FAQ n.139293

The use of the term ‘information security’ in Part-IS, as opposed to ‘cybersecurity’, is deliberate and significant. This terminology is chosen to encompass a broader range of risks associated with information systems. Unlike ‘cybersecurity’, which primarily focuses on protecting data from digital threats in cyberspace, ‘information security’ is extended beyond the digital realm to include analogue threats. This comprehensive approach acknowledges that vulnerabilities and threats to information systems can arise in both digital and physical formats, thereby necessitating a wider scope of protective measures and considerations.