Definition

cybersecurity

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks. In a computing context, security comprises cybersecurity and physical security -- both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. The goal of cybersecurity is to limit risk and protect IT assets from attackers with malicious intent. Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of cybersecurity.

Cybersecurity best practices can, and should, be implemented by large and small organizations, employees and individuals. One of the most problematic elements of cybersecurity is the continually evolving nature of security risks and advanced persistent threats (APTs).

The traditional approach has been to focus resources on crucial system components and protect against the biggest known threats, which meant leaving components undefended and not protecting systems against less dangerous risks. To deal with the current environment, advisory organizations are promoting a more proactive and adaptive approach.

The National Institute of Standards and Technology (NIST), for example, recently issued updated guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments. Version 1.1 of the Framework for Improving Critical Infrastructure was released in April 2018. The voluntary Cybersecurity Framework (CSF), developed for use in the banking, communications, defense and energy industries, can be adopted by all sectors, including federal and state governments. President Donald Trump issued an executive order mandating that federal agencies adopt the NIST CSF in May 2017.

Cybersecurity is a defensive solution to protect any internet-connected system from cyberthreats and attacks.

Purpose of cybersecurity

Cybersecurity measures should always be implemented to protect the data of small and large organizations and individuals. Even though significant security breaches are the ones that often get publicized, small organizations still have to concern themselves with their security posture, as they may often be the target of viruses and phishing.

Why is cybersecurity important?

Cybersecurity is important because it helps protect an organization's data assets from digital attacks that could damage the organization or individuals if placed in the wrong hands. Medical, government, corporate and financial records all hold personal information. Security incidents can lead to losses in terms of reputation, money, theft of data, deletion of data and fraud.

What cybersecurity can prevent

Cybersecurity helps prevent data breaches, identity theft and ransomware attacks, as well as aiding in risk management. When an organization has a strong sense of network security and an effective incident response plan, it is better able to prevent and mitigate cyberattacks. The process of keeping up with new technologies, security trends and threat intelligence is a challenging task.

Types of cybersecurity threats

Cyberthreats can take many forms, including the following:

  • Malware: a form of malicious software in which any file or program can be used to harm a computer user, such as worms, computer viruses, Trojan horses and spyware.
  • Ransomware: a type of malware that involves an attacker locking the victim's computer system files -- typically through encryption -- and demanding a payment to decrypt and unlock them.
  • Social engineering: an attack that relies on human interaction to trick users into breaking security procedures to gain sensitive information that is typically protected.
  • Phishing: a form of fraud in which falsified emails are sent that resemble emails from reputable sources; however, the intention of these emails is to steal sensitive data, such as credit card or login information.

Cybersecurity threat vectors

A threat vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including human operators. Popular attack vectors include the following:

  • USB sticks and other portable storage devices
  • unsupported browser extensions
  • infected websites
  • orphan accounts
  • malvertisements
  • online quizzes and personality tests

Elements of cybersecurity

It can be a challenge in cybersecurity to keep up with the changing security risks. The traditional approach has been to focus resources on crucial system components. Today, ensuring cybersecurity requires the coordination of efforts throughout an information system, which includes the following:

  • Application security: Minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify or delete sensitive data.
  • Information security (infosec): Protect information assets, regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.
  • Network security: Detect, prevent and respond to threats through the use of security policies, software tools and IT services.
  • Business continuity planning (BCP)/disaster recovery planning (DRP): Maintain or quickly resume mission-critical functions following a disaster.
  • Operational security (opsec): Classify information assets, and determine the controls required to protect these assets.
  • End-user education: Provide directives that describe what actions employees must take -- or avoid -- in order to protect corporate assets.

Benefits of cybersecurity

The benefits of implementing cybersecurity initiatives include the following:

  • business protection against malware, ransomware, phishing and social engineering;
  • protection for data and networks;
  • prevention of unauthorized users accessing digital assets;
  • improvement of recovery time after a breach;
  • protection of endusers and their personally identifiable information (PII); and
  • improvement of confidence in the organization.

Cybersecurity challenges

Cybersecurity is continually challenged by hackers, data loss, privacy, risk management and changing cybersecurity strategies. Nothing currently indicates that cyberattacks will decrease. Moreover, with an increased number of entry points for attacks, more strategies for securing digital assets are needed to protect networks and devices.

One of the most problematic elements of cybersecurity is the continually evolving nature of security risks. As new technologies emerge and existing technology is used in new or different ways, new avenues of attack are developed as well. Keeping up with these continual changes and advances in attacks and updating practices to protect against them can be challenging to organizations. This also includes ensuring that all the elements of cybersecurity are continually changed and updated to protect against potential vulnerabilities. This can be especially challenging for smaller organizations.

Additionally, today, there is a lot of potential data an organization can gather on individuals who take part in one of their services. With more data being collected, the likelihood of a cybercriminal who wants to steal PII is another concern. For example, an organization that stores PII in the cloud may be subject to a ransomware attack and should do what it can to prevent a cloud breach.

Cybersecurity should also address end-user education, as employees may accidently bring a virus into a workplace on their work computer, laptop or smartphone.

Another large challenge to cybersecurity is the staffing shortage. As growth in data from businesses becomes more important, the need for more cybersecurity personnel with the right required skills to analyze, manage and respond to incidents increases. It is estimated that there are 2 million unfilled cybersecurity jobs worldwide. Cybersecurity Ventures also estimated that, by 2021, there will be up to 3.5 million unfilled cybersecurity jobs.

Automation

New advances in machine learning and artificial intelligence (AI) are being developed that help security professionals organize and manage log data. AI and machine learning can assist in areas with high-volume data streams, such as the following:

  • correlating data by organizing it, identifying possible threats and predicting an attacker's next step;
  • detecting infections by implementing a security platform that can analyze data and recognize threats;
  • generating protections without putting a strain on resources; and
  • continually auditing the effectiveness of protections in place to ensure they are working.

Cybersecurity vendors

As a result of increasing security risks, investments in cybersecurity technologies and services are increasing. Gartner predicted that worldwide spending on information security products and services would reach $114 billion in 2018 and another 8.7% increase to $124 billion in 2019.

Vendors in cybersecurity fields will typically use endpoint, network and advanced threat protection security, as well as data loss prevention (DLP). Three commonly known cybersecurity vendors are Cisco, McAfee and Trend Micro.

Cisco tends to focus on networks and enables its customers to utilize firewalls, virtual private networks (VPNs) and advanced malware protection, along with supporting email and endpoint security. Cisco also supports real-time malware blocking.

McAfee makes cybersecurity products for consumers and enterprise users. McAfee supports mobile, enterprise clouds, network, web and server-based security. Data protection and encryption are also offered.

Trend Micro is an antimalware vendor that offers threat protection for mobile, hybrid cloudsSaaS and the internet of things (IoT). Trend Micro provides users with endpoint, email and web security.

Careers in cybersecurity

As the cyberthreat landscape continues to grow and new threats emerge -- such as threats on the landscape of IoT -- individuals are needed with skills and awareness in both security hardware and software.

 IT professionals and other computer specialists are needed in security jobs, such as the following:

  • Chief information security officer (CISO): This individual implements the security program across the organization and oversees the IT security department's operations.
  • Security engineer: This individual protects company assets from threats with a focus on quality control within the IT infrastructure.
  • Security architect: This individual is responsible for planning, analyzing, designing, testing, maintaining and supporting an enterprise's critical infrastructure.
  • Security analyst: This individual has several responsibilities that include planning security measures and controls, protecting digital files, and conducting both internal and external security audits.

History

Important milestones in cybersecurity history include the following:

  • In 1971, the creeper virus was found; it is commonly recognized as the first computer virus.
  • In 1983, Massachusetts Institute of Technology (MIT) was granted a patent for a cryptographic communications system and method -- the first cybersecurity patent.
  • In the 1990s, the advent of computer viruses led to the infection of millions of personal computers (PCs), causing cybersecurity to become a household concern and facilitating the creation of more antivirus software.
  • In 1993, the first Def Con conference was held; its focus was cybersecurity.
  • In 2003, Anonymous was formed -- the first well-known hacker group.
  • In 2013, the Target breach occurred in which 40 million credit and debit card records were accessed and stolen.
  • In 2016, Yahoo reported two cybersecurity breaches in which hackers gained access to data from over 500 million user accounts.
  • In 2017, the Equifax security breach occurred, which exposed the personal information of up to 147 million people.
  • In 2018, the General Data Protection Regulation (GDPR) was implemented. It focused on the protection of end-user data in the European Union (EU).
  • Also in 2018, the California Consumer Privacy Act (CCPA) was implemented. It supports individuals' right to control their own PII.
This was last updated in October 2019

Continue Reading About cybersecurity

Dig Deeper on Information security program management

Join the conversation

14 comments

Send me notifications when other members comment.

Please create a username to comment.

How does cybersecurity impact your organization?
Cancel
What do you do to protect your data?
Cancel
In Cyber Security, selling the problem has become the preferred approach because there is no convincing Cyber solution to sell. Cyber Security is a problem without a solution. The remedy? Don’t use the Internet for data and information you cannot afford to lose. If an organization is currently using the Internet for data and information it cannot afford to lose, then it must engage in Operation Cyber Pullback.

The approach for industry? Use the Internet only for data and information you can afford to lose. Employ three-factor authentication. Employ keyless encryption based on arbitrary nondeterministic, key-based mathematical methods.

The approach for government? Set a high goal to achieve resilience. Here resilience is the ability to anticipate, avoid, withstand, minimize, and recover from the effects of adversity whether natural or man made under all circumstances of use. Employ integration engineering, a resilience integrator, and intelligent middlemen in the Critical Infrastructure system of systems. Understand and anticipate cascade triggers in the Critical Infrastructure system of systems. Indemnify industry partners to foster information sharing needed for anticipation and avoidance.

In the resilience value proposition, the payoff comes in avoiding consequences, outcomes, and bad actors.
1. Avoidance of consequences includes loss of data and information, loss of privacy, loss of well being, loss of identity, loss of money, loss of life, loss of opportunity, cleanup costs, loss of trust, and loss of availability.
2. Avoidance of outcomes includes unauthorized access, loss of data, tampering with data, erosion of performance, and denial of service.
3. Avoidance of bad actors includes disgruntled employee, hacker, corporate spy, criminal, terrorist, organized crime, and nation state.
Cancel
What is VID as it relates to cybersecurity?
Cancel
Nice.
Cancel
Can I choose a cybersecurity as my minor in b.tech as I'm weak in coding?
Cancel
Are security robots part of the cyber security system?
Cancel
Yes, because it's programmed by cyber criminals.
Cancel
how can i be a worrier in cyber security
Cancel
Cyber Security Solution Provider Company?
Cancel
We know cybersecurity is a defense system for software, hardware and important for secure information. But it's true that small and medium companies are not aware of their cyber attack. Your post is really informative and that's great your company helps people to secure their system. I am following your cybersecurity company blog.  
Cancel
hi am new hear

Cancel
Today, hackers have become more formidable thus being informed about cybercrime will prevent a loss of data and profits later down the road.
Cancel
Thanks for the article! In today’s connected world cybersecurity is number one. And everyone who involved in the web application development tries to protect data. At an individual level, a cybersecurity attack can result in everything from identity theft, to extortion attempts, to the loss of important data like personal photos.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close