What is Cybersecurity?

Introduction

Cybersecurity is a field that involves:

  • protecting equipment, programs, networks, and more
  • mitigating an organization’s risk
  • creating protocols to maintain and ensure the safe handling of data and more

In essence, cybersecurity is a crucial field in maintaining the integrity of digital assets — regardless of whether or not these assets are publicly accessible.

Emerging threats

With digital assets being a prime target for attackers, it is becoming increasingly clear that cybersecurity isn’t something anyone — even individuals — can ignore. From clicking on an infected webpage, to downloading an untrustworthy program, these actions can result in the compromising of an otherwise secure network.

An example of such a threat is ransomware. Ransomware often encrypts data and — as the name suggests — holds it at a ransom. In 2017, the “WannaCry” attack targeted a vulnerability in certain versions of Microsoft’s Windows Operating System. The attack was also designed to spread locally to other vulnerable computers, forcing desperate users to pay a criminal entity to regain access to critical files.

Having said that, this is a non-exhaustive list. Others include social engineering attacks, phishing scams, DDOS attacks, MITM attacks, XSS attacks, and many more.

Defending against cyber threats

With an ever growing number of attacks, companies often employ both proactive and reactive protocols to mitigate some of the risk associated with vulnerabilities and human error.

For example, many organizations have proactively added a banner on top of external emails to combat phishing attacks. Unfortunately, this mitigation strategy fails when a user within the organization is compromised and sends emails from their company or academic account.

Proactive measures include: honeypot traps and network monitoring. These allow a company to detect new types of attacks and monitor for any compromised machines/software — resulting in a reduced attack surface.

Conclusion

Cybersecurity and cyberdefense are important fields that are employed to protect and mitigate attacks targeting an organization. For individuals, cybersecurity involves being careful with phishing scams, while employees of large organizations often follow stricter guidelines: two factor authentication, monitored network activity, and other proactive/reactive measures.

Glossary

DDoS

A Distributed Denial of Service attack is a category of attacks that target multiple areas on a server.

Honeypot

A type of trap used to redirect attackers and gather data for security research.

XSS

Cross Site Scripting.

MITM Attacks

MITM Attacks refer to "man-in-the-middle" attacks.

IDS

Intrusion Detection System. A set of rules to detect unauthorized activity in a network or device.