Part 1.
Cybersecurity
Chapter 1.
An Introduction to Cybersecurity
So, What Exactly is Cybersecurity?
Cybersecurity is a tech term often associated with and used in the computer field that gets thrown around quite a bit. The analogy is not fortuitous. Cybersecurity is security of all things cyber, but what is cybersecurity really? What are the mechanisms, the foundations and especially how does this translate into our daily personal and professional lives?
Cybersecurity is a set of technologies, processes, and practices that are designed to protect networks, computers, and data from unauthorized attacks, damage, and access. In an information technology context, the term “security” includes cybersecurity and physical security. That means that hackers can come in through the internet and through the front door of your workplace.
Cybersecurity seeks to ensure that the security properties of organizations, and its user’s assets, are not only maintained but maintained in relation to security risks in the cyber environment.
Cybersecurity also means the implementation of measures to protect systems, networks and software applications from digital attacks. Such attacks are usually aimed at gaining access to confidential information, its modification and destruction, at extorting money from users or at disrupting the normal operation of companies.
Implementing effective cybersecurity measures is currently quite a challenge, since today there are far more devices than people, and attackers are becoming more and more inventive.
To ensure cybersecurity, coordinated efforts are required across the information system. Cybersecurity includes (but is not necessarily limited to):
- application security
- information security
- network security
- disaster recovery / business continuity
- operational security
- end user awareness
One of the most problematic aspects of cybersecurity is the constant and rapid evolution of security risks. The traditional approach used to be to focus most of the resources available on critical system components and protect them against the major known threats. This meant leaving some important systems defenseless and giving up the fight against some less important risks. In the current context, this approach is no longer sufficient. Adam Vincent is Technical Director for the Public Sector at Layer 7 Technologies, a security services company that works for US federal services, including some of the Department of Defense services. He explains:
“The threats evolve too fast so we have time to follow them. They change our perception of the notion of risk. Today, it is no longer possible to write a white paper on a risk for a particular system, it should be rewritten permanently ... “.
To cope with the current environment, consulting firms recommend a more proactive, adaptive approach. For example, the National Institute of Standards and Technology (NIST) has just released an update of its recommendations on the risk assessment framework, which recommends real-time assessments and ongoing monitoring.
Forbes estimated the global cyber security market at $ 75 billion in 2015 and predicts the market will reach $ 170 billion in 2020.
What are the principles underlying cyber security?
A successful cybersecurity approach is expressed in the form of multi-level protection covering computers, networks, programs or data that must be secured. Employees, workflows, and technologies must complement each other in organizations to provide effective protection against cyber-attacks.
Employees
Users should understand and follow basic information security principles, such as choosing strong passwords, paying attention to attachments in emails, and backing up data.
Processes
The organization should develop a set of basic measures to counter ongoing and successfully carried out attacks. This set of measures should be one reliable set guild and explains how to identify attacks, protect systems, identify and counter threats, and recover from the attacks. Watch a video clip with explanations about the NIST cybersecurity solution package.
Technology
Technologies are an essential element, that provide organizations and individual users with the tools they need to protect against cyber-attacks. The main components that need to be protected are endpoints, such as computers, smart devices and routers; networks and cloud environments. The most common technologies used to protect the listed components include new-generation firewalls, DNS filtering, malware protection, antivirus software, and email protection solutions.
Why is cybersecurity so important?
In the modern “connected” world, extended cyber defense programs serve the benefit of each user. At the individual level, cyber defense burglary can lead to a variety of consequences, ranging from theft of personal information to extortion of money or loss of valuable data, such as family photos. All of this depends on critical infrastructure, such as power plants, hospitals, and financial services companies. The protection of these and other organizations is important for the maintenance of our society.
Everyone benefits from the research that cyber threat specialists are engaged in; Cybersecurity analysts and technicians studying new and emerging threats, as well as cyber-attack strategies around the world collaborate and share information discovered about new threats. They reveal new vulnerabilities, inform the public about the importance of cybersecurity, and increase the reliability of open source tools. The work of these specialists makes the Internet more secure for each user.
Every year massive amounts of funds are spent on cybersecurity, and the annual increase in spending is more than 5 times higher than the increase in funds spent in the IT sphere as a whole. With an accumulated annual growth rate estimated at 8.3% by 2020 ($ 3.8 trillion) compared with 0.9% in 2016 ($ 3.4 trillion). However, money aimed at developing and ensuring cybersecurity does not affect the greatest threat: human users. About 95% of all information leakages are related to the human factor.
With the increasing diversity of cyber threats, the number of decisions is growing, however, fatigue from constant news and warnings about the dangers of new threats may affect the current state of affairs. “There is a form of growing desensitization to daily reports on cyber-attacks and threats, to the point where some are beginning to wonder: what’s the meaning of cyber security?” Said Earl Perkins, vice president of digital security gurus.
Fortunately, well-designed security procedures, methods, and solutions can almost completely stop intruders. But this requires t...