Cryptography evolved. Let’s call it information security
Starting with cryptography
To start, we must state that cryptography is not a new subject. People always wanted to transmit information but also hide it from others to whom they did not want to give access to. The classic cryptography methods consisted of transposition ciphers that rearranged the row of the letters in a message. Even hiding ciphers in someone’s hair was used as a method for hiding information.
Modern cryptography though uses other techniques as for the most part messages are sent by computers. Its main objectives are confidentiality, integrity, non-repudiation and authentication. Analyzing the first two of the above mentioned concepts, we must notice first that confidentiality refers to the concept that the information can not be interpreted by someone to whom it is not intended for. Integrity on the other hand refers to the concept that information can not be altered without the alteration being detected. Non-repudiation and authentication introduce two new concepts. The first refers to the fact that the sender of the message cannot deny at a later stage his/her intentions for the transmission of the information. Meanwhile. authentication suggests that sender and receiver can confirm each others identity.
What about information security?
Information security does exactly what cryptography does. It hides information from unauthorized access. Modern date information are not transmitted by ciphers from one place to another. It is not even sent from another computer to another. As we all well know it is being stored in large servers, even more lately in the cloud, and authorized persons can access it from anywhere. But unauthorized people want to have access too. So, there comes information security.
Confidentiality, integrity availability and non-repudiation play a crucial role when it comes to information security. As we see main concepts in information security remain the same as in cryptography. Of course, the term of availability is now more that ever important as people who need to and are authorized should be able to have direct access to data.
Trends in information security
As in 2014 many threats were detected and many data breaches were achieved, information security now seems more important than ever. Experts claim that five majors trend dominate/will dominate 2015
Cybercrime, hacktivism, increased cost of conformity to deal with regulatory requirements and relentless advances in technology while continuous under investment in security departments, can all combine to cause great threat.
Privacy and regulation
Ever growing state regulations will cause organizations to treat privacy as a compliance and business risk issue, in order to reduce regulatory fees, sanctions and business costs.
Threats from third party providers
Security chiefs everywhere are growing more concerned about dealing with numerous risk factors when it comes to supply chains providers who are nonetheless a vital part of any business.
Bring your own trends in the work space
Employees bring mobile devices, applications and cloud-based storage and access in the workplace and so information security risks rise like never before
Engagement with your people
Employees behavior need to be shifted in order for them to be the first line of defense in the organization’s security and not a potential threat.
As we have seen cryptography evolve into reaching modern day information security techniques, we can’t help but wonder what the future will bring for the concealment of our precious data…
Author: Anargyros Michaletos