The rise of the Internet-connected world over the past few decades has brought numerous benefits. But that connectedness can also pose a threat. Hackers routinely take advantage of connected devices to wreak havoc, steal valuable information, or even hold entire companies and governments hostage for a ransom.
Keeping the digital world safe as the number of devices continues to grow means countering these digital threats through cybersecurity. In this guide, we’ll explain what cybersecurity is and why it’s important, as well as highlight the different types of cybersecurity and cyberthreats.
How does your cybersecurity stack up? Let's hear from you
Take our short survey on Cybersecurity and you could win an Amazon Kindle Fire tablet plus three Cybersecurity eBooks courtesy of ESME.
What is cybersecurity?
Broadly defined, cybersecurity is the set of practices and tools that individuals, IT staff, and governments use to keep information and devices safe from attackers. Ultimately, the goal of cybersecurity is to ensure the integrity, confidentiality, and availability of digital information. Files must be accessible to authorized users on demand, but must remain inaccessible to anyone else.
There is no single practice or piece of software that makes up a cybersecurity strategy. Rather, cybersecurity involves a multi-layered deployment of passive and active digital security tools along with constant monitoring for new online threats. For example, a business’s computer network may be simultaneously protected by antivirus software, an authentication system for limiting access, and a team of IT professionals that constantly monitor the network. Having strong cybersecurity means being able to not only stop known malware and other online attacks but also detect novel viruses and hacking efforts and prevent them from succeeding.
In addition, protecting devices and networks from malicious actors requires that people, devices, and networks are resilient against attacks. For example, keeping an offline backup of files may not directly stop a cyberattack, but it can limit the potential damage of a successful attack.
Why is cybersecurity important?
It’s hard to overstate the importance of cybersecurity in today’s highly connected world. Ginni Rommitty, CEO of IBM, calls cybercrime the greatest modern threat to every company in the world. By some estimates, companies lose more than $400 billion in value to successful hacks every year. Every attack puts data at risk, funnels away productivity, harms a company’s reputation, and potentially exposes trade secrets.
Cyberattacks aren’t limited to corporations, either. Malware doesn’t respect international borders, and it doesn’t discriminate between a CEO’s computer and your own. Approximately 44 data records—usernames, passwords, financial information—are stolen every second of every day. This data can then be used to steal individuals’ identities and worse.
Cybersecurity is the only way for individuals, companies, and governments to protect themselves from losing valuable data or having it stolen by a malicious actor.
Types of cybersecurity
Within the broad field of cybersecurity, there are many different sub-disciplines that focus on specific threats or types of digital architecture:
This is the type of cybersecurity that most individuals are familiar with. It involves protecting usernames and passwords through systems like two-factor authentication and scheduled password expiration. If you’ve ever used a password manager, that is a type of network security.
Application security largely happens behind the scenes, before software is released to the public. This type of cybersecurity is designed to ensure that a program doesn’t contain vulnerabilities that a hacker can exploit. For example, a piece of software may be built with a firewall that prevents it from connecting to an unintended server even if the software’s code is hijacked.
Information security is the cybersecurity discipline concerned with protecting files. This can include encryption tools that prevent files from being read even if they are stolen as well as authorization protocols that prevent hackers from deleting or encrypting files.
This is where protecting the digital world means protecting the physical world. Critical infrastructure security focuses on Internet-connected computer systems that control physical machines, such as the generators that power the electrical grid. A 2007 test demonstrated for the first time that the electrical grid and other infrastructure could be disrupted by cyberattacks. More recently, cyberattacks have challenged the normal functioning of the electrical grid in the US and the UK.
A cybersecurity strategy can only succeed if individual computer and network users do their part. That means creating strong passwords and changing them frequently and recognizing and avoiding fraudulent emails and websites. Educating end-users about best practices and encouraging them to speak out about suspected attacks is essential to building a resilient cybersecurity strategy.
Types of cyberthreats
What types of attacks, generally speaking, are cybersecurity designed to stop? Cyberthreats fall into three distinct categories:
- Attacks on confidentiality, which are designed to steal secure information. That could be personal information, trade secrets, or even classified government documents.
- Attacks on integrity, which are also known as leaks. In this case, sensitive information is stolen and exposed publicly, often for the purpose of eroding trust in a company or government.
- Attacks on availability, which are meant to prevent users from accessing their own data. Often, successful attackers demand a ransom to release data. The data can be permanently encrypted or deleted if the ransom is not paid.
Cybersecurity and the future
Cybersecurity experts and hackers are locked in a constant battle in which the tools at each side’s disposal are constantly evolving. Artificial intelligence, for example, has already changed the cybersecurity landscape by enabling antivirus software developers to identify never-before-seen malware before it can wreak havoc. Meanwhile, the malware being developed by attackers is more damaging and more easily spread across networks than ever before.
As the world’s connectedness continues to increase, the importance of cybersecurity is only likely to grow. Experts predict that the global cybersecurity market will be worth $170 billion by 2022 and governments around the world are building out capabilities to defend against cyberattacks.
What can you do to protect yourself? To start, regularly back up your files and invest in antivirus software. Be wary of emails from unknown senders and learn to identify phishing schemes. Above all else, remember that a good cybersecurity strategy must be multi-layered and resilient.
- We've featured the best internet security software to protect your business.
- We've also featured the best online cybersecurity courses.