IT Examiner School

Cybersecurity vs. Information Security Information Security – “protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide I ntegrity, C onfidentiality, and A vailability.

Cybersecurity (NIST) – “Ability to protect or defend the use of cyberspace from cyber attacks”

Cybersecurity (CISA) - art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring c onfidentiality, i ntegrity, and a vailability of i nformation.

Key Drivers – ISP Framework

Legislative Compliance • Gramm-Leach-Bliley Act • Sarbanes-Oxley Act • Homeland Security/CISA Critical Infrastructure • Health Insurance Portability and Accountability Act (HIPAA) • Health Savings Accounts • State Regulations