Information Security Domain

[ 1 Alternative Forms ] [ 2 Definitions ] [ 2.1 Definition 1 - A community of interest governed by authorities ] [ 2.2 Definition 2 - A field of study ] [ 2.3 Definition 3 - A professional practice ] [ 2.4 Definition 4 - A market segment ] [ 2.5 Definition 5 - A sub-field or specialization in information security ] [ 3 Related Terms ] [ 4 Quotes ] [ 5 Bibliography ] [ 6 See Also ]

Alternative Forms

Cybersecurity Domain
Domain
InfoSec Domain
Security Domain
Sub-domain

Definitions

Definition 1 - A community of interest governed by authorities

An Information Security Domain is a bounded and coherent system. It is composed of entities that constitute a community of interest, identities, and/or resources. It is governed by common authorities that issue policies. These policies prescribe if and how entities are authorized to perform which operations on which resources.

The term is loosely used to designate diverse combinations of micro- and macro-systems as long as they are regarded as a whole, thus context is paramount for clarity.

Samples

Alice, the CISO, was accountable for the security of a vast, complex and heterogeneous Information Security Domain. But she wasn’t the kind of persons who duck their responsibilities. She just rolled up her sleeves and tackled the challenge.

Conceptual Diagram

Definition 2 - A field of study

Information Security Domain, often with the definite article “the” as in the information security domain, designates the information security field of study.

Samples

Bob was looking for a research question to conduct his research project. But the Information Security Domain is vast and Bob felt overwhelmed. He sought advice from his professor, Alice.

Definition 3 - A professional practice

Information Security Domain, often with the definite article “the” as in the information security domain, designates the information security professional practice or discipline.

Samples

Alice was a veteran professional versed in the information security domain. She was valiantly defending organizations against infamous cybercriminals like Eve.

Definition 4 - A market segment

Information Security Domain, often with the definite article “the” as in the information security domain, may sometimes designate the information security market segment. The term information security market segment is preferred.

Samples

The venture capitalist Bob was looking for promising startup companies in the information security domain to make new investments.

Definition 5 - A sub-field or specialization in information security

Information Security Domain designates one sub-domain of the general Information Security field of study or professional practice.

Samples

CISOs must develop adequate competencies in all Information Security Domains, including vulnerability management, incident response, identity and access management, etc. But more importantly, they must hire, develop and retain specialized talents therein.

Note

There are multiple taxonomies dividing the Information Security field of study. A draft inventory of these has been started on the following page: https://open-measure.atlassian.net/wiki/spaces/TAXO/pages/1295942043.

Authority
Circle of Trust (CoT)
Federation
Identity

Identity Provider
Policy
Resource
Subject
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/5965562

Quotes

Bibliography

https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1290764873