Information Security Domain
- David Doret
- David Doret (Open Measure)
Information Security Domain
Alternative Forms
Cybersecurity Domain
Domain
InfoSec Domain
Security Domain
Sub-domain
Definitions
Definition 1 - A community of interest governed by authorities
An Information Security Domain is a bounded and coherent system. It is composed of entities that constitute a community of interest, identities, and/or resources. It is governed by common authorities that issue policies. These policies prescribe if and how entities are authorized to perform which operations on which resources.
The term is loosely used to designate diverse combinations of micro- and macro-systems as long as they are regarded as a whole, thus context is paramount for clarity.
Samples
Alice, the CISO, was accountable for the security of a vast, complex and heterogeneous Information Security Domain. But she wasn’t the kind of persons who duck their responsibilities. She just rolled up her sleeves and tackled the challenge.
Conceptual Diagram
Definition 2 - A field of study
Information Security Domain, often with the definite article “the” as in the information security domain, designates the information security field of study.
Samples
Bob was looking for a research question to conduct his research project. But the Information Security Domain is vast and Bob felt overwhelmed. He sought advice from his professor, Alice.
Definition 3 - A professional practice
Information Security Domain, often with the definite article “the” as in the information security domain, designates the information security professional practice or discipline.
Samples
Alice was a veteran professional versed in the information security domain. She was valiantly defending organizations against infamous cybercriminals like Eve.
Definition 4 - A market segment
Information Security Domain, often with the definite article “the” as in the information security domain, may sometimes designate the information security market segment. The term information security market segment is preferred.
Samples
The venture capitalist Bob was looking for promising startup companies in the information security domain to make new investments.
Definition 5 - A sub-field or specialization in information security
Information Security Domain designates one sub-domain of the general Information Security field of study or professional practice.
Samples
CISOs must develop adequate competencies in all Information Security Domains, including vulnerability management, incident response, identity and access management, etc. But more importantly, they must hire, develop and retain specialized talents therein.
Note
There are multiple taxonomies dividing the Information Security field of study. A draft inventory of these has been started on the following page: Information Security Domains.
Related Terms
Authority
Circle of Trust (CoT)
Federation
Identity
Identity Provider
Policy
Resource
Subject
Quotes
Bibliography
See Also
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.
