For enquiries call:



HomeBlogSecurityCybersecurity Domains: A Brief Overview [2024 Update]

Cybersecurity Domains: A Brief Overview [2024 Update]

27th Dec, 2023
view count loader
Read it in
11 Mins
In this article
    Cybersecurity Domains: A Brief Overview [2024 Update]

    With the expansion of cyberspace, the incidents of breaking into it for personal, illicit gains have also increased. Hence, cyber security has become more important than ever. To correctly implement cybersecurity, one must know about cybersecurity domains.

    Cybersecurity is the collective process of protecting computer systems, networks, and programs from cyberattacks. With the recent hike in demand for cybersecurity professionals, it has become a lucrative field to work with.

    That’s why more and more students and professionals are opting for online Cyber Security training and other modes of learning cybersecurity, like books, tutorials, and certifications.

    In this article, we are going to discuss what the cyber security domain is, what are the parts of the cyber security domain, various cyber security domain names, and the cybersecurity domain's mind map.

    What are Cyber Security Domains?

    Cybersecurity domains refer to the various forms where cybersecurity methodologies can be implemented. Application security, physical security, risk assessment, and threat intelligence are some of the most common domains in cyber security.

    An organization considers the various cybersecurity domains while building a cybersecurity policy. Therefore, you can also call them domains of cyber security policy. The following is a comprehensive cybersecurity domains list:

    • Career development
    • Computer operations security
    • Cyber forensics
    • ERM
    • Identity management
    • Incident response
    • Security architecture
    • Telecommunications security
    • User education 

    What are the Parts of Cyber Domain?

    A newcomer to cybersecurity might ask what cybersecurity is. A cyber domain is defined as the area in which computer systems and networks are used. It has a high degree of complexity and is continuously changing.

    Organizations necessitate developing a deeper understanding of the technologies and threats that exist in the cyber domain to be successful. There are 5 cyber domain parts, which are:

    1. The physical domain
    2. The logical domain
    3. The data domain
    4. The application domain
    5. The user domain

    Each part of the cyber domain has its own distinctive set of security challenges and risks that must be taken care of. To secure the cyber domain, organizations need to find the challenges and risks associated with every subdomain and mitigate the same. The holistic strategy that they came up with is called a cybersecurity policy.

    The physical domain and logical domain comprise the hardware and software, respectively, that go into a computer system. The physical domain includes I/O devices, networking components, processors, memory, storage, and other physical parts of a computer system.

    Software that runs on a computer system, including BIOS, operating systems, applications, and data forms the logical domain. It defines how data is accessed and manipulated. All the data stored on a computer comes under the data domain.

    The application domain contains all the applications available on a computer system while the user domain is the domain that contains user information. Securing it requires adding PINs, passwords, security phrases, and so on. 

    Cyber security domain refers to the different security approaches that we take to safeguard each type of cyber domain. We need to apply different approaches to different parts of cyber domains. In the next section we will discuss the various forms of cyber security domains. 

    List of Common Cyber Security Domains

    Here, we will discuss various domains of cybersecurity in detail. Cybersecurity domains are also called cyber security categories, focus areas, and tiers.

    Since the number of cyber security domains and their subdomains is big, it is not possible to cover each one of them in detail here. Hence, in this blog, we will cover only the most popular 1+10 domains of cyber security. So, here we go:

    1. Frameworks & Standards

    Cybersecurity frameworks and standards are the set of best practices to keep cybersecurity risk under check. These offer the ability to determine risk tolerance and set controls.

    Many frameworks and standards are combinations of other cybersecurity frameworks and standards.

    To develop a powerful cybersecurity compliance program, one needs to have knowledge of the various cyber security frameworks and standards. Some of the most popular cyber security frameworks and standards are: 

    • ASD (Australian Signals Directorate) Essential 8
    • CIS (Center for Internet Security) Controls
    • CISA (Cybersecurity and Infrastructure Security Agency) TSS (Transportation Systems Sector) Cybersecurity Framework
    • ETSI (European Telecommunications Standards Institute)
    • HITRUST CSF (Cybersecurity Framework)
    • ISA/IEC (International Society of Automation) 62443
    • IoTSF (Internet of Things Security Foundation) Security Compliance Framework
    • NIST (National Institute of Technologies) CSF (Cybersecurity Framework)
    • NIST SP (Special Publication) 800-82 Guide to ICS (Industrial Control Systems) Security
    • OASIS SAML (Security Assertion Markup Language)
    • PCI DSS (Payment Card Industry Data Security Standard)

    An organization considers as many cybersecurity frameworks and standards as possible while devising a suitable cybersecurity policy. 

    2. Application Security
    Application Security

    Application security is installing many forms of defenses within all software and services belonging to an organization to provide protection from a diverse range of threats. It simply means to safeguard applications that an organization develops, deploys, and uses.

    There are several measures that are taken to limit unwanted access or change of application resources. This includes creating secure application architecture, implementing strong data input validation, threat modeling, writing secure code, etc.

    API security, S-SDLC, security QA, security UX, and source code scan are the various subdomains of application security. 

    3. Risk Assessment

    Risk assessment is the process of carefully analyzing the workplace for identifying scenarios, processes, et cetera that might cause harm to assets, i.e., people and systems belonging to an organization. It consists of:

    1. Hazard identification 
    2. Risk analysis and risk evaluation 
    3. Risk control 

    In risk assessment, we identify hazards and risk factors that can cause some form of harm. This is called hazard identification. Risk analysis and risk evaluation are done to analyze and evaluate the risks associated with the identified hazards and risk factors. 

    Risk control relates to the process of determining the best ways to eliminate the hazards and risks or control the same when they can’t be eliminated. Assets inventory, penetration tests, risk monitoring services, and vulnerability scans are subdomains of risk assessment. 

    4. Enterprise Risk Management

    Enterprise risk management or ERM is an organization-specific strategy that aims to identify and prepare for hazards within an organization’s finances, objectives, and operations. It is risk management applied to an organization. The subdomains of enterprise risk management include: 

    • Crisis management
    • Cyber insurance
    • Lines of defense
    • Risk acceptance statement
    • Risk appetite

    Some people wrongly believe that ERM is a product or service, which it is not. Instead, it is a process. This might be due to the similarity of ERM with ORM (object-relational mapping), CRM (customer relationship management), and ERP (enterprise resource planning).

    For ERM to be effective, it necessitates being a part of the work culture of an organization. It is essential to maintain the brand reputation and ensure long-time business viability.

    5. Governance

    Cyber security governance offers a strategic view of how an organization defines its risk appetite, develops accountability frameworks, and establishes decision-making. It involves taking decisions for implementing security policies.

    Governance aims to ensure that the organization manages to make the right decisions most of the time and places efficient and cost-effective policies to mitigate risk. Company written policy, executive management involvement, and laws and regulations are subdomains of governance.

    6. Threat Intelligence
    What is Threat Intelligence

    Also known as cyber threat intelligence (CTI), threat intelligence is the process of collecting information from a wide array of resources pertaining to existing or potential attacks against an organization.

    The information collected via CTI is analyzed and refined to minimize and mitigate cybersecurity risks. Along with other cybersecurity tools, it is used to protect an organization from cyber-attacks. Threat intelligence can be external or internal. 

    7. End-user Education

    The main intent of end-user education is to develop awareness in employees and equip them with the required skills and tools so that they can protect themselves and the organization from data attacks or data loss.

    Employees can educate themselves too by learning different topics related to cybersecurity, like information security or infosec. Information security is a branch of cyber security that deals specifically with protecting information and information systems.

    The 3 domains of information security are confidentiality, integrity, and availability. These information security domains are collectively known as the CIA triad. Awareness, cybersecurity tabletop exercises, and training are part of end-user education.

    8. Security Operations

    Security operations pertain to the tasks that put security plans into action. It covers applying resource protection techniques, disaster recovery, incident management, managing physical security, and understanding and supporting investigations.

    This domain of cyber security also involves logging and monitoring services, requirements for investigation types, and securing the provision of resources.

    9. Physical Security

    Physical security is the process of protecting people, property, and physical assets from events and scenarios that can result in damage or loss. Different cybersecurity teams need to work in line to secure the digital and physical assets of an organization.

    This is because the complexity of physical security is growing due to rapidly evolving technologies like the internet of things and artificial intelligence.

    10. Career Development

    Unbelievably, career development is also classified as one of the cyber domains. This is because the demand for skilled and qualified cybersecurity professionals has increased.

    Career development in cybersecurity includes certifications, conferences, peer groups, self-study, training, and so on. Moreover, students can learn different topics and opt for programs like information security, risk assessment, or Ethical Hacking Certification Training.

    11. Security Architecture
    Security Architecture

    It is a unified security design to address the potential risks and requirements of a specific condition or environment. Security architecture also specifies where and when to apply security controls. This process is usually reproducible. 

    The design principles and in-depth security control specifications are documented clearly and in different documents. The key attributes of security architecture are:

    • Benefits 
    • Drivers 
      • Benchmarking and good practice
      • Financial
      • Legal and regulatory
      • Risk management
    • Form
    • Relationships and dependencies

    Architecture risk assessment, implementation, operations and monitoring, and security architecture and design are the key phases in the process of security architecture.

    Map of Cybersecurity Domains

    A map of the cybersecurity domain or a cyber security domain mind map is an image that demonstrates different domains in cyber security and their sub-domains. The following image is an illustrative example of a Cybersecurity Domains mind map download the PDF here:

    Map of Cyber Security Domains

    As you can see in the cyber security domains map, there are various types of cybersecurity domains, which are further divided into cyber security subdomains that might further have subgroups.

    For example, physical security is a domain of cyber security, and its domain is IoT security, which is a sub-domain of cybersecurity. Another example is security architecture, which has security engineering as its subdomain, which further has computer operations security and network security domains.

    Looking to boost your ITIL skills? Join our unique ITIL Foundation Training Course and unlock new career opportunities. Don't miss out, enroll today!


    Cybersecurity is a very broad topic, encompassing a wide array of principles, tools, frameworks, and more. With the exponential growth in cyberspace, cybersecurity has also witnessed an unprecedented demand. Thus, it is high time to make a career in cyber security.

    There are numerous ways to learn cybersecurity, however, the thing that you need to do is to practice it. Hence, you can opt for KnowledgeHut’s Cyber Security Training Online courses to ensure that you learn and practice cybersecurity side-by-side.

    Frequently Asked Questions (FAQs)

    1What is physical domain in cyber security?

    This domain includes the software, hardware, and network of a computer system. It is primarily concerned with the hardware associated with the computing system. 

    2Which cybersecurity domain is best?

    All cyber security domains are important. Hence, there is no single best domain in cyber security. Different organizations need to set different priorities for the various domains of cyber security as per their organizational goals and objectives. 

    3What are the two domains of cyber forensics?

    Computer forensics or cyber forensics involves extracting data as proof for some crime while abiding by proper investigation rules and presenting relevant proof to the court or the jurisdiction applicable to the crime scene.

    There are many domains of cyber forensics. These are database forensics, disk forensics, email forensics, malware forensics, memory forensics, mobile phone forensics, and network forensics. 

    4What are the four key cyber functions?

    A cyber function is the use of implementing a cybersecurity policy. Governing, protecting, detecting, and responding are the four key cyber functions.


    Akhil Bhadwal

    Blog Author

    With 8+ years of experience in developing content, Akhil is dedicated to making concepts (and life) easier for his readers. He started his career as a freelance product description writer in 2015 and then ventured out into multiple roles, including Senior Technical Content Writer (Programming) , Content Strategist, Technical Content Editor and Content Manager. Akhil is currently employed as a Marketing Manager and also offers services as a Content Consultant.

    Share This Article
    Ready to Master the Skills that Drive Your Career?

    Avail your free 1:1 mentorship session.

    Your Message (Optional)

    Upcoming Cyber Security Batches & Dates

    NameDateFeeKnow more
    Course advisor icon
    Course Advisor
    Whatsapp/Chat icon