What is Cybersecurity?
Cybersecurity is the combination of people, policies, processes and technologies employed by an enterprise to protect its cyber assets. Cybersecurity is optimized to levels that business leaders define, balancing the resources required with usability/manageability and the amount of risk offset. Subsets of cybersecurity include IT security, IoT security, information security and OT security. (Source: Gartner Glossary)
In today's digital-first world, almost every business uses publicly available platforms — social media, web sites, collaboration tools and more — to connect with customers. But these same platforms are being weaponized by attackers to wreak havoc on our digital lives, creating a massive, ungoverned public attack surface. Attackers by definition have equal access to impersonate you, spoof your site, siphon revenue, steal private data, phish employees and destroy customer trust. And since legacy security systems aren't built to even check for threats beyond your perimeter, they go overlooked – exposing you and your community to all kinds of cyberattacks, scams and takeovers.
How Cybersecurity Works
Today, public and digital risks are issues facing every organization with a digital footprint, which includes any organization that conducts business online, or promotes its brand and products on the web, or has customers reviewing or commenting on its offerings on social media platforms. Cybersecurity works to combat these digital risks as they continue to evolve and is often closely related to the public attack surface as a whole.
The public attack surface includes many digital risks that can be categorized as follows:
- Campaigns of theft and fraud targeting an organization’s customers, using techniques like spoofed websites and social media accounts, phishing campaigns, and fake mobile apps. Cybercriminals use these tools to defraud the organization’s customers, sell them counterfeit and pirated goods, and capture credentials used for identity theft.
- Attacks on the reputation of an organization, through false information on social media sites, fake reviews, and taking over social media accounts of the organization and its executives in order to post offensive content.
- Attacks against an organization’s IT infrastructure and its employees, leading to the theft of customer data, intellectual property (IP), media content, software, employee data and credentials, and other valuable assets.
Cybersecurity addresses threats that include damage to reputation and brand value, loss of customer trust, reduced revenues, regulatory fines, breach notification costs, and disruption of operations.
Types of Cybersecurity
As cybersecurity revolves around digital risk, the types of cybersecurity closely mirror assets and tools within the digital landscape. Often you will see cybersecurity referred to as information security, threat intelligence, data protection, electronic information security just to name a few. This might include networks, servers, data, mobile, computers, and more and the list is constantly evolving as technology and digital threats continue to advance. The term applies to a wide range of industries in a variety of contexts; however, typically it can be categorized as:
- Risk assessment: identification of assets, related risks and impacts should a security breach or incident occur. Estimations and evaluations are typically involved, along with identification of specific controls that can be put in place to address the risks that are identified. Routine monitoring and reviewing the environment and operations as a whole is critical to maintain an effective and comprehensive risk management process.
- Disaster recovery: response of an organization to a cybersecurity event that impacts operations and key components such as data loss. Often this entails policies and a business continuity plan. Polices provide direction as to how the organization should restore its operations and assets as they existed prior to the security incident. Business continuity plans outline an organization’s back-up-plan to ensure optimal level of operations while enduring data loss or otherwise.
- Information, network and operational security: information security (or IT security) protects the integrity and privacy of data in every form including storage and use. Operational security involves the protection and management to protect data assets. This includes the processes and decisions in order to carry this out successfully. Network security constantly monitors for possible breaches from attackers and can include malware or other targeted means. User permission, access to networks, procedures that determine how data is managed, and more fall under these categories.
- Application security: applications are varied and far reaching, security in these instances hone in on maintaining the devices and software used so they are clear of possible threats. Compromised applications are the doorway for malicious actors. Successful security for applications begins at the development and design stages before an application is even put into place.
- Security training: It is extremely difficult to create an effective security program without an organization-wide security training program. Training addresses the most common entry point and unpredictable cybersecurity factor: the human element. Outlining good security practices bolster secure system practices and teach users what to watch for and steps to take in case of suspicious activity.
Protect Today. Predict Tomorrow. Get started with ZeroFOX and secure your digital-first world with protection, intelligence, and disruption.