What is InfoSec? or Information Security.

 

Information security, or InfoSec, is the process of protecting an organization’s data from modification or unauthorized access to ensure its confidentiality, availability and integrity. InfoSec helps to ensure your data is protected through the use of cryptography and secure network protocols.

What is the key differences between cybersecurity and infosec / information security?

Information security and cybersecurity are all too often confused. InfoSec is a crucial part of cybersecurity it refers primarily to the processes designed for the security of data. Cybersecurity is a more general term that includes InfoSec as a whole

Types of InfoSec

AppSec

Application security is a broad topic that covers software vulnerabilities in web and mobile applications and application programming interfaces (APIs). AppSec is an important part of perimeter defence for InfoSec.


Cloud security

Cloud security focuses on building and hosting secure applications in cloud environments and securely consuming third-party cloud applications. Businesses must make sure that there is adequate isolation between different processes in shared environments.


Cryptography

Encrypting data in transit and data at rest helps ensure data confidentiality and integrity. Cryptography and encryption have become increasingly important. A good example of cryptography use is the Advanced Encryption Standard (AES).


Infrastructure security

Infrastructure security deals with the protection of internal and extranet networks, labs, data centres, servers, desktops, and mobile devices.


Incident response

Incident response is the function that monitors for and investigates potentially malicious behaviour.

In preparation for breaches, IT staff should have an incident response plan for containing the threat and restoring the network. In addition, the plan should create a system to preserve evidence for forensic analysis and potential prosecution. This data can help prevent further breaches and help staff discover the attacker.


Vulnerability management

Vulnerability management is the process of scanning an environment for weak points (such as unpatched software) and prioritizing remediation based on risk.

In many networks, businesses are constantly adding applications, users, infrastructure, and so on. For this reason, it is important to constantly scan the network for potential vulnerabilities. Finding a vulnerability in advance can save your businesses the catastrophic costs of a breach.

Cybersecurity

Computer security, cybersecurity, or information technology security is the protection of computer systems and networks from information disclosure, theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide

Recommended

CyberSecurity Knowledge Base

Why not check out our free cybersecurity academy?

Posts Slider

5 British businesses were penalised for making 500,000 unwanted calls

Five businesses have been fined a total of £435,000 (about $529,000) by Britain’s data watchdog after it was discovered that they made over half a……

Bookmark

End 2 End Encryption (E2EE) Is Finally here, kind of, for Apple Device Backups

According to a new optional feature called Advanced Data Protection, end-to-end encryption will soon be available for the majority of iCloud. iCloud previously had 14……

Bookmark

Google releases a fresh version of Chrome to fix yet another zero-day flaw

Google, a leading search engine, fixed a newly discovered and actively exploited zero-day vulnerability in its Chrome web browser on Friday. The high-severity problem affects……

Bookmark

Android puzzle game with over one million downloads reveals user information

Fruits Mania, a well-known and trustworthy puzzle game, is one of the thousands of apps on the Google Play store that have private information hard-coded……

Bookmark

TrustCor dropped as Root CA for Mozilla and Microsoft

Microsoft and Mozilla have taken action against a certificate authority that is purportedly linked to a US military contractor who allegedly paid programmers to insert……

Bookmark