Quiz Entry - updated: 2026.05.28
How do information security, IT security, and cyber security differ in scope?
Information security is the broadest (any medium); IT security covers IKT systems; cyber security covers internet-connected systems.
Think of nested circles, widest first:
- Information security — protects information regardless of medium: electronic, paper, or "in the heads" of employees. The widest concept.
- IT security — protects IKT systems (information & communication technology) against threats. A subset focused on the tech.
- Cyber security — protects internet-connected systems and the things/people reachable through cyberspace (e.g. browser security). Often the narrowest, internet-facing slice — but note it also covers protecting non-information assets reachable via the net.
Why the distinction matters: a shredding policy for printed documents is information security but not IT security. Scoping a programme as "cyber" only can leave paper, insiders, and offline data unprotected.