Cyber security refers to the security of digital information stored on electronic networks, as well as the security of the networks that store and transmit information. However, there is little consensus on how exactly it is defined. Cyber security is sometimes used interchangeably with information security.
“…the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.”
Information security and cyber security refer generally to the same thing. However, information security is used by organizations and IT professionals, while cyber security is more generally used in policy debates, and when information security issues are framed as national security issues.
This definition is somewhat broader than information security. Rather than just protecting information systems, it also protects cyber space and internet user’s assets. It refers to not just the securing of information systems, but also to the use of information systems to secure assets.
The concept of cyber security is currently undergoing a deepening and widening use. Cyber security and information security were previously technical concepts, discussed mainly by geeks, IT professionals, corporations, states, and military, intelligence and security agencies. The concepts are now increasingly important to us all and have expanded to include more than the previous narrow concerns of the technical community, businesses and the state. This emphasizes the importance of expanding opportunities for more and more stakeholders to engage in cyber security issues.
When cyber security is framed as a national security issue, issues regarding technology and the internet are securitized—brought onto the security agendas of states. This may be counterproductive. State actors may have a conflict of interest in securing information; militaries, for example, may want to develop offensive weapons, while intelligence agencies may rely on breaking or circumventing information insecurity in order to better surveil their targets. Cyber security may also be used to protect state secrets, and criminalize whistleblowers as cyber security threats.
Civil society may be marginalized as a result of this. Focusing on the state and its security, “crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system.” As a civil society, we must make sure that we can harness the broadening of the concept of cyber security without marginalizing our role as stakeholders. When we talk about cyber security, what is at stake is the voice and power of civil society as a stakeholder.