Cyber security is the protection of internet-connected systems such as hardware, software and data from cyber threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centres and other computerized systems.
A strong cyber security strategy can provide a good security posture against malicious attacks designed to access, alter, delete, destroy or extort an organizations or user’s systems and sensitive data. Cyber security is also instrumental in preventing attacks that aim to disable or disrupt a system’s or device’s operations.
Why is cyber security important?
With an increasing number of users, devices and programs in the modern enterprise, combined with the increased deluge of data — much of which is sensitive or confidential — the importance of cyber security continues to grow. The growing volume and sophistication of cyber attackers and attack techniques compound the problem even further.
What are the elements of cyber security and how does it work?
The cyber security field can be broken down into several different sections, the coordination of which within the organization is crucial to the success of a cyber-security program. These sections include the following:
- Application security
- Information or data security
- Network security
- Disaster recovery/business continuity planning
- Operational security
- Cloud security
- Critical infrastructure security
- Physical security
- End-user education
Maintaining cyber security in a constantly evolving threat landscape is a challenge for all organizations. Traditional reactive approaches, in which resources were put toward protecting systems against the biggest known threats, while lesser known threats were undefended, is no longer a sufficient tactic. To keep up with changing security risks, a more proactive and adaptive approach is necessary. Several key cyber security advisory organizations offer guidance. For example, the National Institute of Standards and Technology (NIST) recommend adopting continuous monitoring and real-time assessments as part of a risk assessment framework to defend against known and unknown threats.
What are the benefits of cyber security?
The benefits of implementing and maintaining cyber security practices include:
- Business protection against cyber-attacks and data breaches.
- Protection for data and networks.
- Prevention of unauthorized user access.
- Improved recovery time after a breach.
- Protection for end users and endpoint devices.
- Regulatory compliance.
- Business continuity.
- Improved confidence in the company’s reputation and trust for developers, partners, customers, stakeholders and employees.
What are the different types of cyber security threats?
The process of keeping up with new technologies, security trends and threat intelligence is a challenging task. It is necessary in order to protect information and other assets from cyber threats, which take many forms. Types of cyber threats include:
- Malware is a form of malicious software in which any file or program can be used to harm a computer user. This includes worms, viruses, Trojans and spyware.
- Ransom ware is another type of malware. It involves an attacker locking the victim’s computer system files — typically through encryption — and demanding a payment to decrypt and unlock them.
- Social engineering is an attack that relies on human interaction to trick users into breaking security procedures to gain sensitive information that is typically protected.
- Phishing is a form of social engineering where fraudulent email or text messages that resemble those from reputable or known sources are sent. Often random attacks, the intent of these messages is to steal sensitive data, such as credit card or login information.
- Spear phishing is a type of phishing attack that has an intended target user, organization or business.
- Insider threats are security breaches or losses caused by humans — for example, employees, contractors or customers. Insider threats can be malicious or negligent in nature.
- Distributed denial-of-service (DDoS) attacks are those in which multiple systems disrupt the traffic of a targeted system, such as a server, website or other network resource. By flooding the target with messages, connection requests or packets, the attackers can slow the system or crash it, preventing legitimate traffic from using it.
- Advanced persistent threats (APTs) are prolonged targeted attacks in which an attacker infiltrates a network and remains undetected for long periods of time with the aim to steal data.
- Man-in-the-middle (MitM) attacks are eavesdropping attacks that involve an attacker intercepting and relaying messages between two parties who believe they are communicating with each other.