Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


IT security and cybersecurity: What's the difference?

What's the difference between IT security and cybersecurity? Learn about each and their roles in defending against hackers and other online threats with our guide.
Written by Nate Delesline III, Staff Writer

Information technology and cybersecurity share common goals of protecting people, devices, and data -- but focus on different issues and take a very different approach.

Information technology (IT) uses computer networks, hardware, and software to store and share digital information. Cybersecurity focuses more narrowly on protecting computer systems, digital devices, and data from unauthorized access.

Both fields have specialized roles and responsibilities. Working in IT or cybersecurity, you'll be responsible for protecting people and information from electronic attacks. Hacks can result in identity theft, data theft or loss, unauthorized access to emails or databases, or the introduction of malicious software.

Here's a closer look at what IT security and cybersecurity have in common and how they differ.

What are the differences between IT and cybersecurity?

Information technology focuses on the systems that store and transmit digital information. Cybersecurity, in contrast, focuses on protecting electronic information stored within those systems.

Cybersecurity usually focuses on digital information and infrastructure. Infrastructure may include internet connections and local area networks that store and share information. In short, cybersecurity focuses on preventing hackers from gaining digital access to important data on networks, on computers, or within programs.

Workers in IT and cybersecurity have varying job titles depending on their education, training, experience, and responsibilities. 

One subset of IT, IT security, focuses on protecting access to computers, networks, and information. 

IT security professionals may create plans to protect digital assets and monitor computer systems and networks for threats. They may also work to protect the physical equipment storing the data, along with the data itself.

Another subset of IT, information security, focuses on securing data and systems against unauthorized access. Some professionals group cybersecurity within the field of information security. Often, responsibilities overlap among cybersecurity, information security, and information technology professionals. 

Information security, or InfoSec, focuses on maintaining the integrity and security of data during storage and transmission. In short, information security encompasses all forms of data.

An information security specialist may create and enforce user, network, and data security policies. Information security employees educate network users about security issues and encourage them to follow security standards. They may also investigate security incidents and document what happened to prevent or eliminate a recurring threat.

Differences in approach 

Depending on an organization's size and resources, IT and cybersecurity staff may engage in security testing. They may also advise managers or executives on information or network security issues that affect the entire organization. 

In smaller organizations, cybersecurity specialists may focus more on defending digital systems through proactive and defensive measures.

Techniques implemented

Information security analysts often create disaster recovery plans, which provide guidelines organizations can follow to continue business operations in the event of an emergency. Recovery plans may include actions such as copying and storing data in the cloud. 

The plan might also include a framework for maintaining or resuming IT operations following a natural or manmade disaster. Information security professionals regularly test the measures they intend to implement. 

In contrast, cybersecurity responsibilities include verifying and enforcing software updates, password management, and using firewalls and anti-virus protection. Cybersecurity policies might include requiring two-factor authentication to access devices, software, or any information stored on the network.

Is Cybersecurity an IT Job?

In most cases, cybersecurity is considered an IT job. However, cybersecurity jobs usually focus on protecting digital information. Some organizations may give these individuals the job title of cybersecurity specialist or cybersecurity manager. Related cybersecurity job titles include cybersecurity engineer or cybersecurity administrator. 

In conclusion

When considering a career in IT or cybersecurity, it's important to understand the differences between these two fields. 

Although roles and responsibilities may overlap, IT typically has a broader focus on projects, like building and operating computer networks and systems. Cybersecurity focuses on protecting the information within those systems.

Cybersecurity and IT use different strategies and skills to achieve many of the same goals. Those goals center on keeping digital information and infrastructure safe from hackers. These jobs enable our confidence in the technology that helps us do our jobs effectively and efficiently.

What are the uses of information technology?

Information technology uses computer systems to create, store, and share information. IT supports personal computers and digital devices and video conferencing. Nearly all organizations rely on IT for basic and high-level functions, such as handling sales, inventory, product management, and customer service.

What skills are needed for cybersecurity?

Technical skills for cybersecurity include handling online threats, and analyzing, storing, and controlling an organization's user access. Good soft skills include being a collaborative, analytical thinker.

Editorial standards