Back to glossary

Information Security

The practice of protecting information by mitigating information risks, ensuring confidentiality, integrity, and availability.

AbbreviationInfoSec
Categorysecurity

Overview

Information Security (InfoSec) is a broad field that encompasses the strategies, tools, and policies used to protect digital and physical information from unauthorized access, use, disclosure, disruption, modification, or destruction.

The CIA Triad

  • Confidentiality: Ensuring that information is accessible only to those authorized to have access.
  • Integrity: Safeguarding the accuracy and completeness of information and processing methods.
  • Availability: Ensuring that authorized users have access to information and associated assets when required.

Key Components

  • Policy and Governance: Establishing rules and frameworks for security.
  • Risk Management: Identifying and mitigating potential threats.
  • Incident Response: Planning for and reacting to security breaches.

Related Terms

Network SecurityApplication Security