What Is Cybersecurity? Definition, Threats & More
Cybersecurity protects sensitive digital information and critical systems from cyberattacks, often through several layers of protection. Networks, computers, programs, and data all need to be protected from cyber threats and bad actors. In 2020, the Federal Bureau of Investigation (FBI) reports that losses related to internet crime, or cybercrime, well surpassed $4.2 billion. With more and more of the world turning digital and more information being stored on the internet, cybersecurity is more important than it ever has been. Cybersecurity has been named one of the critical elements of the Department of Homeland Security’s (DHS) mission under the Biden-Harris administration, making this a top priority over all levels of the United States government. Cybersecurity threats include phishing scams, ransomware, social engineering, and malware. A strong cybersecurity protocol needs to address all of these potential issues to keep data and systems safe from breach or attack.
What is cybersecurity?
Cybersecurity, also known as information technology (IT) security, is the method of keeping digital systems and information safe from potential threats. Cybersecurity models often include layers of protection involving multiple domains. Cyber threats can come from inside or outside of an organization. As such, cybersecurity measures should be comprehensive and multifaceted. Cybersecurity needs to protect networks, devices, data, and communications from access to unauthorized users. It should strive to guarantee confidentiality and privacy, data integrity, and the availability of data when authorized. Cybersecurity protocols can include the following:
- Security for critical infrastructure: A cybersecurity framework is necessary to protect vital computer systems needed for matters of public safety, national security, and economic health.
- Network security: A computer network, including both wired and wireless (Wi-Fi) connections, needs to be protected from intrusion.
- Cloud security: Data stored in the cloud should be encrypted to protect and support privacy and regulatory compliance standards.
- Application security: During the design stage, security should be built into applications that are stored both in the cloud and on site.
- Information security: Sensitive data should be protected from unauthorized access, theft, or exposure through data protection measures.
- Education for end users: People are often the weak link for security measures, and users should be educated on best security practices.
- Disaster recovery procedures: Methods should be in place to counter potential attacks or natural disasters in a way to minimize disruption to regular operations.
These are examples of cybersecurity technologies:
- Firewalls
- Antivirus software
- Malware protection
- DNS filtering
- Email security solutions
- Cryptography
Types of cybersecurity threats
There are various cybersecurity threats today, and they are always evolving. As security measures are designed, criminals find ways to get around them. These are some of the most common cybersecurity threats to watch out for:
- Phishing: This is one of the most common types of cyberattacks and is done through emails or text messages. A message that appears to be from a reputable and legitimate source is sent to a recipient asking for personal login credentials and/or sensitive personal data. This can serve to give cyber criminals access to financial information, passwords, and personal identification to commit fraud and theft.
- Social engineering: This is another tactic employed by cybercriminals to trick users into revealing sensitive information. It often involves clicking on fake links to gain access to your login credentials or personal data, or the solicitation of money for a seemingly reputable cause.
- Malware: This is a form of software that can infect computers, causing damage or giving a cybercriminal access to the device or system. It can be sent in an attachment that is downloaded unknowingly by the user or pose as legitimate software or applications.
- Ransomware: Another form of malicious software, this corrupts a computer or system, blocking access to files or the entire system until a ransom is paid. Ransomware is a form of extortion that locks users out of files or a system, only granting access after money is exchanged.
- Distributed denial-of-service (DDoS) attacks: This type of cyberattack overloads the network, website, or server — often in a coordinated attack from multiple sources — in an attempt to crash it. This can disrupt business operations, frustrate clients and consumers, and cost companies financially.
It is important to understand that threats do not always come from outside of a company either. There are also insider threats that seek to abuse access permissions. Past employees, contractors, or former business partners who have had previous access to a network or system can be potential insider threats.
The importance of cybersecurity
With the rise of technology, more of our lives have turned digital. The pandemic has played a role in driving more business and people online as well. In response, cybercrime has also exploded. Threat actors continually learn new and evolving methods for exploiting information. Cybercriminals seek to disrupt business practices, steal money or information, threaten the delivery of essential services, or commit fraud. Cybersecurity is necessary to keep personal information like Social Security numbers and sensitive personal identification data, financial information, company data, and national secrets safe from intruders and cybercriminals. A strong cybersecurity protocol that provides multi-layered protection can help to keep business running smoothly, critical infrastructure in place, and financial and personal data safe and secure.
Cybersecurity best practices
Some of the best practices for cybersecurity involve keeping up with changing and evolving trends and using a multifaceted approach that targets all potential areas of concern. This includes the cloud, networks, and endpoint devices, such as routers, computers, and smart devices. Security solutions should be industry standard and meet regulatory compliance. It’s strongly recommended that everyone abide by the OWASP Top 10 Guidelines, as well as NIST guidelines. Here are some of the best cybersecurity practices:
- Use a firewall. This can prevent malicious traffic and prevent unnecessary outbound communication.
- Educate users. Ensure that suspicious emails are reported immediately. Users should be instructed not to click on links or download attachments and to check sources. Websites should be accessed directly before entering login credentials, and passwords should be protected.
- Use strong passwords or multi-factor authentication (MFA). Passwords should not be repeated and need to be changed often. Systems that require two or more access credentials are even more secure.
- Keep the system up to date. Install patches and updates when required to ensure most recent threat resistance.
- Use anti-virus and malware detection software. These programs can help to block threats and alert you of potential issues before unauthorized access is granted.
- Document cybersecurity policies. A comprehensive plan needs to be implemented across the board.
- Back up everything. In the event of an emergency or breach, you’ll need access to your data.
Other methods for digital security involve using a principle of least privilege or zero trust security strategy. The principle of least privilege only allows users to have privileges that are essential to functions they need to perform. This way, the entire system is not compromised if one user’s credentials are breached. The zero-trust security strategy uses continuous verification. It can protect the system as a whole by requiring new login credentials each time.
Additional resources
- Cybersecurity & Infrastructure Security Agency (CISA): This organization provides a multitude of resources, tips, and information on vulnerability.
- CISA Services Catalog: This resource provides access to all of CISA’s mission areas in one place.
- National Institute of Standards and Technology (NIST): This group offers industry standards and information on the latest cybersecurity methods.
- Department of Homeland Security (DHS)- Science and Technology Directorate (S&T): This organization provides cybersecurity resources, references, links, and publications.
References
FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics. (March 2021). Federal Bureau of Investigation (FBI).
Cybersecurity. (October 2021). Department of Homeland Security (DHS).
5 Biggest Cybersecurity Threats. (February 2021). Security Magazine.
Why Ransomware Attacks Are on the Rise and What Can Be Done to Stop Them. (July 2021). PBS News Hour.
Be Cyber Smart. (2021). Cybersecurity & Infrastructure Security Agency (CISA).
Cybersecurity & Infrastructure Security Agency (CISA). Cybersecurity & Infrastructure Security Agency (CISA).
CISA Services Catalog. Cybersecurity & Infrastructure Security Agency (CISA).
National Institute of Standards and Technology (NIST). National Institute of Standards and Technology (NIST).
Cybersecurity Resources. Department of Homeland Security (DHS).