Information security and cybersecurity – what is the difference?
From the times of the formation of production, the owners worried about two things: the first one is that their production secrets do not get into the hands of competitors, the second one is about the physical safety of production and employees.
When production began to take on the first lines of industry, such a specialization as a specialist in company security appeared, who was responsible for both the physical security of the enterprise and the safety of its secrets.
With the increase in the number of papers, accounting, departments (which are responsible for innovation) and laboratories, enterprises need information security, which is quite natural: secret documents wouldn’t get into bad hands, engineer inventor wouldn’t take drawings from the laboratory, secret correspondence ( written) wouldn’t become public and competitors.
Information security is the term that appeared first in the context of IT
With the increasing number of computerized systems and automated tools, everything began to move into the IT field. Information security officers appeared at the enterprise.
Initially, information security meant minimizing the number of accesses to accounting information, various documentation, patent information, and much more. For this, large regulations were created on the internal security of the company. As a rule, there is an employee who is separately responsible for information security so that competitors do not merge numbers and accounts.
But the 21st century met us with an IT boom: the computers began to appear in every home, the evolution from black and white Nokia grew into a smartphone, which became a necessity, and the Internet … since 2016, the UN resolution enshrined the right to access the Internet in human rights.
With the growth of devices, smart things, increased traffic, data flow, people began to transfer more and more to the cyber environment and the cloud: accounting, process control, work execution. There was a need to protect information in a digital (cyber) environment.
Cybersecurity is already a new round of information security, which is aimed specifically at the digital environment. Cybersecurity implies not only the protection of information but also the protection of the entire system in the information field, in the IT field (computer technology field) as a whole.
Where cybersecurity leads and what to expect
Cybersecurity includes information security but is not limited to it. This is protection against viruses, hacker attacks, data forgery, which can not only delete/steal data but also affect the work and productivity of employees, use information against a person or structure, and also stop production. Cybersecurity today is responsible for three factors: systems, processes, people.
The need for personal cybersecurity will continue to grow, because the farther, the more we “grow together” with our gadgets. Сybersecurity is responsible for protecting confidential information and interacting with it when using any gadget. For example, you do not get the virus through a smart refrigerator or coffee maker.
On August 29, 2019, at the World Conference on Artificial Intelligence in Shanghai, Jack Ma and Elon Musk discussed everything that worries mankind in recent years: “We are ALREADY cyborgs. People are so integrated with the phone and computer that they don’t even realize it. When we forget somewhere mobile, it seems as if we lost a part of the body.” And so it is. We are already completely connected with our phones, without which we cannot go anywhere and cannot imagine life without them. Our phone is food, travel, maps, weather, sleep, health, and this list can be supplemented by many more opportunities that we live with every day.
From Worm to Petya: viruses mutate and evolve with technology
Along with the development of technologies, artificial intelligence, information systems, their “dark side” also develops – cyberattacks and “viruses.” Computer “viruses”, like biological ones, also mutate and develop.
Since 1987, they entered the system and influenced the data in it: they “ate” the data, encrypted, manipulated. For example, a virus that copied your data to the end of disk space “C” or a virus that overloaded the processor to 100%.
The next major leap in mutation occurred in 2012: the ivchetoo or hallmark virus appeared that physically burned the hard drive. This virus has been declared by CNN “as the most malicious”.
The next mutation and development of cyberattacks occurred recently – WannaCry or Petya. This virus became famous not for encrypting data and demanding Bitcoin, but for stopping a third of the banking system of the whole country in 2017.
It was felt on itself and the airline along with the subway, media holdings, industrial concerns and large companies.
When virus cracked the 1C work program, accountants were the first to suffer: the virus penetrated the accounting reporting software and then spread through unlicensed software.
Disasters of this magnitude could have been avoided if enterprises and their employees adhered to the basic rules of cyber hygiene and cybersecurity. But, “ignorance” does not exempt from liability and from the consequences as well.
Wanna Cry showed how cyber attacks can mutate – before the shutdown of enterprises, concerns, systems and government agencies. The next mutation of cyberattacks has every chance of affecting human life and health. Let’s see why.
Body and brain = 24/7 cybersecurity?
Since 2014, a new trend has entered the world in IT – smart devices and wearable devices: smart refrigerators, fitness bracelets, virtual reality helmets, augmented reality glasses.
The Black Sea Summit conference in 2016 in Odessa was significant in that for the first time in Ukraine a person was implanted with a chip in his hand, with which he could pay bills like a credit card (https://korrespondent.net/ukraine/3743253-v-ukrayne-vpervye -vzhyvyly-chyp-v-ruku-cheloveka)
In 2018, people began to actively implant chips in other countries that would replace keys, cards, identification data, and in 2019, the “xNT” project began sending out chips to implant in the hands of its customers.
Apple founded the trend on FaceID thanks to which it is already possible to pay at the checkout and identify a person simply by their faces.
All these facts indicate that the apparatus is getting closer to the body, closer to the brain and eyes, to the muscles and in the literal sense of the “innards” of a person.
This means that there is a big risk that cyber attacks can affect a person’s physical condition.
The closer the devices are to the body and brain, the more important is the protection of the information.
The next stage of cybersecurity responsibility is the safety of information, processes and devices that is close to the body, brains and human life.
Summing up, we can say that cybersecurity was part of information security. Now it is the evolution of information security. Now it is precisely on the protection of processes, information and activities in cyberspace that too much depends on simply the loss of information.
The safety of the system, processes, human life – all this falls on cybersecurity.