What is cybersecurity?
Cybersecurity refers to any technologies, practices and policies for preventing cyberattacks or mitigating their impact. Cybersecurity aims to protect computer systems, applications, devices, data, financial assets and people against ransomware and other malware and phishing scams, data theft and other cyberthreats.
Why cybersecurity is important ?
In today’s connected world, everyone benefits from advanced cyber defense programs. At an individual level, a cybersecurity attack can result in everything from identity theft, to extortion attempts, to the loss of important data like family photos. Everyone relies on critical infrastructure like power plants, hospitals, and financial service companies. Securing these and other organizations is essential to keeping our society functioning.
Everyone also benefits from the work of cyberthreat researchers, like the team of 250 threat researchers at Talos, who investigate new and emerging threats and cyber attack strategies. They reveal new vulnerabilities, educate the public on the importance of cybersecurity, and strengthen open source tools. Their work makes the Internet safer for everyone.
It is a mistake to believe that you are of no interest to cyber attackers. Everyone who is connected to the Internet needs cyber security. This is because most cyber attacks are automated and aim to exploit common vulnerabilities rather than specific websites or organizations.
Common cyber threats include:
- Malware, such as ransomware, botnet software, RATs (remote access Trojans), rootkits and bootkits, spyware, Trojans, viruses, and worms.
- Backdoors, which allow remote access.
- Formjacking, which inserts malicious code into online forms.
- Cryptojacking, which installs illicit cryptocurrency mining software.
- DDoS (distributed denial-of-service) attacks, which flood servers, systems, and networks with traffic to knock them offline.
- DNS (domain name system) poisoning attacks, which compromise the DNS to redirect traffic to malicious sites.
Critical infrastructure organisations are often more vulnerable to attack than others because SCADA (supervisory control and data acquisition) systems often rely on older software.
Operators of essential services in the UK’s energy, transport, health, water and digital infrastructure sectors, and digital service providers are bound by the NIS Regulations.
The Regulations require organizations to implement appropriate technical and organizational measures to manage their security risks.
2. Network security
Network security involves addressing vulnerabilities affecting your operating systems and network architecture, including servers and hosts, firewalls and wireless access points, and network protocols.
3. Cloud security
Cloud security is concerned with securing data, applications, and infrastructure in the Cloud.
4. IoT (Internet of Things) security
IoT security involves securing smart devices and networks connected to the IoT. IoT devices include things that connect to the Internet without human intervention, such as smart fire alarms, lights, thermostats, and other appliances.
5. Application security
Application security involves addressing vulnerabilities resulting from insecure development processes in designing, coding, and publishing software or a website.
Cyber security vs Information security
Cyber security is often confused with information security:
- Cyber security focuses on protecting computer systems from unauthorized access or being otherwise damaged or made inaccessible.
- Information security is a broader category that protects all information assets, whether in hard copy or digital form.
0 Comments