This is an automated archive.
The original was posted on /r/cybersecurity by /u/AutomatedSecurity on 2023-09-22 20:58:14+00:00.
The term we should use is “Information Security”. Sure, it’s not as flashy or buzz wordy, but that’s exactly my point.
The term “cybersecurity” was first introduced in the early 90s, before security was even majorly considered in information systems. “Cybersecurity” nowadays tends to be (at worst) a buzz word said by marketing and sales teams that don’t understand what it even means or (at best) a term that tends to focus primarily on digital threats and online vulnerabilities. While I do believe “cybersecurity” can still exist as a term, and that it is a critical aspect of “Information Security”, it can sometimes give the impression that security concerns are limited and may lead to an oversight of other equally important aspects of the industry. Or… it can just give the impression of an interviewee trying to sound smart.
The term “Information Security” is an updated term that encompasses a more holistic view of protecting sensitive data and information assets and acts as a subset to the overarching industry of Information Technology. It goes beyond just the digital or “cyber”–God, I hate even unironically using this term–realm and includes physical security, personnel training, procedural measures, and any of the other hundred ideas that can possibly fit into a single System Security Plan. By using this term, you emphasize the importance of safeguarding information at every level, whether it’s stored digitally or on paper.
But I will admit that many people still don’t understand what “Information Security” refers to.
“What do you do for work?”
“I’m in Information Security.”
“Really, what’s that?”
“IT Security.” or “Cybersecurity.”
“Oh, yeah! Cool!”
That’s usually how the conversations go. Lol, and thanks for coming to my Ted Talk.