Cyber security refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.
What is Cyber Security?
Cyber Security is the protection of internet-connected systems such as hardware, software, and data from cyber threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems.
A strong cyber security strategy can provide a good security posture against malicious attacks designed to access, alter, delete, destroy or extort an organization’s or user’s systems and sensitive data. Cyber security is also instrumental in preventing attacks that aim to disable or disrupt a system’s or device’s operations.
Why is Cyber Security important?
Cyber Security is important because the internet, smartphones, and computers are now fundamental parts of modern life. Almost every industry in the world collects and stores endless amounts of sensitive data on computers and other digital devices. This could be personal data to intellectual properties, to government documents, and if any of this gets into the hands of bad actors, there will be negative consequences. Protecting data is a challenging task with severe repercussions if done incorrectly.
Common cyber threats
Although cyber security professionals work hard to close security gaps, attackers are always looking for new ways to escape IT notice, evade defense measures, and exploit emerging weaknesses. The latest cyber security threats are putting a new spin on “known” threats, taking advantage of work-from-home environments, remote access tools, and new cloud services. These evolving threats include:
- Malware – Malware, short for Malicious Software, is any software purposely designed to cause damage to a computer, server, client, or computer network. Malware comes in all different shapes and sizes. Some are stealthy and hardly leave a trace, whereas others are like a wrecking ball leaving destruction behind them.
- Ransomware – Ransomware is a type of malicious software. It is designed to extort money by blocking access to files or the computer system until the ransom is paid. Paying the ransom does not guarantee that the files will be recovered or the system restored.
- Phishing / social engineering – Phishing is a form of social engineering that tricks users into providing their own PII or sensitive information. In phishing scams, emails or text messages appear to be from a legitimate company asking for sensitive information, such as credit card data or login information. The FBI has noted a surge in pandemic-related phishing, tied to the growth of remote work.
- DDoS attacks – A Denial-of-service attack is where an attacker will render a server, service, or network unavailable by overwhelming it with internet traffic. Cyber Criminals will infect internet-connected devices with malware to control them remotely.
- Advanced persistent threats – Advanced persistent threats (APTs) are a type of attack on integrity where an unauthorized user infiltrates a network undetected and stays in the network for a long time. The intent of an APT is to steal data and not harm the network. APTs often happen in sectors with high-value information, such as national defense, manufacturing, and the finance industry.
- Man-in-the-middle attacks – Man-in-the-middle is an eavesdropping attack, where a cybercriminal intercepts and relays messages between two parties to steal data. For example, on an unsecured Wi-Fi network, an attacker can intercept data being passed between a guest’s device and the network.
What are the 5 types of cyber security?
Cyber security can be categorized into five distinct types:
- Critical infrastructure security
- Application security
- Network security
- Cloud security
- Internet of Things (IoT) security
To cover all of its bases, an organization should develop a comprehensive plan that includes not only these five types of cyber security, but also the three components that play active roles in a cyber security posture: people, processes, and technology.
Cyber Security measures when implemented in conjunction with an educated and informed user base make up the best defense against cyber threats. One can always start small, focusing on the most valuable assets, and eventually scale the efforts as the Cyber Security program matures. The only way to battle malicious threats and attacks is to let the security programs evolve so that they can fight the advancing and newest threats head-on or, at the best, prevent these types of attacks from being a success in the first place.