websites or even sending money.
- Physical damage. This can be both intentional and unintentional damage, with two subcategories: negligence (e.g., bumps or spilled food or drink) and natural causes (e.g., power failures, lack of cooling or more extreme cases such as fire or flooding).
- Viruses. Programs designed to generate problems in the computers on which they run.
- Identity theft. When someone obtains personal information about someone else’s computer without their consent for the purpose of committing fraudulent acts.
- Password attacks. To try to avoid them it is advisable to have secure passwords.
- Deepfakes. This method of impersonation uses an advanced AI technique that generates hyper-realistic results by collecting physical movements, facial features and voice to create false content to deceive the viewer.
Precisely in line with artificial intelligence, we could add that this technology will have a great impact on the adoption of solutions for information protection.
Well-governed data with a foundation of structure, quality and information security can serve as an enabling lever for AI.
Differences between information security, IT security and cybersecurity
To conclude, it should be pointed out that three terms that are related but not the same are information security, IT security and cybersecurity.
But how do they differ?
The main difference is that information security has a broader scope, since its objective is to protect information from threats and risks that may affect it, in different forms and states.
On the other hand, cybersecurity focuses on information in digital format, so it is closer to information security.