What Is Cybersecurity?

Cybersecurity is the practice of protecting computers, other internet-based systems and their data from attack. Computing hardware such as laptops and smartphones, internet-connected devices such as smart TVs and home assistants, software applications, and entire cloud computing ecosystems are vulnerable to cyberthreats 24/7. Individuals, businesses and organizations, and entire nations increasingly rely on these technologies, so it is paramount to develop an exhaustive cybersecurity strategy.  As of March 2021, the cybersecurity industry was worth more than $153 billion, according to Fortune Business Insights. 

History of Cybersecurity

While at BBN Technologies (now a subsidiary of Raytheon Technologies) in 1971, Bob Thomas coded a program known as Creeper that would travel through Advanced Research Projects Agency Network (ARPANET), an early iteration of the internet designed for academic and military purposes. Creeper traveled through the network and outputted a harmless message to devices. Another BBN employee, Ray Thomlinson, then built a new version of Creeper that recreated itself as it moved, thus creating the first computer virus. Thomlinson also created the remedy for Creeper, known as Reaper, which went through ARPANET finding and deleting instances of Creeper, thereby making it the first antivirus program and an early iteration of cybersecurity technology. As networks became more sophisticated and technology widely adopted, cyberthreats evolved from intellectual exercises to serious crimes. In 1986, a young German hacker named Markus Hess successfully attacked ARPANET and the military network MILNET and sold stolen information to the KGB. Cornell University graduate student Robert Morris infected nearly the whole internet in 1988 when he released the Morris worm, a bigger and badder version of Creeper. Consequently, governments started to pass internet-related security and privacy laws, and researchers and technology companies began to develop cybersecurity offerings. 

Why Is Cybersecurity Important?

Cybersecurity is important because cyberthreats can take down entire systems and networks, cost organizations significant money, put sensitive data at risk and otherwise interfere with everyday life.  In 2005, there were just under 160 data breaches in the United States, but that number ballooned to more than 1,000 annually by the late 2010s, according to Statista. The costs of these data breaches have been considerable and have followed a similar trend; the average cost of a data breach for a business in 2006 was about $3.5 million, and by 2020, the cost rose to more than $8.6 million, according to Statista.

Types of Cybersecurity Threats

As the internet has grown more complex, so too have cyberthreats.The following list gives a brief overview of some of the most common types of attacks. 

DoS attack and DDoS attack

A denial of service (DoS) attack, is an attack that sends volumes of data or traffic to a web site or service in an attempt to overwhelm the system and render it useless. A distributed denial of service (DDoS) attack happens when the data or traffic comes from multiple locations instead of just one. DDoS helps shield the attacker’s identity and maximize the length of the disruption because of the complex nature of detecting and neutralizing such an attack. Data breaches  are not a common result of a DoS or DDoS attack, but the cost in time and money can be considerable. 

Malware

Malware, or malicious software, is a blanket term used to describe code written to do harm against another application or system. A computer virus is a type of malware. Like a real virus, it attaches to a host. When the user executes functions of the program, the virus goes to work causing whatever damage it was designed to do. Worms, trojans and rootkits are other examples of malware.

Phishing

Phishing is an attack that attempts to trick a user into sharing sensitive information, such as passwords or account numbers, often via an email or text message that appears to be from a legitimate source. The attacker then uses the information to gain unauthorized access to systems.

Ransomware

Ransomware is a specific type of malware that encrypts files or locks down systems. The attacker then demands payment (typically in the form of cryptocurrency) to release the device and files. 

Types of Cybersecurity

When new cyberthreats emerge, new ways to protect against them soon follow. Because of this high-stakes cat-and-mouse game, however, there is not an all-encompassing cybersecurity program that perfectly solves every issue. Each organization’s network is unique and therefore is vulnerable to different threats. The following list covers several types of cybersecurity available today.

Application Security

Whether an app lives on premises or in the cloud, the main focus of application security is to restrict unauthorized access and protect data. Authentication — in the form of a password, fingerprint or facial scan — helps ensure that only approved users can access an app. Administrators can use application security to further control which authenticated users have access to certain features and data. Cybersecurity providers also offer products that scan apps for vulnerabilities in their code, or even launch a purposeful attack on the app in order to expose weaknesses. 

Cloud Security

Much of cloud computing’s value proposition has to do with enabling organizations to offload responsibility for their computing infrastructure. Some organizations, however, fear this loss of control could bring increased security concerns. Cloud providers and their customers rely on many different cybersecurity technologies to address these concerns, including encryption and in-depth monitoring of system access and activity. 

Endpoint and Mobile Security

Endpoint devices, such as laptops, smartphones, tablets and even wearables, are users’ entry points to corporate applications, networks and data. It does not matter if the company provides them or if workers bring their own; they are all vulnerable. Endpoint protection platforms (EPPs) can identify malicious code before it infects an entire system, or detect strange behavior on an endpoint device to stop an attack from ever happening. If that fails, endpoint detection and response (EDR) software can keep logs of data relating to an attack, track the source and more. Many organizations also rely on enterprise mobility management (EMM) software, which includes mobile device management (MDM) and other technologies. These offerings enable IT departments to control and secure the applications and data on employees’ smartphones and tablets. 

Identity Management

Identity management, also referred to as identity and access management (IAM), is a cybersecurity strategy that enables an organization to regulate what people can and can’t do on corporate systems. IAM typically relies on authentication technologies and single sign-on to control access to networks, applications, and data, and to enforce access policies based on a specific user’s role or other factors. 

Network Security

Network security refers to the protection of an organization’s entire physical network, including its software and cloud services. Firewalls and virtual private networks (VPNs) are critical components of a network security strategy. A firewall filters traffic and data attempting to enter a network and blocks something if it is unauthorized, suspicious, or a blatant threat. A VPN encrypts in-transit data to ensure that communications between a device and a network are not compromised. It acts as a layer of protection between the user and the internet, masking them from potential threats. 

Challenges of Cybersecurity

Cybersecurity is a constant battle, and staying ahead of the latest cyberthreats is a major challenge. Many organizations have employed white hat or ethical hackers to try and identify vulnerabilities and/or new hacking techniques — and come up with ways to address or prevent them — before attackers get the same idea. Cyberthreats do not just come from lone attackers or small groups anymore, but entire nations. Whereas in years past war was waged with guns and planes, many are fighting their battles through the web. Overcoming these cyber attacks from a hostile nation is a monumental task.  Advancements in computing have also added more ground for cybersecurity firms to cover. The cloud has created an entire ecosystem that needs to be secure. The Internet of Things (IoT) has brought everyday items such as thermostats and refrigerators online, and they are now vulnerable to attacks. And the rise of remote work, brought on by the COVID-19 pandemic, has exposed organizations to heightened levels of vulnerability. 

Benefits of Cybersecurity

The benefits of cybersecurity are not about what you could gain, but about preventing what you could lose: hard-earned intellectual property, other sensitive data, access to your corporate systems and more. Beyond the business world, modern society — governments, healthcare organizations, etc. — rely on computing to function. Cybersecurity holds the key to keeping these institutions running safely and uninterrupted.