Cybersecurity: Notorious, but Often Misused and Confused Terms
The article deals with the issue of the terminology used in the implementation and provision of cyber and information security. Although this terminology is understood as notoriety, practice shows that there are different perspectives on defining "the same". Nowadays, mainly in the context of the adoption of Directive (EU) 2022/2555 of the European Parliament and of the Council on measures to ensure a high common level of cybersecurity in the Union (NIS 2), there is a need for a consistent interpretation and, in particular, understanding of the terminology used so that cybersecurity and information security can be truly ensured. After analyzing and comparing the various definitions, the paper presents clear, general but universally applicable definitions of key terms. The relationship of these terms is presented within a conceptual model and also through a practical example.
Cybersecurity; Information security; Event; Threat; Asset; Vulnerability; Risk; Control; Information Security Management System; Security Terminology
281 – 305
Copyright © 2023 Masaryk University Journal of Law and Technology