Skip to Main Content Skip to bottom Skip to Chat, Email, Text

What is information security? (Hint: It’s not cybersecurity)

At a glance

  • Information security refers to the protection of sensitive information from unauthorized users by locating and mitigating vulnerabilities. 
  • Sometimes known as “infosec,” information security is not the same thing as cybersecurity. Although closely related, cybersecurity is a subset of information security.
  • When hiring an information security professional, most employers seek applicants with a bachelor’s degree in a related field, such as computer and information technology, engineering or math.
  • University of Phoenix offers several undergraduate and graduate programs that prepare individuals for roles in information technology, including a Bachelor of Science in Cybersecurity. 

Introduction to information security

As businesses and organizations increasingly rely on digital data, information security professionals are positioned to offer valuable technical assistance. But what is information security exactly? Sometimes known as “infosec,” information security falls under the broader information technology (IT) field and focuses on protecting data, checking for vulnerabilities in network systems, blocking unauthorized access and ensuring confidentiality, integrity and availability. 

Information security professionals oversee computer networks and promptly investigate data breaches. They use protective software, like firewalls and data encryption programs, to guard sensitive information. They also stay updated on IT security trends and advise on security protocols and enhancements. 

Sound exciting? It can be. Here, we dig a little deeper in this growing field.

Challenges and opportunities of information security

As data breaches and cyber threats increase, infosec professionals are challenged to develop more sophisticated techniques to thwart malicious or negligent acts. Emerging technologies, like artificial intelligence (AI), also introduce new security challenges, including difficulty detecting ransomware and phishing schemes. 

As a result, there’s growing demand in this field for skilled professionals across various industries. (Think risk management, incident response, encryption and cryptography, for example.) Protecting digital assets, in other words, can take many forms, so embracing a continuous learning mindset can position professionals to thrive in this ever-changing field.

Information security vs. cybersecurity

While some people use the terms interchangeably, information security and cybersecurity are separate fields and have different functions. (The National Institute of Standards and Technology classifies these areas as different fields and lists them separately in its glossary of terms.) 

Cybersecurity is actually a subset of the information security field that focuses on the protection of digital systems and cyber threats, like malware, phishing, ransomware, spyware and hacking.

Information security, meanwhile, encompasses physical, digital and intellectual formats.

The two fields occasionally overlap when it comes to managing digital files. Infosec and cybersecurity also share some of the same minimum education requirements, career paths and necessary tech skills.

Job outlook and salary potential

As of May 2023, information security analysts earned between $69,210 and $182,370, with a median wage of $120,360, according to the U.S. Bureau of Labor Statistics (BLS). 

Some of the highest-paying industries for information security analysts are information, finance and insurance, and computer systems design. 

BLS also projects a 32% job growth rate from 2022 to 2032. This faster-than-average employment increase is partially due to businesses’ need for experts who can manage and solve problems like fraud prevention and data risks. 

Salary ranges and BLS Occupational Employment Projections are not specific to students or graduates of University of Phoenix. Actual outcomes vary based on multiple factors, including prior work experience, geographic location and other factors specific to the individual. University of Phoenix does not guarantee employment, salary level or career advancement. BLS data is geographically based. Information for a specific state/city can be researched on the BLS website.

Skills and certifications

Prospective students can enhance their employability by gaining in-demand skills and obtaining certifications. While not required, employers prefer candidates with a certification, according to BLS. 

Earning those certifications can be its own process. University of Phoenix, for example, offers courses and certificate programs that prepare students to sit for industry certification exams.

“As students complete certain courses that are aligned to industry certifications, they are better prepared to sit for the examinations with such organizations as EC-Council and CompTIA,” says J.L. Graff, MBA, the associate dean of the College of Business and Information Technology at University of Phoenix.

“We also align the skills in IT with our courses so that students are learning current skills in their programs that they can begin implementing in the workforce before they even graduate,” Graff says. 

BLS outlines other important qualities that information security professionals should have, such as:

  • Analytical abilities: On a basic level, information security analysts need to know how to examine computer systems and networks, evaluate vulnerabilities, and identify ways to improve security protocols and policies.
  • Effective communication: Being able to convey information to both technical and non-technical audiences is crucial when potential threats need to be resolved quickly and with confidentiality.
  • Innovative aptitude: Another key responsibility for infosec professionals is anticipating potential information security risks and devising new methods to protect computer systems and networks.
  • Attention to detail: There’s a wealth of information to pay attention to when there are cyberattacks, so information security analysts must meticulously observe even minor performance fluctuations.
  • Problem-solving expertise: Working under pressure is especially needed when it’s time to uncover and promptly address security alerts.

Earning your degree at University of Phoenix

According to BLS, many information security positions require a bachelor’s degree in a computer and information technology or a related field.

While there isn’t a specific information security program available at University of Phoenix, several undergraduate and graduate programs include information security in their curriculum for fundamental and advanced knowledge:

In the Associate of Science in Cybersecurity program, students gain specialized knowledge in information security concepts, networking fundamentals and critical reasoning while developing essential communication and teamwork abilities. 

If you want to deepen your understanding of topics like cloud computing, wireless security and cyber domain, consider the 100% online Bachelor of Science in Cybersecurity program. You’ll acquire essential skills in disaster recovery, identifying vulnerabilities, network strategy and network defense fundamentals to safeguard organizations’ data while ensuring confidentiality.

University of Phoenix also offers a flexible Master of Science in Cybersecurity program to enhance understanding of cybersecurity and enterprise-level operations. You can even tailor your degree with elective courses in either leadership/auditing or tactical cyber. 

For those looking for a quicker way to upskill, the undergraduate Information Assurance and Security Certificate program comprises six core courses that are a mix of networking fundamentals and basic infosec concepts, like cryptography and encryption.


Kellye is a versatile writer with more than 10 years of print and digital experience. She’s passionate about explaining complex topics, educating readers and sharing useful tips. When Kellye’s not attached to her computer, she enjoys cooking, gardening, reading and watching movies with her husband and two children.

Headshot of Kathryn Uhles


Currently Dean of the College of Business and Information Technology, Kathryn Uhles has served University of Phoenix in a variety of roles since 2006. Prior to joining University of Phoenix, Kathryn taught fifth grade to underprivileged youth in Phoenix.


This article has been vetted by University of Phoenix's editorial advisory committee. 
Read more about our editorial process.


want to read more like this?

Malware Identification and Prevention

Online Degrees

December 17, 2022 • 9 minutes

Careers with a Degree in Cybersecurity

Online Degrees

June 12, 2023 • 8 minute read

Advantages of Receiving a Cloud Computing Certificate

Online Degrees

May 11, 2023 • 7 minutes