I’m feeling the walls of our linguisitic purity come crashing down, battered by the waves of language evolution. In short, I’m ready to acknowledge an increasingly popular usage, and start using the trendy term ‘Cybersecurity’.
Such terminological transitions are no new thing in a space that could still legitimately be labeled as ‘computer security’. Working for a beltway bandit in 1995, I have vivid memories of a passionate beer-fueled discussion over the relatively new term ‘information security’, and whether that was an appropriate designation for an increasingly significant discipline, or just a pretentious and hyped new label.
Since that time, my friends in the military-industrial ghetto have recharacterized the holistic approach to ensuring that nothing bad happens to stored communications as ‘information assurance,’ and arguably arriving several years later, the commercial world has an essentially equal set of expectations for the term ‘information risk management’.
Meanwhile, Gartner is fielding a record number of calls on ‘CYBER’ security topics. Unsurprisingly, the answers vary when we try to dig deeper into the underlying questions. When I asked one Cybersecurity vendor just what they thought the term meant, they explained that it referred to ‘computer security–with the Internet’. Given that I’ve been on the Internet, and involved in security topics, since 1987, I just didn’t find that a satisfactory answer at the time. Yet, the more I think about it, the more it rings true.
In today’s parlance, ‘cyber’ clearly equates to ‘digital’. With all due respect to Norbart Wiener, and his groundbreaking work in the field of cybernetics, a prefix inspired by the Greek word for ‘steersman or rudder’ has been hijacked by 30 years of speculative fiction, losing its association with the esoteric concepts of ‘control’ and ‘systems’.
For the overwhelming majority of people, ‘cyberspace’ refers to the Internet, and by extension, anything with an IP address. Cybersecurity essentially applies to the realm of all that is digital, be it an office computer, a personal table, operational technology, or next year’s digital refrigerator. While the term certainly implies the role of Internet connectivity, that distinction is becoming less significant for the inhabitants of an ‘Internet of things’.
The good news is that we no longer have to be worried about paper. The self-identified practitioners of ‘Information Security’ have spent the last 20 years grappling with the dilemma of the printed page, and to a lesser degree, with the implications of human memory. Cybersecurity means freedom from the thankless task of trying to protect information outside of the digital realm.
Computer Security is dead; long live computer security. I wonder what they will come up with next.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.