Security is protection from, or resilience against,potential harm (or other unwantedcoercion).Beneficiaries (technicallyreferents) of security may be persons and social groups, objects and institutions, ecosystems, or any other entity or phenomenon vulnerable to unwanted change.
Refugees fleeing war and insecurity in Iraq and Syria arrive atLesbos Island, supported by Spanish volunteers, 2015
Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g.,freedom from want); as the presence of an essential good (e.g.,food security); asresilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g., asecure telephone line); as containment (e.g., asecure room orcell); and as a state of mind (e.g.,emotional security).
Security is both a feeling and a state of reality. One might feel secure when one is not actually so; or might feel insecure despite being safe. This distinction is usually not very clear to express in the English language.[1]
The word 'secure' entered the English language in the 16th century.[2] It is derived from Latinsecurus, meaning freedom from anxiety:se (without) +cura (care, anxiety).[2]
A securityreferent is the focus of a security policy or discourse; for example, a referent may be a potential beneficiary (or victim) of a security policy or system.
Security referents may be persons or social groups, objects, institutions, ecosystems, or any other phenomenon vulnerable to unwanted change by the forces of its environment.[3] The referent in question may combine many referents in the same way that, for example, a nation-state is composed of many individual citizens.[4]
The security context is the relationships between a security referent and its environment.[3] From this perspective, security and insecurity depend first on whether the environment is beneficial or hostile to the referent and also on how capable the referent is of responding to their environment in order to survive and thrive.[4]
Diplomatic and social action intended to prevent insecurity from developing (e.g. conflict prevention and transformation strategies); and
Policy intended to develop the lasting economic, physical, ecological, and other conditions of security (e.g.,economic reform,ecological protection, progressivedemilitarization,militarization).
Any action intended to provide security may have multiple effects. An action may have a wide benefit, enhancing security for several or all security referents in the context; alternatively, the action may be effective only temporarily, benefit one referent at the expense of another, or be entirely ineffective or counterproductive.
Approaches to security are contested and the subject of debate. For example, in debate aboutnational security strategies, some argue that security depends principally on developing protective and coercive capabilities in order to protect the security referent in a hostile environment (and potentially to project that power into its environment, and dominate it to the point ofstrategic supremacy).[5][6][7] Others argue that security depends principally on building the conditions in which equitable relationships can develop, partly by reducing antagonism between actors, ensuring that fundamental needs can be met, and also ensuring that differences of interest can be negotiated effectively.[4][8][9]
Computer security, also known as cybersecurity or IT security, refers to the security of computing devices such ascomputers and smartphones, as well ascomputer networks such as private and public networks, and theInternet. The field has growing importance due to the increasing reliance on computer systems in most societies.[10] It concerns the protection of hardware, software, data, people, and also the procedures by which systems are accessed. The means of computer security include thephysical security of systems and thesecurity of information held on them.
Corporate security refers to the resilience ofcorporations againstespionage, theft, damage, and other threats. The security of corporations has become more complex as reliance on IT systems has increased, and their physical presence has become more highly distributed across several countries, including environments that are, or may rapidly become, hostile to them.
Environmental security, also known as ecological security, refers to the integrity ofecosystems and thebiosphere, particularly in relation to their capacity to sustain adiversity of life-forms (including human life). The security of ecosystems has attracted greater attention as the impact of ecological damage by humans has grown.[11]
Home security normally refers to the security systems used on a property used as a dwelling (commonly including doors, locks, alarm systems, lighting, fencing); and personal security practices (such as ensuring doors are locked, alarms are activated, windows are closed etc.)
Youth play among the bombed ruins ofGaza City, 2009
Human security is an emergingparadigm that, in response to traditional emphasis on the right of nation-states to protect themselves,[12] has focused on the primacy of the security of people (individuals and communities).[13] The concept is supported by theUnited Nations General Assembly, which has stressed "the right of people to live infreedom anddignity" and recognized "that all individuals, in particular vulnerable people, are entitled tofreedom from fear andfreedom from want".[14]
Information security refers to the security of information in any form. Spoken, written, digital, networked, technological, and procedural forms of information are all examples that may be covered in aninformation security management scheme. Computer security,IT security,ICT security, andnetwork security are thus all subdomains of information security.[15]
National security refers to the security of anation-state, including its people, economy, and institutions. In practice, state governments rely on a wide range of means, includingdiplomacy,economic power, andmilitary capabilities.
"Resource security" refers to the political andcommercial objective of ensuring that supplies of materials needed for the production of goods and the satisfaction ofhuman needs can be reliably sustained into the future. It involves protecting the supply of such resources as water, energy, food and industrialraw materials from risks ofglobal depletion and risks to national supply incurred by trade restrictions, government or terrorist interference ormarket failures. Whilecritical raw materials such asrare earth minerals are an important focus of resource security planning, resource security covers a broader range of resources.[16]: 5 Food security, ensuring that a reliable supply of, and access to, safe andnutritious food,[17] andenergy security are important aspects of resource security. Food security is gaining in importance as the world's population has grown and productive land has diminished through overuse andclimate change.[18][19]
Government and business concerns related to "a range of renewable and non-renewable resources", concentrating on those not already covered byenergy security andfood security measures, and especially sought to protect the supply of certain specific metals and materials under supply pressure. A generalised fear of resource insufficiency was felt to be inappropriate: thusVince Cable, thenSecretary of State for Business Innovation and Skills, spoke in December 2011 about a public policy approach to resource management:
It is over 200 years since theReverend Malthus first predicted thatpopulation growth would inevitably outrun the capacity of the land to provide enough food. In the years since, the effects of human ingenuity and new trading routes have shown him to be wrong—though not entirely. Fish depletion is a classic Malthusian problem and is sadly resulting in some irreversible damage tostocks. Thesperm whale was driven to near extinction by the demand for blubber to light the pre-electric world. But for the most part resource pessimism has been misplaced.[20]
Similarly theAction Plan notes that in general the issue of "resource security" is not concerned with "scarcity" of resources but with availability, supply constraints and the potential financial and environmental costs of opening up new sources of supply.[16]: 7
EEF, the UK's manufacturers' representation organisation (nowMake UK) issued a report in 2014 entitledMaterials for Manufacturing: Safeguarding Supply, along with an appeal to the government seeking action to protect the country's supply of essential materials. The report highlighted "over-reliance onChina for strategic supplies" as a key issue. The EEF and other partners argued that an "Office of Resource Management" within government "could strategically co-ordinate action across Whitehall".[21] The office would form part of theDepartment for Business, Innovation and Skills and maintain an overview of the risks to resource security.[22]
Since it is not possible to know with precision the extent to which something is 'secure' (and a measure of vulnerability is unavoidable), perceptions of security vary, often greatly.[4][23] For example, a fear of death by earthquake is common in the US, but slipping on the bathroom floor kills more people;[23] and in France, the UK, and the US, there are far fewer deaths caused byterrorism than there are women killed by their partners in the home.[24][25][26][27]
Another problem of perception is the common assumption that the mere presence of a security system (such asarmed forces orantivirus software) implies security. For example, twocomputer security programs installed on the same device can prevent each other from working properly, while the user assumes that he or she benefits from twice the protection that only one program would afford.
Security theater is a critical term for measures that change perceptions of security without necessarily affecting security itself. For example, visual signs of security protections, such as a home that advertises its alarm system, may deter anintruder, whether or not the system functions properly. Similarly, theincreased presence of military personnel on the streets of a city after aterrorist attack may help to reassure the public, whether or not it diminishes the risk of further attacks.
Certain concepts recur throughout different fields of security:
Access control – the selective restriction of access to a place or other resource.
Assurance – an expression of confidence that a security measure will perform as expected.
Authorization – the function of specifying access rights/privileges to resources related to information security and computer security in general and to access control in particular.
Cipher – an algorithm that defines a set of steps to encrypt or decrypt information so that it is incomprehensible.
Countermeasure – a means of preventing an act or system from having its intended effect.
Defense in depth – a school of thought holding that a wider range of security measures will enhance security.
Exploit (noun) – a means of capitalizing on a vulnerability in a security system (usually a cyber-security system).
Identity management – enables the right individuals to access the right resources at the right times and for the right reasons.
Password – secret data, typically a string of characters, usually used to confirm a user's identity.
Resilience – the degree to which a person, community, nation or system is able to resist adverse external forces.
Risk – a possible event which could lead to damage, harm, or loss.
Security management – identification of an organization's assets (including people, buildings, machines, systems and information assets), followed by the development, documentation, and implementation of policies and procedures for protecting these assets.
^Responsibility for resource policies and delivery isdevolved to Wales, Northern Ireland and Scotland and therefore policy details may be different in these nations.
