What Is Cybersecurity?
Learn what cybersecurity is and understand the definitions of different types of threats.
The increasing reliance on technology in today's world has made protecting sensitive information a more critical priority than ever before. From personal data to financial transactions, cyberthreats can disrupt businesses and impact individuals globally. Cybersecurity is an industry that encompasses various measures and practices that safeguard computer systems and networks from unauthorized access, damage or theft, and it involves implementing strong security protocols, complex encryption methods and proactive countermeasures.
By prioritizing cybersecurity, organizations can mitigate the risk of data breaches, financial losses and reputational damage. Whether you're an individual or an organization, understanding the importance of cybersecurity is fundamental to navigating the threat landscape safely and securely.
With the vast amount of information available on cybersecurity, it’s sometimes easy to forget exactly why it’s important in the first place.
Cybersecurity is important for two very human reasons:
As of October 2023, data breaches have exposed over 600 million records. The impact of major data breaches involving sectors and organizations, such as Healthcare, Twitter and MOVEit (customers), means something more than just having to change your password.
This means that individuals and groups are targeting the technology that essentially defines and supports you in the modern world. They are targeting systems that contain your personal data. In other words, attackers worldwide are targeting you. That’s why safeguarding our information systems is imperative.
Information security is all about three key factors: power, presence and privacy. Modern technology is incredibly powerful, and the typical mobile device is more powerful than a traditional PC.
Additionally, tech is everywhere. We’re now wearing technology, like smart watches, which have the ability to gather sensitive data wherever we go. Cybercriminals are eager to obtain this information, and as a result, organizations that collect this data are held to strict standards.
People truly love Internet of Things (IoT) devices. Designed to simplify people’s lives—from turning on lights around the house to ordering household essentials with a voice command—IoT devices make everything more convenient. However, these devices gather sensitive information and data about the users who actively rely on them. A portion of this information is called primary information, because it’s directly about you and your identity. This is also known as primary data or personally identifiable information (PII).
Here are some examples of primary information:
IoT and other devices also capture indirect information about you, which is often called metadata. This data, which is seemingly insignificant, is generated as you and your devices move from place to place.
For example, contact-tracing applications and typical mobile devices are all capable of capturing this metadata. Metadata can include the cell phone towers and devices that your mobile phone or smart watch has connected to, the ISP you are currently using and your location.
Each time you connect to a Wi-Fi hotspot, an organization is collecting your data. This can include both the primary and secondary data you generate, all of which can be analyzed. This analysis allows organizations to make highly accurate guesses about your interests, future activities and even intentions. The responsibility to ensure that this personal information remains private, secure and ethically used lies with cybersecurity and privacy professionals, as well as the leadership of the organizations that collect this data.
There are many types of cyberattacks that countless organizations and consumers face. The following table outlines some of the most prevalent threats that occur globally.
This is one of the easiest and most common types of cybersecurity threats. This type of cyberattack is often conducted in conjunction with other attack methods. Specific social engineering tactics used include phishing,
vishing or smishing, which is where an attacker tricks a user into taking an action (e.g., clicking on a link) that breaches security.
|Distributed Denial of Service (DDoS) Attacks|
This attack involves the misuse of native TCP and UDP protocols, which are used by internet applications. The aim is to consume bandwidth and overwhelm networks and systems, preventing them from providing essential online services.
Both small and large businesses often skip essential steps when deploying technology. As a result, organizations occasionally create the conditions for cybersecurity attacks to occur without realizing it. One of those measures that can increase cyber risk is accumulating a large amount of technical debt.
There are times when an organization consciously decides to skip essential steps in software development or other security processes. While code reviews are essential, they are time-consuming and often seen as less important than releasing a new feature or service on time. Organizations should regularly perform vulnerability assessment scans on all of their software systems, especially those they develop in-house. However, many organizations don’t always do this.
When organizations skip a step, they incur technical debt. This debt is similar to using credit cards to make purchases. This debt needs to be repaid quickly to avoid running the risk of building up debt and impacting your credit history. For organizations that incur technical debt, failing to repay it often leads to increased cybersecurity risks.
The importance of cybersecurity is universal. It isn't just a technical issue to solve for the organization. It involves everyone, from the consumers to the organizations themselves. When an enterprise skips essential steps or ignores the issue, it can lead to cyberthreats and security incidents that impact individuals, organizations, government entities, critical infrastructures, and in some cases, entire countries.
Attackers are increasingly manipulating large groups of people by feeding them misinformation and luring them to websites and other resources that can steal their information. Today, cybercriminals are increasingly using social engineering to more effectively manipulate people into voluntarily giving them their personal information. Think about all of those innocent-looking questionnaires you see on social media. If you think about it, some of those questions are the same security questions you are asked to prove your identity on a website in the event you forget your password.
Well-funded attack groups now profile and target both large and small businesses. The MITRE corporation is a U.S.-based non-profit organization that, among many other activities, tracks hacking groups from around the world to identify the techniques used in those attacks.
Many of these groups conduct sophisticated Advanced Persistent Threat (APT) attacks designed for long-term, illegal network access. Many of these groups are responsible for well-coordinated attacks on governments and organizations in the healthcare, telecommunications, energy and technology sectors around the world.
Nation states are a third major target. Attacks on national, state and local governments continue to occur, many with the goal to destabilize fundamental pillars of a particular country. Those pillars can include news and social media, utilities (e.g., water and electricity), election infrastructure and the finance and tech sectors.
Attackers are also increasingly leveraging artificial intelligence (AI) to gather information, target the most valuable opportunities and exploit the least-protected users.
Security professionals are tasked with implementing all kinds of security systems. They work with real-time data to secure information systems and user identities, ensuring proper management of cloud services (e.g., AWS, Azure, Google Cloud), especially those containing sensitive customer data. They implement various types of security systems, including Next-Generation Firewall (NGFW), Security Event and Incident Management (SEIM) systems, endpoint security, Endpoint Detection and Response (EDR) and other relevant security-based tools. IT security practitioners help manage cybersecurity risks by identifying errors, missed steps and methods employed by threat actors.
Today’s cybersecurity professionals collaborate with their peers worldwide to share information about security incidents. They also work with AI-enabled software services to help improve cybersecurity measures.
Today, numerous laws and regulations exist to help ensure our privacy, and we need skilled professionals to help organizations navigate these with confidence. It is impossible to ensure privacy or compliance with standards unless an organization implements a security-first approach to protect its business and customers. However, implementing a security-first approach is easier said than done, especially when data and asset protection is critical. This is why the industry needs more talented and skilled cybersecurity professionals from all types of backgrounds.
Organizations need to ensure they are compliant with the laws and regulations that apply to their business.
Some of these laws include:
These are just a few of the laws designed to ensure that personal data remains, well, personal.
These regulations are also part of a worldwide effort to protect intellectual property and prevent identity theft. U.S. government agencies, including the National Institute of Standards and Technology (NIST), also provide frameworks and standards that are designed to ensure that organizations enact appropriate and robust cybersecurity measures.
In March 2020, the COVID-19 pandemic triggered a surge of cybersecurity issues for countless consumers and organizations, and the majority of these scams involved social engineering.
Social engineering wasn’t the only type of attack that increased during the pandemic. The increase in people working from home, using computers not issued or controlled by IT departments, presented new opportunities for threat actors to launch malware, ransomware and ATP attacks. According to some researchers, Business Email Compromise (BEC) attacks saw a staggering 200% increase during the pandemic.
Governments and businesses worldwide also transitioned quickly to the cloud to accommodate the largely remote workforce, a move that proved successful in many instances. However, the rapid pace of some migrations and deployments created opportunities for attackers. Furthermore, many organizations that were able to continue business operations successfully during the pandemic found that their overall revenue had still decreased. This led to reductions in IT and cybersecurity spending, often resulting in decreased cybersecurity maturity for the organization.
If you’re interested in learning about how to become a cybersecurity professional, we have a wealth of resources for you. Over the years, CompTIA has worked with the IT industry to define a clear IT and cybersecurity education pathway, and it’s never too late to get started.
CompTIA cybersecurity certifications prove to employers that you have the skills needed to protect their organization from cyberthreats:
If you want to learn more about cybersecurity careers available to you, check out the following resources: