Security is protection from, or resilience against, potential harm (or other unwanted coercion) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change.
Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g. freedom from want); as the presence of an essential good (e.g. food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g. a secure telephone line); as containment (e.g. a secure room or cell); and as a state of mind (e.g. emotional security).
The term is also used to refer to acts and systems whose purpose may be to provide security (security company, security police, security forces, security service, security agency, security guard, cyber security systems, security cameras, remote guarding). Security can be physical and virtual.
Etymology
The word 'secure' entered the English language in the 16th century. It is derived from Latin securus, meaning freedom from anxiety: se (without) + cura (care, anxiety).
Overview
Referent
A security referent is the focus of a security policy or discourse; for example, a referent may be a potential beneficiary (or victim) of a security policy or system.
Security referents may be persons or social groups, objects, institutions, ecosystems, or any other phenomenon vulnerable to unwanted change by the forces of its environment. The referent in question may combine many referents, in the same way that, for example, a nation state is composed of many individual citizens.
Context
The security context is the relationships between a security referent and its environment. From this perspective, security and insecurity depend first on whether the environment is beneficial or hostile to the referent, and also how capable is the referent of responding to its/their environment in order to survive and thrive.
Capabilities
The means by which a referent provides for security (or is provided for) vary widely. They include, for example:
- Coercive capabilities, including the capacity to project coercive power into the environment (e.g. aircraft carrier, handgun, firearms);
- Protective systems (e.g. lock, fence, wall, antivirus software, air defence system, armour)
- Warning systems (e.g. alarm, radar)
- Diplomatic and social action intended to prevent insecurity from developing (e.g. conflict prevention and transformation strategies); and
- Policy intended to develop the lasting economic, physical, ecological and other conditions of security (e.g. economic reform, ecological protection, progressive demilitarization, militarization).
Effects
Any action intended to provide security may have multiple effects. For example, an action may have wide benefit, enhancing security for several or all security referents in the context; alternatively, the action may be effective only temporarily, or benefit one referent at the expense of another, or be entirely ineffective or counterproductive.
Contested approaches
Approaches to security are contested and the subject of debate. For example, in debate about national security strategies, some argue that security depends principally on developing protective and coercive capabilities in order to protect the security referent in a hostile environment (and potentially to project that power into its environment, and dominate it to the point of strategic supremacy). Others argue that security depends principally on building the conditions in which equitable relationships can develop, partly by reducing antagonism between actors, ensuring that fundamental needs can be met, and also that differences of interest can be negotiated effectively.
Contexts of security (examples)
The table shows some of the main domains where security concerns are prominent.
The range of security contexts is illustrated by the following examples (in alphabetical order):
Computer security
Computer security, also known as cybersecurity or IT security, refers to the security of computing devices such as computers and smartphones, as well as computer networks such as private and public networks, and the Internet. The field has growing importance due to the increasing reliance on computer systems in most societies. It concerns the protection of hardware, software, data, people, and also the procedures by which systems are accessed. The means of computer security include the physical security of systems and security of information held on them.
Corporate security
Corporate security refers to the resilience of corporations against espionage, theft, damage, and other threats. The security of corporations has become more complex as reliance on IT systems has increased, and their physical presence has become more highly distributed across several countries, including environments that are, or may rapidly become, hostile to them.
Environmental security
Environmental security, also known as ecological security, refers to the integrity of ecosystems and the biosphere, particularly in relation to their capacity to sustain a diversity of life-forms (including human life). The security of ecosystems has attracted greater attention as the impact of ecological damage by humans has grown.
Food security
Food security refers to the ready supply of, and access to, safe and nutritious food. Food security is gaining in importance as the world's population has grown and productive land has diminished through overuse and climate change.
Home security
Home security normally refers to the security systems used on a property used as a dwelling (commonly including doors, locks, alarm systems, lighting, fencing); and personal security practices (such as ensuring doors are locked, alarms activated, windows closed etc.)
Human security
Human security is an emerging paradigm which, in response to traditional emphasis on the right of nation states to protect themselves, has focused on the primacy of the security of people (individuals and communities). The concept is supported by the United Nations General Assembly, which has stressed "the right of people to live in freedom and dignity" and recognized "that all individuals, in particular vulnerable people, are entitled to freedom from fear and freedom from want".
National security
National security refers to the security of a nation state, including its people, economy, and institutions. In practice, state governments rely on a wide range of means, including diplomacy, economic power, and military capabilities.
Perceptions of security
Since it is not possible to know with precision the extent to which something is 'secure' (and a measure of vulnerability is unavoidable), perceptions of security vary, often greatly. For example, a fear of death by earthquake is common in the United States (US), but slipping on the bathroom floor kills more people; and in France, the United Kingdom and the US there are far fewer deaths caused by terrorism than there are women killed by their partners in the home.
Another problem of perception is the common assumption that the mere presence of a security system (such as armed forces, or antivirus software) implies security. For example, two computer security programs installed on the same device can prevent each other from working properly, while the user assumes that he or she benefits from twice the protection that only one program would afford.
Security theater is a critical term for measures that change perceptions of security without necessarily affecting security itself. For example, visual signs of security protections, such as a home that advertises its alarm system, may deter an intruder, whether or not the system functions properly. Similarly, the increased presence of military personnel on the streets of a city after a terrorist attack may help to reassure the public, whether or not it diminishes the risk of further attacks.
Security concepts (examples)
Certain concepts recur throughout different fields of security:
- Access control – the selective restriction of access to a place or other resource.
- Assurance – an expression of confidence that a security measure will perform as expected.
- Authorization – the function of specifying access rights/privileges to resources related to information security and computer security in general and to access control in particular.
- Cipher – an algorithm that defines a set of steps to encrypt or decrypt information so that it is incomprehensible.
- Countermeasure – a means of preventing an act or system from having its intended effect.
- Defense in depth – a school of thought holding that a wider range of security measures will enhance security.
- Exploit (noun) – a means of capitalizing on a vulnerability in a security system (usually a cyber-security system).
- Identity management – enables the right individuals to access the right resources at the right times and for the right reasons.
- Password – secret data, typically a string of characters, usually used to confirm a user's identity.
- Resilience – the degree to which a person, community, nation or system is able to resist adverse external forces.
- Risk – a possible event which could lead to damage, harm, or loss.
- Security management – identification of an organization's assets (including people, buildings, machines, systems and information assets), followed by the development, documentation, and implementation of policies and procedures for protecting these assets.
- Threat – a potential source of harm.
- Vulnerability – the degree to which something may be changed (usually in an unwanted manner) by external forces.