What is Cyber Security?
Cyber security is the practice of protecting any internet-connected systems,
networks, software, and different types of data from cyberattacks. It is defined
by most authorities as “protecting networks, devices, and data” usually from
unauthorized access or digital attacks.
These attacks, commonly referred to as “cyberattacks”, is any attempt to expose, alter, disable, destroy; thus, cyberattacks can range from installing malicious code on a personal computer to attempting to destroy the infrastructure of entire nations.
Cyberspace: (definition from NIST)
A global domain within the information environment consisting of the interdependent
network of information systems infrastructures including the Internet,
telecommunications networks, computer systems, and embedded processors and
In short, it is the virtual space created by interconnected computers and computer networks on the Internet, another way simply put: the environment of the internet with all the communications you can possibly imagine.
Information Security vs Cyber security:
What is information Assurance, Information security and Cyber security? We hear
about them a lot in job postings or media channels, but what is the real difference?
Both Cyber security and information security are terms that refer to the protection of computer systems and are frequently used interchangeably. For people who are unfamiliar with the distinction, the definitions and interpretations of the terms vary greatly and should not be used interchangeably, as is often done.
Cyber security as defined by NIST “ability to protect or defend the use of cyberspace from cyber-attacks.” Simply said, Cyber security is concerned with threats from the inside or outside of any given entity or narrowing it down to consider vulnerabilities on a device/gadget that an individual is using. And so safeguarding devices, networks, servers, and applications connected to or on the internet that is subject to hacking, attack, or illegal access.
Information Assurance or “IA” is linked with the practice of risk management related to the use, storage and transmission of data and information systems. This will involve plans or policies with a broader focus to ensure the functions of data or the Information systems (as known as the 5 pillars of IA). For example, the protection of digital and non-digital information assets, such as hard copy records.
The NIST provides definitions for both Information Assurance and Information Security in their Glossary of Key Information Security Terms:
Information Assurance (IA):
Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.
Information protection (or information security as defined by the NIST):
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction to provide:
which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity.
which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information.
which means ensuring timely and reliable access to and use of information.
Information security employs security solutions, encryption, and other technologies, as well as policies and processes, to secure information and can be thought of as a sub-discipline or component of Information Assurance. While both share a goal of maintaining the integrity, confidentiality, and availability of information, Information assurance is typically a broader strategic initiative comprised of a wide range of information protection and management processes.
Cybercrime, Cyber-attack in the context of Cyber security:
A cyber-attack may be carried out by means of any action known to that aim. This
term is to be linked with of the conduct or outcome of the act of cyber-crime, as
important aspect of cybercrime is its nonlocal character: actions can occur in
jurisdictions separated by vast distances, thus cross-border nature.
Cyber-crime is generally understood as the use of a computer-based means to commit an illegal act. One typical definition describes cyber-crime as “any crime that is facilitated or committed using a computer, network, or hardware device. As such it encompasses a broad range of illicit activities.
In a traditional manner Cyber-crime are generally understood to be committed by individual, not nations. That comprehension subjectively changed as we have not only seen threats in forms of campaigns specially with financial aim or information extortion from cybercriminals, but identities of individuals of such groups attacking for geo-political reason.
While the distinction between cybercrime and cyberattack is crucial, we recognize that it is frequently difficult to tell if a cyber-event is one or the other (or both) at the time of the event—in part because the identity and intention of the actor may not be clear. Given the ambiguity, an urgent reaction suited for either cybercrime or a cyber-attack is recommended.
In an addition to cybercrime, cyber-attacks can also be associated with cyberwarfare or cyberterrorism, particularly in instances when the attackers are state actors, groups, or affiliated organizations.
NCSC works closely with the Cybercrimes Directorate at the General Directorate of Anti-Corruption and Economic & Electronic Security in the Ministry of Interior, in cases of an increased and imminent cybercrime threat to the Individuals or Sectors in the Kingdom of Bahrain.