What Is Cybersecurity?
Learn what cybersecurity is and understand the definitions of different types of threats.
So much has been written about cybersecurity that it’s sometimes easy to forget exactly why it’s important in the first place.
Cybersecurity is important for two very human reasons:
Last year, Risk Based Security reported that in the first six months of 2019, 4.1 billion records were exposed via data breaches. The impact of major data breaches involving organizations such as Equifax, Amazon, Marriott and Microsoft means something more than just having to change your password.
It means that individuals and groups are targeting the technology that, basically, defines and supports you in the modern world. They are targeting systems that contain your personal data. In other words, attackers worldwide are targeting you. That said, we must protect information systems.
Information security is all about three factors: power, presence and privacy. Today’s tech is incredibly powerful. Just last year, the typical mobile device became more powerful than a traditional PC.
Additionally, tech is everywhere. We’re now wearing technology that has the ability to gather sensitive data wherever we go. Cybercriminals love to obtain this information. As a result, organizations that collect this data are held to strict standards.
We love our Internet of Things (IoT) devices. But they gather sensitive information. Some of this information is called primary information, because it’s directly about you and your identity.
Examples of primary information include:
Combined, this is a recipe for identity theft.
This type of data is often referred to as primary data, or even personally identifiable information (PII). This data is captured, stored and processed. This processing is often called data analytics or business intelligence (BI).
Devices also capture indirect information about you, often called metadata. This data is the seemingly insignificant information you and your devices generate as you move from place to place.
Contact-tracing applications – which gained popularity amidst the COVID-19 outbreak – as well as typical mobile devices are all capable of capturing this metadata. Metadata can include the 4G cell phone towers and 5G devices that your mobile phone or smart watch has connected to, the ISP you are currently using and your location.
Each time you connect to a Wi-Fi hotspot, an organization is collecting data. The primary and secondary data you generate can all be crunched. This crunching allows organizations to make highly accurate guesses about your interests, future activities and even intentions. It’s up to cybersecurity professionals to ensure that this personal information remains private, secure and properly used.
When it comes to cybercrime, many specific threats exist. The following table describes some of the more common cyberattacks that occur worldwide.
|Social Engineering||This is the primary way attackers get in. This type of cyberattack is often conducted in conjunction with other attacks. Specific social engineering methods include phishing, which is where an attacker tricks a user into taking an action (e.g., clicking on a link) that defeats security. Learn more about social engineering.|
|Ransomware Attacks||This particular cyberthreat is where an attacker encrypts the victim’s sensitive data, taking it hostage. The victim must then pay to obtain a decryption key to regain access to their computers. In some cases, ransomware can actually reveal sensitive information to the public, which can cause the victim organization to receive fines from government agencies. Learn more about ransomware.|
|Distributed Denial of Service (DDoS) Attacks||This attack involves the misuse of native TCP/IP-based protocols to consume bandwidth and overwhelm systems so that they can’t provide essential services. Learn more about DDoS attacks.|
|Malware||Hackers create applications of all types. These include spyware tools that log your every key stroke, as well as illicit servers that steal sensitive computer systems data. Learn more about malware.|
Small and large businesses alike have the tendency to skip essential steps when deploying technology. As a result, companies sometimes create the conditions for cybersecurity attacks to occur without realizing it.
Sometimes, an organization consciously decides to skip essential steps of the software development process. Code reviews, while essential, are time-consuming, and are often seen as less important than releasing a new feature or service on time. Companies should perform regular risk assessment activities and also update their antivirus software and other security tools. However, organizations don’t always do this.
Whenever an organization skips a step, it is said to incur something called technical debt. This debt is much like what happens whenever you use credit cards – you have to pay this debt back quickly, or you run the risk of building up debt and having a bad credit history. In the case of organizations that incur technical debt, not paying it back often results in cybersecurity issues.
The importance of cybersecurity is universal; it isn’t just a technical issue. It involves all of us.
Whenever an organization skips essential steps or looks the other way, cyberthreats and security breaches impact individuals, companies and even countries.
Increasingly, attackers are able to manipulate large groups of people by feeding them misinformation and luring them to websites and other resources that can steal their information. As the COVID-19 pandemic spread around the world in early 2020, attackers exploited the opportunity, using social engineering involving appeals to help with the pandemic.
Well-funded attack groups now profile and target both large and small businesses. The MITRE corporation is a U.S.-based non-profit organization that, among many other activities, tracks state-sponsored hacking groups from around the world.
Many of these groups conduct sophisticated Advanced Persistent Threat (APT) attacks, which are designed to gain long-term, illegal access into networks. One of these groups, called APT41, is responsible for well-coordinated attacks on governments, as well as companies in the health care, telecommunications and technology sectors around the world.
Nation states are a third major target. Attacks on national, state and local governments continue to occur, many with the goal to destabilize fundamental pillars of a particular country. Those pillars can include news and social media, utilities (e.g., water and electricity), election infrastructure and the finance and tech sectors.
Increasingly, attackers are able to use artificial intelligence (AI) to gather information and target the most valuable opportunities, as well as the least-protected victims.
Cybersecurity professionals are the people charged with implementing security systems of all types. They work with real-time data to secure information systems and personal identities. They make sure that cloud services (e.g., AWS, Azure, Google Cloud) are properly managed, especially when they contain sensitive customer data. They implement various types of security systems, including network monitoring systems, surveillance cameras, antivirus software and other tools. IT security workers help manage cybersecurity risk by pointing out errors, skipped steps and ways that attackers operate.
Today’s cybersecurity workers cooperate with their peers worldwide to share information about security incidents. They also work with AI-enabled software services to help improve cybersecurity measures.
We’re living in a world where laws and regulations help ensure our privacy. We need workers to help companies move forward with confidence. It is impossible to ensure privacy or compliance to standards unless an organization first get its cybersecurity act together. This is easier said than done. Data protection is essential. That’s why we need talented, qualified cybersecurity professionals from all types of backgrounds.
Companies need to get – and remain – compliant with these laws.
These laws include:
These are just a few of the laws designed to ensure that personal data remains, well, personal.
These regulations are also part of a worldwide effort to protect intellectual property and guard against identity theft. U.S. government agencies, including the National Institute of Standards and Technology (NIST), also provide frameworks and standards that are designed to ensure that organizations enact adequate cybersecurity measures.
When it comes to the importance of cybersecurity, you can’t ensure privacy for your customers and internal employees until you first get your cybersecurity ducks in a row. This is easier said than done, of course. That’s why we need qualified cybersecurity professionals.
Starting in March 2020, the COVID-19 pandemic brought on a wave of cybersecurity attacks. As mentioned above, the majority of these scams involved social engineering, taking advantage of individuals who fell victim to more sophisticated pretexts.
Social engineering is not the only type of attack that increased during the pandemic. With many people working at home for the first time, often using family-purchased and maintained computers rather than those issued and controlled by IT and security departments, threat actors found new opportunities for malware, ransomware and ATP attacks. Business email compromise (BEC) attacks, according to some researchers, increased 200% during the pandemic.
Governments and businesses worldwide also moved quickly to the cloud to accommodate the mostly remote workforce. In many cases, this process has gone well. But some migrations and deployments occurred very quickly, creating opportunity for attackers. Furthermore, many companies that were able to stay in business found that their overall revenue decreased. As a result, they had to reduce IT and cybersecurity spending, often resulting in less cybersecurity maturity for the organization.
If you’re interested in learning about how to become a cybersecurity professional, we have a few resources for you. Over the years, CompTIA has worked with the IT industry to define a clear IT and cybersecurity education pathway. It’s never too late to get started on this pathway.
CompTIA cybersecurity certifications prove to employers that you have the skills to protect their organization from cyberthreats:
If you want to learn more about cybersecurity careers available to you, check out the following resources:
Read more about Cybersecurity.
Tags : Cybersecurity