Cyber Security vs. IT

Did You Know There Are Differences Between Cyber Security And IT Professionals?

>IT is responsible for your infrastructure.
>Cybersecurity is responsible for your data transit security.
Including finding vulnerabilities on websites, email systems & your work or home network.

There is a lack of understanding about the roles of cybersecurity and Information Technology(IT). Most organizations have a false sense of security about their overall protection. In this post, I will try to explain the differences between the two.

What is the role of IT?
Think of your home or business as your IT infrastructure. There are internal and external sides of your IT infrastructure. The internal side is the side of your router that protects your devices from unwanted and malicious traffic from the internet. Devices on your internal network are, phones, printers, and computers. The internal side is normally managed by your IT team.

What is the role of Cybersecurity?
In this scenario, We will focus on the external side of your IT infrastructure. The internet-facing side of your router is normally owned by your Internet Service Provider(ISP). Let’s say you need to drive to your bank to perform a transaction walking or driving. The envelope you are carrying is called a package. Hackers want to steal what’s in your package before you get it to the bank. Cybersecurity professionals will help protect your package while in transit (Package = Packets).

There is a lot more to cybersecurity and IT, but this is a 10,000 ft. view of the two. I hope you understand the roles of the two so will able to help your organization pursue a robust security posture.

Proactive PenTesting and Internal assessments are performed to help your IT and Cybersecurity teams find backdoors in your organization’s IT system before hackers find them.

IT is responsible for your infrastructure.
Cybersecurity is responsible for your data transit security.

There has been much confusion around three names in the computer field. Cyber Security (Cybersecurity), Information Technology (IT), and Information Security (InFoSec). I believe knowing the differences between these names will save business owners billions of dollars over the long term. It will equip them to ask the right questions when it comes to saving their businesses from breaches. Today most business owners believed they are protected or believe they won’t get breached because it will always happen to someone else, but not our business.

What is Information Technology?

“Information Technology (IT) refers to the use of computer technology to manage information. The field of IT encompasses all computer software, hardware, and related devices employed in the processing, transfer, storage, and dissemination of data whether it’s on a computer, smartphone, TV, or another medium. Every time you download a song, stream a movie, check your email or perform a web search, you’re accessing IT services. Areas of study that fall within IT include database development, computer networking, software engineering, data analysis and more”.

Information Security:
“Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms information security, computer security, and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity, and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity, and availability of data regardless of the form the data may take: electronic, print, or other forms.”

Cyber Security:

Cybersecurity personnel understands how hackers can change, intercept or steal transmitted company data within your local network or over the internet. They deploy software or hardware to block or prevent unauthorized access of transmitted data.  They are also known as an “ethical hacker” or penetration tester. They find holes in your network before hackers do and repair them.

Per Cisco:

“Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative”.

Per FireEye:

“Cybersecurity has never been simple. And because attacks evolve every day as attackers become more inventive, it is critical to properly define cybersecurity and identify what constitutes good cybersecurity.

Why is this so important? Because year over year, the worldwide spend for cybersecurity continues to grow: 71.1 billion in 2014 (7.9% over 2013), and 75 billion in 2015 (4.7% from 2014) and expected to reach 101 billion by 2018. Organizations are starting to understand that malware is a publicly available commodity that makes it easy for anyone to become a cyber attacker, and even more, companies offer security solutions that do little to defend against attacks. Cybersecurity demands focus and dedication.

Cybersecurity protects the data and integrity of computing assets belonging to or connecting to an organization’s network. Its purpose is to defend those assets against all threat actors throughout the entire life cycle of a cyber attack.

Kill chains, zero-day attacks, ransomware, alert fatigue, and budgetary constraints are just a few of the challenges that cybersecurity professionals face. Cybersecurity experts need a stronger understanding of these topics and many others, to be able to confront those challenges more effectively.

The following articles each cover a specific cybersecurity topic to provide insights into the modern security environment, the cyber threat landscape and attacker mentality, including how attackers work, what tools they use, what vulnerabilities they target, and what they’re really after”.

So there you have it!
Business owners might still get confused when they hear these terms, but a good way to think this thru is to remember years ago how you never heard of companies losing billions of dollars from people who never been to the USA or stepped into your local bank and are able to withdraw from your account that at times seems very difficult when you go thru a drive-thru.

The bad guys can by-pass those tellers that you think should know you by now. So cybersecurity personnel is here to fight those bad guys on their level to protect your assets and critical data.

Leave a Comment

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.