Skip to main content

Information Security

Information security is the practice of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction through administrative, technical, and physical safeguards.

Expanded Explanation

1. Technical Function and Core Characteristics

Information security focuses on preserving the confidentiality, integrity, and availability of data and systems, often called the Change Impact Analyzer (CIA) triad. It uses controls such as authentication, authorization, encryption, logging, and incident response to manage risk. Information security programs follow risk management principles and align with frameworks and standards to define policies, procedures, and control baselines.

Information security applies across data states, including data at rest, in use, and in transit, and covers both digital and non-digital information assets. It addresses threats from malicious actors, insider misuse, human error, and system or process failures through layered, defense-in-depth control architectures.

2. Enterprise Usage and Architectural Context

Enterprises implement information security as an integrated discipline that spans governance, identity and access management, network and endpoint protection, application security, data protection, and Security Operations (SecOps). Architectures typically align with standards such as ISO/IEC 27001, NIST SP 800 series, and industry or regulatory requirements.

Information security architectures define roles, responsibilities, control ownership, and assurance mechanisms across business units, IT, cloud platforms, and third parties. They support compliance with regulations and contracts and inform security-by-design practices in enterprise architecture, solution design, and procurement.

3. Related or Adjacent Technologies

Information security relates to cybersecurity, which focuses on protecting systems, networks, and data in cyberspace, and to IT security, which focuses on computing infrastructure and services. It also aligns with privacy engineering, data governance, and operational risk management disciplines.

Information security uses and coordinates technologies such as identity and access management platforms, Public Key Infrastructure (PKI), Security Information and Event Management (SIEM), Endpoint Detection And Response (EDR), Data Loss Prevention (DLP), and encryption and key management systems. It interfaces with IT service management and business continuity and Disaster Recovery (DR) capabilities.

4. Business and Operational Significance

Information security supports continuity of operations, protection of intellectual property, and compliance with legal and regulatory obligations. It helps organizations maintain data quality and system reliability and reduce the likelihood and impact of security incidents.

Information security programs enable organizations to define risk appetite, enforce control requirements, and monitor security posture across on-premises (on-prem), cloud, and hybrid environments. This allows business units, product teams, and partners to use information assets under defined and monitored risk conditions.