What is information security? (Hint: It’s not cybersecurity)

At a glance

• Information security refers to the protection of sensitive information from unauthorized users by locating and mitigating vulnerabilities. 
• Sometimes known as “infosec,” information security is not the same thing as cybersecurity. Although closely related, cybersecurity is a subset of information security.
• When hiring an information security professional, most employers seek applicants with a bachelor’s degree in a related field, such as computer and information technology, engineering or math.
• University of Phoenix offers several undergraduate and graduate programs that prepare individuals for roles in information technology, including a Bachelor of Science in Cybersecurity. 

Introduction to information security

As businesses and organizations increasingly rely on digital data, information security professionals are positioned to offer valuable technical assistance. But what is information security exactly? Sometimes known as “infosec,” information security falls under the broader information technology (IT) field and focuses on protecting data, checking for vulnerabilities in network systems, blocking unauthorized access and ensuring confidentiality, integrity and availability. 

Information security professionals oversee computer networks and promptly investigate data breaches. They use protective software, like firewalls and data encryption programs, to guard sensitive information. They also stay updated on IT security trends and advise on security protocols and enhancements. 

Sound exciting? It can be. Here, we dig a little deeper in this growing field.

Challenges and opportunities of information security

As data breaches and cyber threats increase, infosec professionals are challenged to develop more sophisticated techniques to thwart malicious or negligent acts. Emerging technologies, like artificial intelligence (AI), also introduce new security challenges, including difficulty detecting ransomware and phishing schemes. 

As a result, there’s growing demand in this field for skilled professionals across various industries. (Think risk management, incident response, encryption and cryptography, for example.) Protecting digital assets, in other words, can take many forms, so embracing a continuous learning mindset can position professionals to thrive in this ever-changing field.

Information security vs. cybersecurity

While some people use the terms interchangeably, information security and cybersecurity are separate fields and have different functions. (The National Institute of Standards and Technology classifies these areas as different fields and lists them separately in its glossary of terms.) 

Cybersecurity is actually a subset of the information security field that focuses on the protection of digital systems and cyber threats, like malware, phishing, ransomware, spyware and hacking.

Information security, meanwhile, encompasses physical, digital and intellectual formats.

The two fields occasionally overlap when it comes to managing digital files. Infosec and cybersecurity also share some of the same minimum education requirements, career paths and necessary tech skills.

Job outlook and salary potential

As of May 2021, information security analysts earned between $85,270 and $141,130, according to the U.S. Bureau of Labor Statistics (BLS). This salary range reflects the 25th and 75th percentiles and varies by location, experience and education, among other factors. 

Some of the highest-paying industries for information security analysts are information, finance and insurance, and computer systems design. 

BLS also projects a 35% job growth rate from 2021 to 2031. This faster-than-average employment increase is partially due to businesses’ need for experts who can manage and solve problems like fraud prevention and data risks. 

Salary ranges and BLS Occupational Employment Projections are not specific to students or graduates of University of Phoenix. Actual outcomes vary based on multiple factors, including prior work experience, geographic location and other factors specific to the individual. University of Phoenix does not guarantee employment, salary level or career advancement. BLS data is geographically based. Information for a specific state/city can be researched on the BLS website.

Skills and certifications

Prospective students can enhance their employability by gaining in-demand skills and obtaining certifications. While not required, employers prefer candidates with a certification, according to BLS. 

Earning those certifications can be its own process. University of Phoenix, for example, offers courses and certificate programs that prepare students to sit for industry certification exams.

“As students complete certain courses that are aligned to industry certifications, they are better prepared to sit for the examinations with such organizations as EC-Council and CompTIA,” says J.L. Graff, MBA, the associate dean of the College of Business and Information Technology at University of Phoenix.

“We also align the skills in IT with our courses so that students are learning current skills in their programs that they can begin implementing in the workforce before they even graduate,” Graff says. 

BLS outlines other important qualities that information security professionals should have, such as:

• Analytical abilities: On a basic level, information security analysts need to know how to examine computer systems and networks, evaluate vulnerabilities, and identify ways to improve security protocols and policies.
• Effective communication: Being able to convey information to both technical and non-technical audiences is crucial when potential threats need to be resolved quickly and with confidentiality.
• Innovative aptitude: Another key responsibility for infosec professionals is anticipating potential information security risks and devising new methods to protect computer systems and networks.
• Attention to detail: There’s a wealth of information to pay attention to when there are cyberattacks, so information security analysts must meticulously observe even minor performance fluctuations.
• Problem-solving expertise: Working under pressure is especially needed when it’s time to uncover and promptly address security alerts.

Earning your degree at University of Phoenix

According to BLS, many information security positions require a bachelor’s degree in a computer and information technology or a related field.

While there isn’t a specific information security program available at University of Phoenix, several undergraduate and graduate programs include information security in their curriculum for fundamental and advanced knowledge:

In the Associate of Science in Cybersecurity program, students gain specialized knowledge in information security concepts, networking fundamentals and critical reasoning while developing essential communication and teamwork abilities. 

If you want to deepen your understanding of topics like cloud computing, wireless security and cyber domain, consider the 100% online Bachelor of Science in Cybersecurity program. You’ll acquire essential skills in disaster recovery, identifying vulnerabilities, network strategy and network defense fundamentals to safeguard organizations’ data while ensuring confidentiality.

University of Phoenix also offers a flexible Master of Science in Cybersecurity program to enhance understanding of cybersecurity and enterprise-level operations. You can even tailor your degree with elective courses in either leadership/auditing or tactical cyber. 

For those looking for a quicker way to upskill, the undergraduate Information Assurance and Security Certificate program comprises six core courses that are a mix of networking fundamentals and basic infosec concepts, like cryptography and encryption.