What Is Cybersecurity? Definition, Threats & More
Cybersecurity protects sensitive digital information and critical systems from cyberattacks, often through several layers of protection. Networks, computers, programs, and data all need to be protected from cyber threats and bad actors. In 2020, the Federal Bureau of Investigation (FBI) reports that losses related to internet crime, or cybercrime, well surpassed $4.2 billion. With more and more of the world turning digital and more information being stored on the internet, cybersecurity is more important than it ever has been. Cybersecurity has been named one of the critical elements of the Department of Homeland Security’s (DHS) mission under the Biden-Harris administration, making this a top priority over all levels of the United States government. Cybersecurity threats include phishing scams, ransomware, social engineering, and malware. A strong cybersecurity protocol needs to address all of these potential issues to keep data and systems safe from breach or attack.
What is cybersecurity?
Cybersecurity, also known as information technology (IT) security, is the method of keeping digital systems and information safe from potential threats. Cybersecurity models often include layers of protection involving multiple domains. Cyber threats can come from inside or outside of an organisation. As such, cybersecurity measures should be comprehensive and multifaceted. Cybersecurity needs to protect networks, devices, data, and communications from access to unauthorised users. It should strive to guarantee confidentiality and privacy, data integrity, and the availability of data when authorised. Cybersecurity protocols can include the following:
- Security for critical infrastructure: A cybersecurity framework is necessary to protect vital computer systems needed for matters of public safety, national security, and economic health.
- Network security: A computer network, including both wired and wireless (Wi-Fi) connections, needs to be protected from intrusion.
- Cloud security: Data stored in the cloud should be encrypted to protect and support privacy and regulatory compliance standards.
- Application security: During the design stage, security should be built into applications that are stored both in the cloud and on site.
- Information security: Sensitive data should be protected from unauthorised access, theft, or exposure through data protection measures.
- Education for end users: People are often the weak link for security measures, and users should be educated on best security practices.
- Disaster recovery procedures: Methods should be in place to counter potential attacks or natural disasters in a way to minimise disruption to regular operations.
These are examples of cybersecurity technologies:
- Firewalls
- Antivirus software
- Malware protection
- DNS filtering
- Email security solutions
- Cryptography
Types of cybersecurity threats
There are various cybersecurity threats today, and they are always evolving. As security measures are designed, criminals find ways to get around them. These are some of the most common cybersecurity threats to watch out for:
- Phishing: This is one of the most common types of cyberattacks and is done through emails or text messages. A message that appears to be from a reputable and legitimate source is sent to a recipient asking for personal login credentials and/or sensitive personal data. This can serve to give cyber criminals access to financial information, passwords, and personal identification to commit fraud and theft.
- Social engineering: This is another tactic employed by cybercriminals to trick users into revealing sensitive information. It often involves clicking on fake links to gain access to your login credentials or personal data, or the solicitation of money for a seemingly reputable cause.
- Malware: This is a form of software that can infect computers, causing damage or giving a cybercriminal access to the device or system. It can be sent in an attachment that is downloaded unknowingly by the user or pose as legitimate software or applications.
- Ransomware: Another form of malicious software, this corrupts a computer or system, blocking access to files or the entire system until a ransom is paid. Ransomware is a form of extortion that locks users out of files or a system, only granting access after money is exchanged.
- Distributed denial-of-service (DDoS) attacks: This type of cyberattack overloads the network, website, or server — often in a coordinated attack from multiple sources — in an attempt to crash it. This can disrupt business operations, frustrate clients and consumers, and cost companies financially.
It is important to understand that threats do not always come from out