If you're exploring up-and-coming fields within information technology, you've likely wondered, what is cyber security vs. information assurance? You're certainly not the only one. The names of the two disciplines are often used interchangeably by those outside of the IT field, though they are very different.
Just ask Andrew Mahaney, an information technology faculty member at American InterContinental University. Mahaney works full-time for a defense contractor and formerly was employed by the National Security Administration and the FBI.
In a nutshell, Mahaney says, cyber security refers to the ability to defend against cyber attacks, protect resources, and prevent cyber attacks. "So we are defending our computers, networks and our internal and external communication links via cyber security," he says.
In contrast, someone who works in information assurance assesses risks and vulnerabilities and puts together a management plan for minimizing issues, Mahaney says.
Read on for a more detailed understanding of the differences between cyber security and information assurance so you can decide what career path is right for you.
What Exactly are Cyber Security and Information Assurance?
The term "information assurance" was first used by the U.S. government, but it has since made its way into common usage as an all-encompassing definition of "the technical and managerial measures designed to ensure the confidentiality, possession or control, integrity, authenticity, availability, and utility of information and information systems," according to PC Magazine1.
While the term cyber security might be more familiar to those outside the computer security world, it is actually a bit less broad in its definition and is considered a subset to the definition of information assurance. Specifically, PC Magazine defines cyber security as the protection of data and systems in networks that are connected to the Internet.2
Common job titles for people who work in either field include information security analyst, computer security specialist, data security administrator, information security analyst, information security specialist, information systems security analyst and information technology security analyst.3
How are Information Assurance Degrees Different from Cyber Security Degrees?
Degree programs for the two disciplines can be similar. An information assurance degree (which also can be known as an information security and assurance degree) gives students an overview of the constantly changing procedures and challenges that face this industry sector in the world today. Throughout the course of a quality IT security degree program, students can learn how to:
- Apply best practices and effective procedures to current and relevant information security and assurance problems and challenges.
- Create and implement computer and system network defense, both in basic forms and in detail.
- Evaluate existing security programs and systems for threats and learn how to fix those threats.
- Develop solutions and practices that can be applied to network security maintenance and integrity.
- Understand the components and requirements of system security procedures, as well as professional industry expectations.
If the IT security field fascinates you, it's a great time to consider an information assurance degree, given growing concerns about hackers and the need for analysts who can come up with innovative solutions to stymie them.
While both career paths are great choices, Mahaney says he believes a degree in information assurance is the way to go.
"Both are very strong," he says. "But information assurance focuses on risk assessment, which is what corporations and the government are very interested in right now."
The numbers back him up: Employment of information security analysts is projected to grow 37 percent through 2022, much faster than the average for all occupations, according to the U.S. Bureau of Labor Statistics.4
Ready to learn more? Explore IT degrees at AIU.
1. PC Magazine, on the Internet at http://www.pcmag.com/encyclopedia/term/44936/information-assurance (visited 3/11/2015)
2. PC Magazine, On the Internet at http://www.pcmag.com/encyclopedia/term/40643/cybersecurity (visited 3/11/2015)
3. O*Net, On the Internet at http://www.onetonline.org/link/summary/15-1122.00 (visited 3/11/2015)
4. Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2014-15 Edition, Information Security Analysts, on the Internet at http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited 3/11/2015)
The presence of specific potential jobs on this list does not guarantee availability of career opportunities. All statistics referenced are national historical averages and the figures in your area and at the time of your job search may be different.