The current situation of the development of storage, exchange and processing of information is characterized by intensive technology implementation, the dissemination of local, corporate and global networks in all spheres of life of a civilized state. It creates new opportunities and quality of information exchange. In this context we have the question how to ensure the safety and protection of information at the same time. So, the problems of professional training of highly qualified specialists in cybersecurity and information security are of paramount importance. The article aims to outline the scientific ontology and thesaurus areas of cybersecurity and information security as a basis for professional development of specialists in the chosen specialty. We used the thesaurus approach to study the terminology of the cybersecurity industry. The article outlines the advantages of the thesaurus approach, defines the notion of "information security", "cybersecurity", "information protection" and establishes links between them. Thesaurus and ontology are a modern form of the presentation of knowledge that is suitable for its automated processing, and correlates with the acquisition and management of knowledge in the process of professional training of cybersecurity and information security specialists. The thesaurus of the field of professional training in cyber security and information security is rather broad, debatable and requires further research and unambiguous identification. The exhaustively formulated and deterministic terminology will be the first step that will help the specialists of the specialty under study to fulfill their main professional task – providing cybersecurity of information and communication infrastructure.