What is information security? Definition, Principles and Jobs (2023)

Definition of information security

Information security, sometimes abbreviated toinfosec,is a set of procedures aimed at protecting data from unauthorized access or modification, both when it is stored and when it is transferred from one machine or physical location to another. You will sometimes see it labeleddata security.As knowledge has become one of the most important commodities of the 21st century, efforts to secure information have become correspondingly more important.

The SANS Institute offersa slightly broader definition:

Information security refers to the processes and methods designed and implemented to protect printed, electronic or other forms of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, alteration or interruption.

Information security vs. cyber security

Weilinformation technologyhas become the accepted corporate buzzword, which basically means "computers and stuff like that," as you'll see at timesinformation securityAndInternet securityused interchangeably. Strictly speaking, cybersecurity is thebroader practice of defending IT resources from attack, and information security is a specific discipline under the cybersecurity umbrella.network securityAndapplication securityare Infosec's sister practices that focus on networks and app code, respectively.

Obviously there is some overlap here. You cannot back up data transmitted over an insecure network or tampered with by a leaky application. In addition, there is a lot of information that is not stored electronically and also needs to be protected. Therefore, the infosec professional's area of ​​responsibility is necessarily broad.

Information Security Principles

The basic components of information security are most commonly summarized by what is known as the CIA triad:confidentiality, integrity,AndAvailability.

• confidentialityis perhaps the element of the triad that comes to mind most when you think of information security. Data is confidential if it can only be accessed by those who are authorized to do so; To ensure confidentiality, you need to be able to identify who is trying to access data and block attempts by unauthorized people. Passwords, encryption, authentication, and defense against penetration attacks are techniques designed to ensure confidentiality.
• integritymeans keeping data in its correct state and preventing it from being accidentally or maliciously modified. Many of the techniques that ensure confidentiality also protect data integrity - after all, a hacker can't modify data they can't access - but there are other tools that help defend integrity comprehensively: checksums can help you Checking data For example, integrity and version control software and frequent backups can help you restore data to a correct state when needed. Integrity also includes the concept ofNichtablehnung: you have to be able toprovethat you have maintained the integrity of your data, especially in legal contexts.
• Availabilityis the reflection of confidentiality: while you need to ensure that your data cannot be viewed by unauthorized users, you also need to ensure thismaycan only be accessed by people with the appropriate permissions. Ensuring data availability means matching network and computer resources to the expected volume of data access and implementing a good backup policy for disaster recovery.

In an ideal world, your data should always be confidential, correct, and available; In practice, of course, you often have to decide which information security principles you want to emphasize, and this requires your data to be assessed. For example, if you store sensitive medical information, your focus is on confidentiality, while a financial institution may value data integrity to ensure that nobody's bank account is miscredited or debited.

Information Security Policy

The means by which these principles are applied to an organization take the form asecurity policy.This is not security hardware or software; Rather, it is a document that a company creates, based on its own specific needs and idiosyncrasies, to define what data needs to be protected and how. These policies guide the organization's decisions to procure cybersecurity tools and also dictate the conduct and responsibilities of employees.

Your organization's information security policy should include the following:

• A statement describing the purpose of the Infosec program and yoursoverall goals
• The definitionof the key terms used in the document to ensure a common understanding
• AAccess Control Policywho has access to which data and how they can assert their rights
• APassword Policy
• Adata support and operationsPlan to ensure the data is always available to those who need it
• employee roles etc responsibilitieswhen it comes to data protection, including ultimate responsibility for information security

One important thing to keep in mind is that in a world where many companies outsource some computing services or store data in the cloud, your security policy needs to cover more than just the assets you own. You need to know how to deal with everything from personal data stored on AWS instances to third parties who need to authenticate themselves to access sensitive company information.

Information security measures

As should be clear by now, almost all technical measures related to cybersecurity touch on information security to some extent, but that's where it's worth thinking about infosec measures in the big picture:

• Technical Measurescontain the hardware and software that protects data - everything from encryption to firewalls
• Organizational measuresThis includes the establishment of an internal information security unit as well as the inclusion of infosec in the responsibilities of some employees in all departments
• human measuresinclude providing user awareness training on appropriate infosec practices
• physical measuresinclude controlling access to office locations and particularly to data centers

Information security jobs

It's no secret that cybersecurity jobs are in high demandIn 2019, information security was at the top of every CIO's hiring wish list, according to the Mondo IT Security Guide. There are two main reasons: there have been many high-profile security breaches that have caused damage to the company's finances and reputation, and most companies continue to hoard customer data and give more and more departments access to it, increasing their potential attack surface and always doing so more likely that they will be the next victim.

There is aVariety of different job titles in the infosec world. The same job title can have different meanings in different companies, and you should also keep in mind our caveat from above: A lot of people just use “information” to mean “computer stuff,” so some of these roles aren’t limited to pure information security in the narrower sense. But there are general conclusions that can be drawn.

Information Security Analyst: Responsibilities and Salary
Let's take a look at one such job: information security analyst, which is generally at the entry level of an infosec career. Christina Wood from CSOdescribes the activity as follows:

Security analysts typically deal with information protection (data loss prevention [DLP] and data classification) and threat protection, including security information and event management (SIEM), user and entity behavior analysis [UEBA], intrusion detection system/intrusion prevention system (IDS/IPS), and penetration testing . Key responsibilities include managing security measures and controls, monitoring security access, conducting internal and external security audits, analyzing security breaches, recommending tools and processes, installing software, training security awareness, and coordinating security with external providers.

Information security analysts are definitely one of those infosec roles where they existare not enough candidates to meet the demand for them: In 2017 and 2018, there were more than 100,000 vacancies for information security analysts in the United States. That means the infosec analyst is a lucrative job: The Bureau of Labor Statistics has put the median salary at $95,510 (PayScale.com has it slightly lower,at $71,398).

Training and courses on information security

How to Get a Job in Information Security? A bachelor's degree inComputer science certainly doesn't hurt, although it's by no means the only way in; Tech remains an industry where, for example, participating in open source projects or hacking collectives can serve as a valuable calling card.

Still, Infosec is becoming increasingly professionalized, meaning institutions are offering more formal credentials. Many universities now offer itCompleted studies with a focus on information security. These programs may be best suited for those who are already in the field and want to expand their knowledge and prove they have what it takes to climb the corporate ladder.

At the other end of the spectrum are infosec free and low-cost online courses, many of which are fairly narrowly focused. The world of online education is something of a wild west; Tripwire breaks downeleven renowned providersOffer information security courses that could be worth your time and effort.

Information security certifications

If you're already in this field and want to keep up to date with the latest developments - both for yourself and as a signal to potential employers - you might want to look into an information security certification. Top information security analyst certifications include:

• Certified system security practitioner(SSCP)
• Certified Cyber ​​Professional(KPCh)
• Certified Information Systems Security Expert(CISP)
• Certified ethical hacker(CEH)
• GCHQ certified training(AGB)

Many of the online courses Tripwire lists are designed to prepare you for these certification exams. Good luck with your exploration!

Related:

• Data and information security
• Security

7 Hot Cybersecurity Trends (And 2 Going Cold)