Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories.
- Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware.
- Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data it’s designed to protect. Successful security begins in the design stage, well before a program or device is deployed.
- Information security protects the integrity and privacy of data, both in storage and in transit.
- Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.
- Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources.
- End-user education addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons are vital for the security of any organization.
Understanding the Role of Cyber Security
Anything that relies on the internet for communication, or is connected to a computer or other smart device, can be affected by a breach in security. This includes:
- communication systems, like email, phones and text messages
- transportation systems, including traffic control, car engines, airplane navigation systems
- government databases, including Social Security numbers, licenses, tax records
- financial systems, including bank accounts, loans, and paychecks
- medical systems, including equipment and medical records
- educational systems, including grades, report cards, and research information
The three pillars of Cybersecurity
Robust cybersecurity addresses people, processes and technology.
- People:
Every employee needs to be aware of their role in preventing cyber threats. Cybersecurity staff needs to stay up to date with the latest risks, solutions, and qualifications.
- Processes:
Documented processes should clearly define roles, responsibilities, and procedures. Cyber threats are constantly evolving, so processes need to be regularly reviewed.
- Technology:
From access controls to installing antivirus software, technology can be utilized to reduce cyber risks.
Three Principles of Cyber Security
There are at least three main principles behind cybersecurity: confidentiality, integrity, and availability.
1. Confidentiality involves any information that is sensitive and should only be shared with a limited number of people. If your credit card information, for example, was shared with a few criminals, your credit rating and your reputation could suffer very quickly.
2. Integrity involves keeping information from being altered. When malware hits a hospital’s computer systems, it can scramble patient records, lab results and can prevent staff from accessing a patient’s allergy or drug information.
3. Availability involves ensuring those who rely on accurate information can access it. Availability is often related to integrity, but can also involve things like a cyber attack preventing people from accessing specific computers, or from accessing the internet.
Why is cybersecurity important?
- The costs of cybersecurity breaches are rising
Emerging privacy laws can mean significant fines for organizations. There are also non-financial costs to be considered, like reputational damage.
- Cyber attacks are increasingly sophisticated
Cyber-attacks continue to grow in sophistication, with attackers using an ever-expanding variety of tactics. This includes social engineering, malware, and ransomware (used for Petya, WannaCry, and NotPetya).
- Cybercrime is a big business
In 2018, the cybercrime economy was estimated to be worth $1.5 trillion, according to a study commissioned by Bromium. Attackers can also be driven by political, ethical or social incentives.
- Cybersecurity is a critical, board-level issue
New regulations and reporting requirements make cybersecurity risk oversight a challenge. The board will continue to seek assurances from management that their cyber risk strategies will reduce the risk of attacks and limit financial and operational impacts.