Difference Between Information Security & Cyber Security

·       ICT (Information and Communication Technology) Security

In this context, ICT security refers to relevant incidents as well as measures, controls, and procedures applied by enterprises in order to ensure integrity, confidentiality, and availability of their data and ICT systems.

Data: – Maybe anything. Ex:- 03031989

Information: - The data which is having some meaning. Ex:- 03031989 is a date of birth of someone.

Basic Definition:

Cyber Security: The ability to protect or defend the use of cyberspace from cyber-attack.

Cyber security is about securing things that are vulnerable through ICT. It also considers that where data is stored and technologies used to secure the data. Part of cyber security about the protection of information and communications technologies – i.e. hardware and software, is known as ICT security.

Information Security (1): The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

Information Security (2): Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide —\

1)   integrity, which means guarding against improper information modification or destruction;

Attack -   Modification

2)   confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information;

Attack – Interception

3)   availability, which means ensuring timely and reliable access to and use of information.

Attack - Interruption

 Information security is all about protecting the information, which generally focuses on the confidentiality, integrity, availability (CIA) of the information.

Following Venn diagram can be helpful to understand the differences.

Reference- Center for Cyber and Information Security (https://ccis.no/cyber-security-versus-information-security/)

In the diagram below, we can see that right side Venn diagram represent the Cybersecurity (things which are vulnerable through ICT, it includes information, both physical and digital, and non-information such as cars, traffic lights, electronic appliances, etc.), while left side represent the information security (which consist of information both digital and analog).

Note that IT security is the protection of information technologies. Practically, there is no difference in ICT security and IT security. As you can see in the following picture that both sets are having some overlap. Below diagram illustrates the relationship between ICT security, cyber security, and information.

Reference- Center for Cyber and Information Security (https://ccis.no/cyber-security-versus-information-security/)

(http://www.cisoplatform.com/profiles/blogs/understanding-difference-between-cyber-security-information)

MEECES– Meaning of Hacker

Max Kilger likes to get into the heads of computer criminals. Throughout his many years of research, he's developed a motivational profile he calls "MEECES" - for money, ego, entertainment, cause, entrance to social groups and status. Max Kilger likes to get into the heads of computer criminals. He chats with these people at conferences and online and studies their behavior when they hack inside Honeynet's decoy computers. Throughout his many years of research, he's developed a motivational profile he calls "MEECES" - for money, ego, entertainment, cause, entrance to social groups and status. MEECES is a modification of the FBI and military security's counterespionage profile called MICE - which stands for money, ideology, compromise and ego. Kilger outlines behavioral motivators in a 60-page chapter on hacker profiling in the second edition of the Honeynet-developed book "Know Your Enemies," due from Addison Wesley in May. Here's the upshot of those motivators:
Money - Stolen credit cards become currency for certain crime rings and social groups of carders who trade them for access to other compromised credit card databases.

Ego - Spanning the entire spectrum of the community from black hat to white hat hackers, ego is the drive to solve a problem, look at the code, see how something works, and then get it to do something it wasn't created to do.

Entertainment - The bored teenager syndrome is not as strong as in the days of big disk drives and mainframes, but it remains a motivator. "You'll still see a hacker break into a system, trash it up and sit back and watch the system administrator scurry around trying to save it," Kilger says.

Cause - Think hacktivism, mostly Web site defacements and distributed denial-of-service attacks for politics and ideologies.

Entrance into social groups - Hackers achieves this by sharing their successful break-ins with the groups they want to be included in.

Status - This is the strongest motivator among all hackers, crackers, and carders because their main emphasis is on skills. The higher profile the target, the higher their status.

Reference - http://www.networkworld.com/article/2330885/lan-wan/meeces-to-pieces.html

Hackers are able to do a lot more today, without the steep learning curve. The FBI define the motivation of individuals who commit espionage against the country, with the acronym, MICE, money, ideology, compromise or coercion, ego or extortion. Researcher, Max Kilger, proposed that the motivations for the hacker community can be thought of as MEECES, money, ego, entertainment, cause, entrance, and status. Attackers could be outsiders, competition, hacktivists, organized crime, terrorists, governments, even hired guns!

Reference - https://courses.edx.org/courses/course-v1:RITx+CYBER501x+2T2017