What is Cybersecurity?

Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes.

💡 Did You Know?

The first computer virus, called "Creeper," was detected on ARPANET, the precursor to the Internet, in the early 1970s.

Core Objectives of Cybersecurity

Protection

Implementing measures to prevent unauthorized access, use, disclosure, disruption, modification, or destruction of information

Detection

Identifying potential security incidents and understanding their nature and scope

Response

Taking appropriate action when a security incident occurs to minimize damage

Recovery

Restoring systems and operations to normal after a security incident

Key Cybersecurity Concepts

Threats, Vulnerabilities, and Risks

Understanding these three concepts is fundamental to cybersecurity:

Threat

Any circumstance or event with the potential to adversely impact organizational operations, assets, or individuals through unauthorized access, destruction, disclosure, or modification of information

Vulnerability

A weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source

Risk

The potential for loss, damage, or destruction of an asset as a result of a threat exploiting a vulnerability

Key Relationship

Risk = Threat × Vulnerability

Understanding this relationship helps prioritize security measures effectively.

Types of Cybersecurity

Network Security

Protects network infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure.

Application Security

Focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect.

Information Security

Protects the integrity and privacy of data, both in storage and in transit.

Operational Security

Includes the processes and decisions for handling and protecting data assets, including user permissions and data storage procedures.

Disaster Recovery & Business Continuity

Defines how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data.

Common Security Principles

Defense in Depth

Using multiple layers of security controls throughout an IT system to provide redundancy in the event a security control fails or a vulnerability is exploited

Least Privilege

Users and programs should be granted only those privileges necessary to complete their tasks

Separation of Duties

Dividing critical functions among different staff members to prevent fraud and error

Fail-Safe Defaults

Unless a subject is given explicit access to an object, it should be denied access to that object

Getting Started with Cybersecurity

Essential First Steps

  • Use strong, unique passwords for all accounts
  • Enable two-factor authentication wherever possible
  • Keep all software and systems updated
  • Be cautious of suspicious emails and links
  • Use reputable antivirus and anti-malware software
  • Regularly back up important data

Important Reminder

Cybersecurity is not just a technical issue—it's everyone's responsibility. Human error remains one of the biggest security vulnerabilities in any organization.