Cybersecurity and Information Assurance: Bridging the Gap

Abstract

Both cyber security and information assurance have been more or less intertwined especially in the current society where innovation and technology has remained the core business of most organizations in the global v`=y. While cybersecurity is the protection of systems, networks and data against possible attack, information assurance will ensure confidentiality, availability and integrity of information in an unending fashion. However in practice, they are the components of that security strategy and although getting them integrated can pose some conceptual challenges, the process involves technical, organizational and cultural dimensions. In this paper I’m going to explain the differences between these two fields and how do they match – to what extent they have to ‘perfectly fit’ each other for the sake of constant functional threat-protection and data dependability warfare. More specifically, it points out that applying the structural-mapped techniques such as NIST, ISO 27001 or COBIT can guide on how to structure the methodologies to address the gap. Also, technological advancements such as artificial intelligence, block chain and IoT security are presented as potential solution to cybersecurity and assurance. Nonetheless, human and culture aspects are considered relevant to integration in the process. This is because challenges; structural silos, disparities in goals and objectives and lack of expertise reduce the likelihood of synergy between cybersecurity and information assurance. The means of addressing these barriers are through training that involves cross training, growing interdependency, and increasing security through leadership and delegation responsibilities. This is due to the application of frameworks together with emerging technologies and people in formulating a strategy with elements of both tactical and strategic cybersecurity.