controls as well as in programming.

               The term security through obscurity may seem relevant here.
               However, that concept is different. Data hiding is the act of

               intentionally positioning data so that it is not viewable or accessible to
               an unauthorized subject, while security through obscurity is the idea of
               not informing a subject about an object being present and thus hoping
               that the subject will not discover the object. Security through obscurity
               does not actually implement any form of protection. It is instead an

               attempt to hope something important is not discovered by keeping
               knowledge of it a secret. An example of security though obscurity is
               when a programmer is aware of a flaw in their software code, but they
               release the product anyway hoping that no one discovers the issue and
               exploits it.


               Encryption


               Encryption is the art and science of hiding the meaning or intent of a
               communication from unintended recipients. Encryption can take
               many forms and be applied to every type of electronic communication,
               including text, audio, and video files as well as applications
               themselves. Encryption is an important element in security controls,
               especially in regard to the transmission of data between systems.
               There are various strengths of encryption, each of which is designed

               and/or appropriate for a specific use or purpose. Weak or poor
               encryption can be considered as nothing more than obfuscation or
               potentially even security through obscurity. Encryption is discussed at
               length in Chapter 6, “Cryptography and Symmetric Key Algorithms,”
               and Chapter 7, “PKI and Cryptographic Applications.”