A. Actually, the definition of cybersecurity is becoming quite broad. CNSSI No. 4009 defines cybersecurity as:
(The) prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.
In fact, the DoD has transitioned from the term “information assurance” to the term “cybersecurity.” However, there are still some subtle differences. Fortunately, robust Informative References like those listed in NIST’s catalog of Informative References, provide a complete set of information security controls that address all types of information security threats, not just those traditionally associated with cybersecurity. Therefore, implementing the recommendations in the guide will support a comprehensive as well as robust information protection program. Use of commercial examples should not be construed as HHS endorsement. Readers should refer to NIST OLIR Catalog for further information.