What is cybersecurity? A guide to the methods used to protect computer systems and data

Dave Johnson
Updated ·4 min read
cyber security
Cybersecurity is the protection of computer systems from cyberattacks and is a rapidly growing industry. Yuichiro Chino/Getty Images

  • Cybersecurity is the practice that protects computer technology and data systems from attack.

  • It's a huge, multi-billion dollar industry and consists of many kinds of security practices.

  • The threat landscape is always evolving, but current threats to cybersecurity include malware, phishing, and denial-of-service attacks.

  • Visit Insider's Tech Reference library for more stories.

Cybersecurity is the practice of protecting all forms of computer technology from malicious attacks. It includes the preservation of computers, servers, mobile devices, networks, applications, and data in the event of damage, destruction, and unauthorized access. As an industry, cybersecurity is enormous and growing to help protect everyone from new and evolving threats.

What to know about cybersecurity

The growth of this industry isn't surprising. Virtually every organization and institution in the world today relies on computer systems and stores unprecedented amounts of sensitive personal, private, and proprietary information, meaning that accessing that data is one of the foremost battlegrounds for criminals, terrorists, state actors, and other malicious entities.

Cybersecurity encompasses many categories. Here are some of the major types that government, businesses, and other entities need to safeguard.

  • Network security: This, simply put, is the practice of protecting computer networks from attack and intrusion.

  • Application security: The field of keeping software secure from attack by ensuring it's designed in a secure manner and kept secure through updates and improvements, especially as vulnerabilities are detected.

  • Cloud security: In the last few years, online data storage in the "cloud" has become a major component of the IT solution for many organizations. Securing the data in these remote servers, as well as the security of accessing this data, has become its own category within cybersecurity.

  • Information security: This ensures data, wherever it exists within a network, is safe and secure, ensuring the privacy of all sensitive information.

  • Operational security: This encompasses all the processes and procedures needed to protect physical systems and the data stored within, such as password policies, biometrics, data access procedures, identity and credential verification, user training and education, and more.

  • Disaster recovery: When a cyberattack occurs, disaster recovery plans define how the organization moves forward. Disaster recovery includes everything needed to continue the organization's mission, deal with data loss, restore operations, and more.

Common cyber threats

The cyber-threat landscape is always evolving, but there are a lot of known threats that the industry needs to guard against. While their goals might be different, it doesn't matter if an organization is protecting against cyber criminals or cyber terrorists - all malicious actors tend to have the same set of tools to work with, and that means there's a common set of cyber threats that exist.

  • Malware: Malicious software is the oldest and most common kind of cyber threat. Encompassing such weapons as viruses, ransomware, trojans, and botnets, malware is any kind of software that can be used to infiltrate, disrupt, steal, or damage data.

  • Phishing: Many cyber crimes start through phishing, in which malicious email or text messages masquerade as something legitimate to trick users into giving up sensitive information or login credentials.

  • Man-in-the-middle attack: This kind of threat happens when a malicious actor can compromise an intermediate node in computer communication, and intercept messages or data between two other locations. A man-in-the-middle attack can allow malicious entities to impersonate the endpoint and appear to be the legitimate destination for data and communication.

  • Denial-of-service attack: This is a technique used to overwhelm a server with illegitimate data requests so it is unable to perform the role it was intended to do. A denial-of-service attack can happen when a malicious actor uses other techniques - like botnets, installed through phishing schemes - to remotely take over other computers and then remotely control them to perform the denial attack. Here, you can see how multiple kinds of cyber threats can combine to cause wide-scale harm.

What is malware? Everything you need to know about malicious software and viruses, and how to protect your computerWhat is a computer virus? Here's how to spot signs of viruses and avoid themWhat is phishing? Here's what you should know about the virtual scamming technique and how to protect yourself from data theftRansomware can encrypt your files and force you to pay money - here's how to avoid ransomware, or deal with an infection

Read the original article on Business Insider