Cyberconfusion: Cyber Security, Cyber-Security or Cybersecurity? by Dr. Shem

Picture: Daily Tech

So which is it: Cyber Security, Cyber-Security or Cybersecurity?  Is this the next reincarnation of datacentre vs. data center or ciphertext vs. cipher text?  The security industry still hasn’t made any concerted effort to close on the cyber?security anomaly.  And with about 15 million search results each, not even Google is able to raise a leg from either side of the fence.

Cyber Security or not to Cybersecurity

When spending any length of time researching security, one quickly becomes aware of far too many polarized views within the technical community.  These may be relatively trivial opinions, such as: whether Mac or PC is more secure; all the way up to endorsing (or not) a sophisticated anti-DDoS solution.  It’s frustrating to say the least, and borderline embarrassing when the output of one’s labour is supposed to be a bulletproof recommendation, an architectural blueprint or a multi-year security roadmap.

About the only thing the industry agrees upon is that cyber should go before security.  Many of my colleagues are divided along traditional lines, the Atlantic. American English seems to prefer Cybersecurity while British English (and European colleagues) cling to Cyber Security.  I think Google threw in the towel a long time ago because unless specifically told not to, it fudges most of its search results and includes all commonly used variants.

Grammarians may argue, but the Associated Press (@APStylebook), which for all intents and purposes still holds the throne when it comes to news copy style, says it is one word – Cybersecurity:

“cyber-, cyberspace is a term popularized by William Gibson in the novel “Neuromancer” to refer to the digital world of computer networks. It has spawned numerous words with cyber- prefixes, but try to avoid most of these coinages. When the combining form is used, follow the general rule for prefixes and do not use a hyphen: cyberattack, cyberbullying, cybercafe, cybersecurity.”

There are some exceptions to the prefix rule, specifically around proper nouns, such as ‘US Cyber Command.’ But for the most part, if you are sticking with the leader when it comes to defining news style, you will want to stick with the single word use.

Gartner goes with Cybersecurity

Gartner acknowledged that there is confusion in the market over how the term should be used, which prompted the firm to publish Definition: Cybersecurity.  In it, analysts Andrew Walls, Earl Perkins and Juergen Weiss wrote that:

“Use of the term ‘cybersecurity’ as a synonym for information security or IT security confuses customers and security practitioners, and obscures critical differences between these disciplines.”

To help set the record straight, the team defined the term:

“Cybersecurity encompasses a broad range of practices, tools and concepts related closely to those of information and operational technology security. Cybersecurity is distinctive in its inclusion of the offensive use of information technology to attack adversaries.”

Additionally, Gartner advised:

“Security leaders should use the term “cybersecurity” to designate only security practices related to the combination of offensive and defensive actions involving or relying upon information technology and/or operational technology environments and systems.”

Academic Reasoning

Hoping to shed some light on this problem and advocate a single solution, one blogger polled some of the top experts on neologisms, the creation of new words, to see whether there was consensus on where cyber is heading. One response that particularly resounded with me was that by Suzanne Kemmer, Associate Professor of Linguistics at Rice University.  She said:

From the standpoint of the usual lexical conventions, cybersecurity is better, because ‘cyber’ is not a free-standing word but instead what linguists call a bound morpheme – a combining form used to form new words. It is of Classical Greek origin like many of our scientific and technical vocabulary elements– and the usual pattern for such borrowings is to combine them with other elements into one word. Bio, neo, photo are all parallel examples – when made into new compounds they are written together with the element following: not bio informatics but bioinformatics, etc.

Sometimes a group of specialists will make their own convention, but the language at large typically doesn’t follow it because there are so many instances of the more general pattern. It looks like that has happened in the technical community in this case.  They probably don’t know the general lexical patterns of English and just have made their own specialists’ convention.  I predict that for this word the general (one-word) pattern will win out in the language at large.


Whatever your decision may be, stick to it and be consistent throughout your writing.  And if you’re tempted to throw every conceivable variant into a body of work with the aim of improving your search ranking, please don’t. Since we already know that the likes of Google treat these variants equally, using them will only confuse the reader.

And so, while most of us mere mortals prepare for a long winter of similarly pointless deliberation, at least I’m no longer in two minds about how to write cybersecurity.  I’ve decided to go with the single word because, as Susan put it, cybersecurity will win out in the end.  Having said this, I also like the look of CyberSecurity — with a capitalized S, easier on the eye I think.

Source: Dr. Shem

About the Author:

Dr. Shem was born in Poland, raised in transit and educated in Australia — this intrepid traveller has been on the road for most of his breathing life.

It’s no wonder then, he feels at home shacking up against a rocky slope in Kyrgyzstan, frying up tasty grasshoppers in Burma or tracking a leopard across the Kalahari.

For almost two decades, Dr. Shem has worked as a consultant over much of the (un)inhabited globe with a particular focus on developing and hazardous countries across Africa, Middle East and Asia.

His bag of hats has grown in proportion with his vintage and would more than likely be the envy of any de Bono scholar. Most recently, he added the freelance journalist and volunteer hats to his bag of tricks, which can only suggest that we’ll be hearing more of his adventures, but this time perhaps, with better grammar.

Home is where the heart is, or so they say, and over the years home has been (in alphabetical order): Australia, Botswana, Germany, Malta, Mauritius, Namibia, Nigeria, Poland, Singapore, Tanzania, United Arab Emirates, United Kingdom and United States of America. Identity crisis, do we hear you say? His mother likes to avoid the topic altogether and simply calls him a citizen of the world.

Shem holds a MSc in Information Systems Security, MA in Journalism, BEng in Electronic Systems Engineering and BSc in Mathematics, all of which – if you’re still paying attention – not even combined, make him a doctor just yet; although it is a work in progress and unlike his academic pursuits a domain name’s availability will eventually come to an end.

His day job consists of travel, packing, unpacking, talking, presenting, holding meetings, deciphering body language, riding a bicycle, arguing with accounts payable, reading, checking and writing mail, renewing passports, obtaining visas, getting kicked out of countries, sorting through a mountain of SIM cards, making phone calls, getting immunization shots, waiting at airports, picking up nasty parasites, dealing with immigration checks, charging his laptop(s) all the while answering to the title of Senior Security Architect & Researcher at a multinational corporation.

This blog, if you will, serves as a therapeutic outlet for much of the insanity rattling around in his bald head.

Contact Me

You may send an an e-mail to [shem at drshem dot com] or follow me on Twitter @drshem.

Let us know, what do you think: cyber security, cybersecurity, cyber-security...?

Notify of
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013