Cybersecurity Term Use | Internet Law, Business & Data Security Law

Cybersecurity term use may not be as clear as it is used in every day conversation. Cybersecurity as a term has been bouncing around by many without carefully determining what it encompasses. The same can be said of ‘data security,’ it’s sibling. From an operational aspect advising client it is important that there be clear understanding what we are talking about. It is also important as we devise letters to the affected public in the event of a cyber incident, data breach, cyber-attack, or cyber theft. When an entity is developing policies, it is important to define these clearly for the benefit of personnel training, administrative audits, cyber audits, compliance reviews, cloud contracts, data storage agreement, and even insurance coverage.

Unfortunately, the terms have been used interchangeably and been misused. The term ‘cyber’ began to be loosely used after President Obama referred to the subject by using the term ‘cyber’ in seeking to appoint a ‘Cyber Advisor.’ What would have been more appropriate term was ‘data security,’ because the issue was about data and information protection of physical information. Ever since, the terms have been loosely used in state capital legislatures and as well among members of the U.S. Congress in their usual parlance. However, operationally, in practice dealing with clients and their issues, the terms should not be dealt loosely and should be termed appropriately.

This post seeks to clarify the terms to avoid further misuse and mischaracterization of the terms when they are referred to in business and entity operations, policy implementations, and in legal discussions. As they are loosely used, they are given the meaning for protecting information from unauthorized access. The failure to distinguish allows for gaps in insurance coverages and misdiagnosed issues in audits and in personnel evaluation. The same can be said that by failure to make the valid distinction, appropriate information technology performance is as well missed diagnosed.

In governmental policy circles ‘cybersecurity’ is the prevailing nomenclature, however, the provision that addresses cybersecurity is termed as the Federal Information Security Management Act (FISMA). Among information technology professionals and in select industries, i.e., accounting, financial, and medical, the term referred to as ‘information insecurity.’ Yet, that terminology requires clarification, because of the form of the information. The digital age is here and the information that we derive from digital networks and processes means can be termed data, digital documents, digital records, as opposed to physical information. Once that physical information is digitized, it becomes digital data.

For purposes of addressing systems, networks, and platforms, cyber security is most appropriate. For purposes of addressing the element of communication, or what is being transferred, sent, stored, or received, data security is most appropriate. As files are maintained the entity’s concern is its network integrity or network security.

Terms have been treated interchangeably. For instance, because of the interface of servers being accessed amid multiple users accessing, transmitting, and sharing the data, the practical reference is cybersecurity. The term is referring to the integrity of the system managing the activities and functions. What we see then is the digital feature of the data. So, cybersecurity is the macro systemic interface activity of networks, Internet, Intranet, email trunks, and data channels involved in the transmission, storage, and maintenance. Hence, data security is the process of addressing access permission and the scope of that access. As data-security is applied, the issues discussed cover unauthorized disclosure and access, breach of confidentiality, and data misappropriation.

As one refers to data security the reference is most appropriately placed on the information identified. Conversely, when the reference is to activity within a network or involving a network, amid devices transmitting data, then cybersecurity is applied accordingly.

Cancel reply

AI Artificial Intelligence Liability April 12, 2019
AI or artificial intelligence is applied delivering services in so many service areas. We see AI at store registers replacing cashiers. There is AI in customer service call centers stylizing call trees before we actually speak to a human being. Banking services implement AI in your banking process. AI is also being used to… […]
Lorenzo Law Firm
Small Business Website January 13, 2019
Small business websites are crucial if a small business is expecting to have a chance of drawing customers. The website becomes the image for the small business that is starting out. A small business website can also hurt the chances for the business to grow. The small business website has varied uses and it also… […]
Lorenzo Law Firm
Startup Copyrights Use January 10, 2019
Startup copyrights issues come up frequently in counseling legal sessions. For many, they perceive that there is a open filed of content hat any startup can avail itself of that would help push their business forward. Not so, is the truth. Savvy business starters know that their intellectual property gives its business import and is… […]
Lorenzo Law Firm
Data Security of ESI November 21, 2018
Data security and the insecurity of electronically stored information (ESI) is ephemeral. Data security is not as predictable as one would prefer to think. Any anticipation of a data security incident or of its origin is absolutely unpredictable. With every incident, the attention is always on possible external sources. All too often, little effort is… […]
Lorenzo Law Firm
Doxing Personal Information November 10, 2018
Doxing personal information is a growing concern to all, to say the least. Personal information online is common, however, with the Internet being so prevalent. Many records are found online, such as, voting, property ownership, even bankruptcies, and new business filings. But what is doxing? Doxing ‘may’ occur when someone publishes online someone else’s personal… […]
Lorenzo Law Firm
Startup Business Cloud Use Issues November 8, 2018
Startup business cloud service is becoming a key aspect in the data management requirements of many entities. Startup business cloud service could save considerable amount of money for a startup. Cloud service of data process becomes, for many, their central component for their data. The decision to use a cloud service, however, should consider the… […]
Lorenzo Law Firm
Internet Freedom November 6, 2018
Internet freedom is surely under stated, considering the extent of communications and the amount of data shared and transmitted. Among the billions of daily data bits transmitted among users, unfortunately there are abuses. Internet freedom is taken for granted by millions of users that resort to the Internet for less than beneficial reasons. Online fraud,… […]
Lorenzo Law Firm
Startup Cyber Insurance October 23, 2018
Startup cyber insurance is not a common consideration as an entrepreneur sets out in to the marketplace. After all, data breaches are always thought of as someone else’s problem. But many business people soon realize that the concerns and possible fears are realistic. The need for cyber insurance is unfortunately getting credible publicity. The notion… […]
Lorenzo Law Firm
Doxing Information October 17, 2018
Doxing information is not a household term. It is slowly becoming part of the daily conversation especially by people who have had their personal information publicized online. Internet information that is available to read on the Internet about anyone is surprising. The Internet hosts way too much information. All users are contributing to its data. … […]
Lorenzo Law Firm
Cease Demand Letter Myths October 10, 2018
Cease demand letters are an expected step before any legal action is taken. Most jurisdictions require a claimant to demonstrate mitigation efforts. Courts respect a claimant’s attempt to resolve the issue of concern. They also appreciate seeing an effort to minimize damages. But what can be surmised by cease demand letters is not what is… […]
Lorenzo Law Firm