KM1- Mapping cybersecurity and the broader context
KM 2 - Cybersecurity strategy, policy and regulation
KM3 - Cyber diplomacy and international cooperation
1 of 4

2.1. Introducing the concept

🎯What is cybersecurity and what does the concept of cybersecurity entail?

Internet and digital public policy are in constant development. Thus, there is a lot of terminological confusion, ranging from rather benign differences such as the interchangeable use of prefixes (cyber/e/digital/net/virtual) to core differences, where the use of different terms reflects different policy approaches. In the area of cybersecurity, the potential for confusion is significant: the Global Cyber Definitions Database contains over 400 political definitions of terms related to cyber- and information security!

Several similar terms are used interchangeably when discussing cybersecurity:

  • cybersecurity
  • computer security
  • information security
  • information system security
  • IT security
  • network security
  • data security

However, they do not carry exactly the same meanings.

Reflection point

How would you define each of these terms? Please suggest your own definitions, or share a definition you have found.

The theory of information security provides us with some basic concepts. Referring to the CIA triad (Figure 1): confidentiality prevents the unauthorised disclosure of information (e.g. reading other people’s e-mail); integrity prevents the unauthorised change of information (e.g. altering e-payment instructions), and availability ensures that the information is actually available (e.g. ensuring access to e-voting ballots). Information security, therefore, relates mainly to protecting (digital) information; cybersecurity, on the other hand, in practice, often considers protecting devices, networks, and systems that utilise (digital) information. 

Figure 1. The CIA triad of information security
Source: Burnette, 2020

Global policy discussions are dominated by these two terms: cybersecurity and information security. However, differences in approaches to cybersecurity exist among different stakeholders. While public institutions focus on the security of the state, human rights communities suggest that cybersecurity should be about people rather than about systems. Puddephatt and Kasper define this as a matter of individual security rather than national security (observing that practices such as surveillance are directly opposed to individual security). The Freedom Online Coalition – a partnership of 30 governments working to advance internet freedom – had codified a similar perspective, defining cybersecurity as protecting information and the internet infrastructure for the sake of enhancing the security of individuals, both online and offline.

New post

Your email address will not be published. Required fields are marked *

1 post
Collapse posts

These are terms that most people interchange while referring to the same but the definitions are quite different. This will help understand more of these terms and know how to use them

Skip to content