Article Review: From information security to cyber security

Solms, R. von, & Niekerk, J. van. (2013, April 29). From information security to cyber security. Computers & Security. Retrieved November 5, 2022, from https://www.sciencedirect.com/science/article/pii/S0167404813000801

The article, “From information security to cyber security”, by Rossouw von Solms and Johan van Niekerk focused on how information security and cyber security often are used interchangeably but is an incorrect assessment based on their respective security focuses. Solms and Niekerk analyze, in detail, the definition of information security and its security scope of responsibility, and also the definition of cybersecurity and its security scope of responsibility. Solms and Niekerk give examples of why cybersecurity deserves to be a separate entity from information security and also make a realization that even though information security and cyber security are different, there are cases where they intertwine.

Solms’ and Niekerk’s article relates principles of the social sciences through the relativism lens. They utilize relativism showing that although these two security platforms have differences, they are interconnected, but not synonymous with each other.

Solms and Niekerk first dissect the definition of Information security, which focuses on the use of the cia triad (confidentiality, integrity, and availability of information) to achieve security success. They also focus on that information security is a process created to protect information in their various mediums, but solely involves information protection.

Solms and Niekerk next dissected the definition of cybersecurity and why it is assumed to be synonymous with information security. Most cybersecurity breaches do involve a breach in the cia triad, but some instances do not involve a breach in the cia triad and that would not make it identical to information security. Solms and Niekerk proceed to give examples of instances that do not always breach the cia triad or breach information like cyber bullying, home automation devices, digital media, and cyber terrorism. These examples focused more on the human element that is affected or threatened as opposed to information security which focuses solely on information protection.

Solms and Niekerk bring the viewpoints of information security and cybersecurity together to demonstrate and propose a different way to see both security platforms. Cybersecurity focuses on the human and societal aspects affected through cyberspace and information security focuses on processes to prevent information breaches. With information security, the human aspect is a way that information breaches can occur. With cyber security, the information aspect can be used to threaten someone or a society, but not in every case. Solms and Niekerk recommended that cyber security can be presented either as its own entity or as an extension of information security that focuses on human protection.

Cyber security and information security are topics that we have discussed throughout this semester with this being a cyber security class, but earlier on, there were discussions on the viewpoints of if information security and cybersecurity were the same and after reading this article, I agree with Solms’ and Niekerk’s perspective that they have differences and need to be respected as such. As technology continues to advance, the evolution of information security and cybersecurity and how they are defined will continue to advance as well.