WEEK 1 Learning Information Security: Context and Introduction Notes

avatar
(Edited)

To begin with, I am very passionate about technology in general but with specifics to Information Security. To me, this field has so many interesting and diverse topic. It is an intersection between law, technology, math, economy, philosophy and psychology. I have been finding myself thinking about the possibility of getting into a master degree in information security but apparently, one must have Bachelor degree in tech related field. So, I do not know if administratively I will still eligible to be a student but I do know that I can learn this online these days. Hence why, I am currently taking an introduction to information security from Coursera.

image.png

This picture seems to be fitting.


This is intended to be my first week notes on my learning which will be edited regularly until I finished all the materials from the week 1 and taken the test. As of today, I have been learning about the definition of Information Security. It is interesting that the instructor from University of London mentioned wikipedia definition of it. However, there are other definition from ACM [Association of Computer Machinery] who defines cyber security as a computing-based discipline involving technology, people, information, and processes to enable assured operations of an organization.

The keywords are :

technology, people, information and process.

Also, from what I gather, cyber security and information security are synonymous and often used interchangeably.

Then, I was learning about three important pilars of Information security or known as CIA. No, it's not american intelligent service but it's an acronym from Confidentiality, integrity and availability. However before learning the Triad of CIA, I was reading a paper from Watkins about introduction to Information security that uses "Money" as a way to elaborate the meaning behind information security. I think the paper was interesting because money seems very invaluable to many of us and that emphasizes how we should treat information. There are three aspects explained in the paper which can be summed up to : Confidentiality - because you don't want others to spend your money or have access to it. This result in limited access. Second is Availability meaning you want to spend your money whenever you want it. However what if you visit foreign country? well certainly there will be restriction hence why, you need to know these restrictions. The last one is Integrity. How do you know the money isn't fake when you visit another country for the first time? essentially you go to a trusted exchange and you trust them, often blindly. That being said, these three pillars are important while handling the security of information.

So that's all for Day 1. Stay tuned if you want to learn about information security with me. If you have other means of learning, don't hesitate to leave me a comment so I can read them.

Reference

“INFORMATION SECURITY — WHAT’S THAT?” An Introduction to Information Security and ISO27001:2013: A Pocket Guide, by STEVE G WATKINS, 2nd ed., IT Governance Publishing, Ely, Cambridgeshire, 2013, pp. 13–17. JSTOR, www.jstor.org/stable/j.ctt5hh3wf.5. Accessed 27 May 2020.



0
0
0.000
0 comments