Biosecurity and information security share a common vocabulary and threat environment due to the shared infection paradigm. Since both biosecurity and information security exist in an environment with pervasive and continuously evolving threats, both fields utilize similar methods to reduce risk: controlled access to facilities (isolation), maintenance of 'safe' environment (sanitation), user training (education), and ongoing checks for hazards (monitoring). The main differences between the two are ease of attack (virtual vs. physical) and costs/penalties for failure.