The overused term ‘Cyber’, along with information security and information assurance, can be broken down into five broad categories.  These are Compliance, Auditing, Framework based, Actual security, and Continual Monitoring.  There is great overlap in many of these, and many are at times construed to mean something else because a lack of understanding or just a lack of manpower to accomplish all the work.  Unfortunately, Compliance and Auditing take precedence many times over Actual security and monitoring because the former costs money if found liable, and the other costs money but at times seems to have no tangible monetary benefit.

SOURCE: infosec.markobrien.us