What is cybersecurity, and why is it needed
DEFINITION OF CYBERSECURITY
Cybersecurity refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, malware, or unauthorized access. Cybersecurity is also referred to as IT security.
THE IMPORTANCE OF CYBERSECURITY
Cybersecurity is critical because the government, military, corporate, financial, law firms and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices. A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or different types of data for which unauthorized access or exposure could have catastrophic consequences. Organizations transmit sensitive data across networks and to other devices in the course of doing business, and cybersecurity describes the discipline dedicated to protecting that information and the systems used to process or store it. As the volume and sophistication of cyber attacks grow, companies and organizations, especially those that tasked with safeguarding information relating to national security, health, or financial records, need to take steps to protect their sensitive business and personal information. As early as March 2013, the nation’s top intelligence officials cautioned that cyber attacks and digital spying are the high threat to national security, eclipsing even terrorism.
CHALLENGES OF CYBERSECURITY
For effective cybersecurity, an organization needs to coordinate its efforts throughout its entire information system. Elements of cyber encompass all of the following:
- Network security
- Application security
- Endpoint security
- Data security
- Identity management
- Database and infrastructure security
- Cloud security
- Mobile security
- Disaster recovery/business continuity planning
- End-user education
The most difficult challenge in cybersecurity is the ever-evolving nature of security risks themselves. Traditionally, organizations and the government have focused most of their cybersecurity resources on perimeter security to protect only their most crucial system components and defend against known threats. Today, this approach is insufficient, as the threats advance and change more quickly than organizations can keep up with. As a result, advisory organizations promote more proactive and adaptive approaches to cybersecurity. Similarly, the National Institute of Standards and Technology (NIST) issued guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments, a data-focused approach to security as opposed to the traditional perimeter-based model.
The National Cyber Security Alliance, through StaySafeOnline.org, recommends a top-down approach to cybersecurity in which corporate management leads the charge in prioritizing cybersecurity management across all business practices. NCSA advises that companies must be prepared to “respond to the inevitable cyber incident, restore normal operations, and ensure that company assets and the company’s reputation are protected.” NCSA’s guidelines for conducting cybersecurity risk assessments focus on three key areas: identifying your organization’s “crown jewels,” or your most valuable information requiring protection; identifying the threats and risks facing that information, and outlining the damage your organization would incur should that data be lost or wrongfully exposed. Cybersecurity risk assessments should also consider any regulations that impact the way your company collects, stores, and secures data, such as PCI-DSS, HIPAA, SOX, FISMA, and others. Following a cybersecurity risk assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels” outlined in your assessment, and effectively detect and respond to security incidents. This plan should encompass both the processes and technologies required to build a mature cybersecurity program. An ever-evolving field, cybersecurity best practices must evolve to accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound cybersecurity measures with an educated and security-minded employee base provides the best defense against cybercriminals attempting to gain access to your company’s sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling your efforts as your cybersecurity program matures.