What Can Cybersecurity Learn from Security?
by: Martin Kaehrle, Zachary Schultz, Tara Thomsen, Clinton Castro, Alan Rubel, and Rick Wash
Abstract
“Cybersecurity” and “security” seem roughly synonymous, and in a large part of the cybersecurity literature they are treated that way. However, there are multiple domains in which security is important, and cyber is only one of them. We compare cybersecurity to other domains—national, food, physical, affective, and moral security—to distill and analyze similarities and differences in how domains understand security. There were three areas where the security literature notably differs. First, whether security is understood in terms of objective or subjective elements. Second, what value security implicates and whether that value is instrumental or inherent. Third, whether security attaches to individuals, unstructured groups (people with shared identities), structured groups (organizations, institutions), or objects. Among the domains we explored, cybersecurity was unique in seeing itself as (merely) instrumentally valuable, thinking about security in solely objective terms, and treating objects as the ultimate subject of security. Looking to other domains reminds us that security is inherently valuable, includes a subjective component, and is ultimately about people.
Reference
Martin Kaehrle, Zachary Schultz, Tara Thomsen, Clinton Castro, Alan Rubel, and Rick Wash. “What Can Cybersecurity Learn from Security?.” Poster in Symposium on Usable Privacy and Security.August 2025.