As a cybersecurity professional, I hear these terms interchanged all the time. Although we like to believe that these terms are the same, one actually umbrellas the other.

What is cybersecurity?

Cybersecurity focuses primarily on the protection of digital spaces against cyber attacks. These attacks can range from your day to day phishing emails all the way to full system shut down from ransomware. Some examples of cybersecurity can include:

• Network security which is the practice of securing the network against unauthorized access. This can include implementing firewalls which acts as a barrier between the internal network and the rest of the internet to block unwanted traffic. This can also include implementing Intrusion Detection or Prevention systems which can monitor network traffic and notify about or block threats.
• Application Security which defines the measures that are taken to protect software applications that organizations use. This can include implementing access control lists to define what users can access and modify certain applications within an organization. This can also include implementing good coding practices such as including input validations to prevent attacks and including software security in the development process. Cyber teams should also regularly scan for vulnerabilities to ensure that applications are up to date and not vulnerable to be exploited.
• Incident Response is the process of how a suspected cyber attack is prepared for, detected, contained and recovered from. Every incident allows for cyber teams to further improve upon their plans and what they can do better to make the process as smooth as possible.
• User awareness and training is crucial as 95% of data breaches were caused by humans in 2024. Continuous education is necessary to assist with having users recognize social engineering techniques. While most end users can be annoyed with these types of emails from their IT teams, internal phishing campaigns are important for helping user’s recognize what signs to recognize. According to the Cybersecurity and Infrastructure Security Agency (CISA), “more than 90% of cyber-attacks starts with a phishing email.“

While this list of examples may seem short, there are many more aspects that cybersecurity professionals focus on such as endpoint security, cloud security, mobile security and IoT device security.

What is Information security?

Information security focuses more on the overarching goal that all of us learn of the CIA triad or Confidentiality, Integrity and Availability of data for all users across our organizations. Some examples of information security can include:

• Encryption is the practice of converting data into an unreadable format while data is in transmission or being stored. Encryption is crucial to keeping data protected as with many industries, there is sensitive data that is being stored on networks. Often times encryption is required for organizations to meet industry regulations such as HIPAA which is healthcare information, PCI DSS which focuses on payment card data, GDPR for user data in the EU, GLBA and SOX regulations for financial data and many other regulations that are out there.
• Infrastructure Security focuses on all the physical aspects of an organization. This includes where all the systems that store and maintain data are physically located and who can access these areas.
• Keeping policies, procedures and standards up to date are also crucial for protecting information. If security policies such as Acceptable Usage Policies (AUPs) and password standards are not kept up-to-date then it could cause organizations to fall out of compliance or allow bad practices.

How are these similar?

The reason why cybersecurity tends to fall under the umbrella of information security is due to the fact that information security focuses on checking all the boxes across the board while cybersecurity is more focused on just the digital landscape. These areas may differ, but they are both focused on protecting your data and the best ways to go about that. In order to provide the best security, both teams must stay up-to-date on the latest trends and implement robust controls to ensure your data is staying protected. By addressing both these areas, organizations can improve their security posture in the long run.