The concept of "Cyber Security" is surely the attention grabber of the year. All security products and services enjoy a boost in their perception of importance, and sales, by merely prepending the word "cyber" to their description. But how is cyber security different than just security?
It differs, but it is not an entirely different domain, at least not from the technology perspective.
Security protects against malicious attacks. Attacks involve an attacker, an attack target, and the attack method, which exploits one or more vulnerabilities in the target. When speaking of cyber attacks, it is common to refer to a nation state attacking another, or to an organization attacking a state. Referring to unorganized individual hackers as executing "cyber attacks", while being a common trend, is a blunt misuse of the "cyber" term in its common meaning. And still, cyber security is not as dramatically different than traditional security.
Cyber security is important, because it involves targets of higher profiles and attackers of stronger abilities. It thus requires more good security people doing their security work properly. It also involves, in some situations, additional skills pertaining to proprietary systems. Lastly, it requires to dust off holistic approaches and national security considerations, due to the sheer complexity of national security. Yet, at least from the technology perspective, it does not seem to qualify for an entirely new domain. It is the same security we know -- just more of it.
A very nice post, and I believe there is a lot of room to elaborate on the subject.
I would add that the main catalyzer behind the Cyber hype is the fact that Cyber is a new dimension of war. Firstly, Much like air\sea\land, attacks on the cyber domain have broad implications on national assets. In a addition, the Cyber domain has it’s own rules, arsenal and methods. These two facts are the driving factors behind the Cyber hype.
I would say, in agreement with what you wrote, that from the technology perspective Cyber Security is the same as plain old information security. Information Security is, simply put, part of the arsenal of Cyber defense. I believe that the main “twist” in Cyber Security is the view of Cyber as a domain- a dimension of war with intelligence gathering (like collecting the design of a target from it’s manufacturer), physical interactions (breaching a target facility to put the USB drive in) and a lot of coordination and teamwork done by the attacker.
In conclusion, what I would add to your excellent is the view that a cyber security effort could be as simple as a person monitoring traffic on the network or higher confidentiality of design documents- a broader view of Information Security, which used to be simply a techno-trick to find and neutralize a Virus…