For the term “information security” it can find a match in ITU-T.
- Term : information security
- Definition : Security preservation of confidentiality, integrity and availability of information.
- Source : X.1051 (04), 3.3
Note, in ISO 27000 it is defined almost identically as:
- information security
- preservation of confidentiality (2.9), integrity (2.25) and availability (2.7) of information
- NOTE In addition, other properties, such as authenticity (2.6), accountability (2.2), non-repudiation (2.27), and
reliability (2.33) can also be involved.
For the term “cybersecurity” it finds following (ITU-T).
- Term : cybersecurity
- Definition : Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following:
– Integrity, which may include authenticity and non-repudiation
- Publications :
ITU-T X.1205 (04/2008)
But how about ISO standards? It is much more tricky to find a definition. There is a coming ISO standard 27032, which is applying the definition of information security into cyberspace…
- Cyberspace security
- preservation of confidentiality, integrity and availability of information in the Cyberspace
- NOTE 1 In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.
- NOTE 2 Adapted from the definition for information security in ISO/IEC 27000:2009