Commonly confused security topics

Commonly Confused Security Topics

Working in cybersecurity and information security tests your skills and abilities, forcing you to keep learning and studying. It means a lot of hard work, especially when you must keep up with all the common terminology and security principles that come with the territory. Add to that the constant change and innovation that happens within information technology, and you’ve got a complex set of parameters that you have to understand and continuously learn about.

It is therefore no surprise that there are some common misconceptions about certain topics relating to information security, and getting terminology confused doesn’t leave a good impression in a professional environment. Sometimes people will confuse security topics because they are similar or sound the same as something else.

Let’s delve into the subject and reveal some of the most commonly-searched-for security topics that people tend to get confused with, and hopefully dispel some of the bad information that’s out there.

Cyberthreats versus cyber-risks

These two terms get thrown around a lot. Perhaps it’s because they are sometimes used interchangeably during a discussion — after all, a threat and a risk do have similar meanings. However, there are some key differences between the two when used in a cybersecurity context. Let’s look at the definitions of each on more closely.

How would you define cyberthreats?

The Oxford Living Dictionaries defines cyberthreats as “The possibility of a malicious attempt to damage or disrupt a computer network or system.” Another way to think of cyberthreats is that they are the likelihood or the potential occurrence of a malicious event such as a malware infection or hacking.

Common examples of cyberthreats are:

  • Malware
  • System breaches
  • Social engineering: Non-technical theft of user credentials such as passwords and login details
  • Phishing
  • Zero-day exploits

How would you define (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Graeme Messina. Read the original post at: