Infosec vs. Cyber -- which is it?
this is your brain's processing power

Infosec vs. Cyber -- which is it?

Who cares?

I recently witnessed a silly bunfight between two professionals slugging it out in public over whether “information security” and “cybersecurity” were the same thing. And whether physical security was part of either.

Honestly. This is the kind of dogmatic pedantry that gets companies popped. If I may be allowed to quote Hamlet:

“Words, words, words, words, words.”

With apologies to Shakespeare, words are a signpost to the things themselves, and not the actual thing. You need to go past the words to engage with reality. Words and metaphors are constraints that filter an overwhelming volume of sensory input.

Security work requires you to engage with reality as it is, not as you wish it to be, but as it actually is, and that means seeing past words and discarding filters and metaphors to more adequately engage with the world.

That’s all a bunch of fancy theory to mean the following: It doesn’t matter whether we call the work “information security” or “cybersecurity” or even, in 2024, “physical security”. It's all the same thing.

Read More: https://ninja.cybercybercybercyber.ninja/p/infosec-vs-cyber

要查看或添加评论,请登录

J.M. P.的更多文章

  • "IT" is Dead

    "IT" is Dead

    Now it's mostly Security It is now possible to build a company without an IT team. Anyone under 40 can set up a laptop…

    2 条评论
  • Bottom-up Security Doesn't Work

    Bottom-up Security Doesn't Work

    Choosing not to govern is still a governance choice Barn-raising is an effective way to build software, especially open…

  • If Education is the Solution to Your Security Problem, Then You've Already Failed

    If Education is the Solution to Your Security Problem, Then You've Already Failed

    A new scientific study confirms what has been obvious to me for years in the trenches: Security awareness training is…

    8 条评论
  • SOC 2 in Crypto is Pointless

    SOC 2 in Crypto is Pointless

    Legal Risk and Security Risk Are Not The Same I find it astonishing that in the year 2024 I have to say this out loud…

  • Make Sure We Never Get Hacked (How not to measure a CISO's job performance)

    Make Sure We Never Get Hacked (How not to measure a CISO's job performance)

    An innocent approach to measuring the performance of the security job function would be to measure the number or…

  • CISOs Need to Speak the Language of Business

    CISOs Need to Speak the Language of Business

    I was chatting with a security vendor I won’t name, and their CEO told me during the call, “Wow, it’s so refreshing to…

    1 条评论
  • The CISO as Chief Cyber Risk Officer

    The CISO as Chief Cyber Risk Officer

    I’ve been meeting a lot more CROs in industry lately, and for some companies centralizing all risk management in one…

    2 条评论
  • Bottom-up Security Doesn't Work

    Bottom-up Security Doesn't Work

    Choosing not to govern is still a governance choice Barn-raising is an effective way to build software, especially open…

  • The North Korean Love Triangle

    The North Korean Love Triangle

    What happens when you combine market competition with warfare? Crypto companies are trapped in the North Korean Love…

  • Web3 Security: Brittle or Resilient?

    Web3 Security: Brittle or Resilient?

    Outside of crypto, your tech startup’s primary competition comes from other companies—established players you want to…

社区洞察

其他会员也浏览了