Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks 1. It is also known as information technology security or electronic information security. Cyber security can be divided into a few common categories:
The practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware.
Focuses on keeping software and devices free of threats. A compromised application could provide access to the data it’s designed to protect. Successful security begins in the design stage, well before a program or device is deployed..
Protects the integrity and privacy of data, both in storage and in transit.
Includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.
Define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources..
Addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization .
The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report by RiskBased Security revealed that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of 2019 alone. This figure is more than double (112%) the number of records exposed in the same period in 2018. Medical services, retailers and public entities experienced the most breaches, with malicious criminals responsible for most incidents. Some of these sectors are more appealing to cybercriminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks. With the scale of the cyber threat set to continue to rise, global spending on cybersecurity solutions is naturally increasing. Gartner predicts cybersecurity spending will reach $188.3 billion in 2023 and surpass $260 billion globally by 2026 1.
A cyber attack is an attempt to gain illegal or unauthorized access to a computer system, network, or device, with the intention of causing harm, stealing data, or disrupting operations. Cyber attacks can be launched by individuals, groups, or nation-states, for various reasons, such as financial gain, political activism, espionage, or sabotage. Cyber attacks can use different methods and techniques, such as malware, phishing, ransomware, denial of service, or social engineering, to exploit the vulnerabilities of the target system or the user. Cyber attacks can have serious consequences for the victims, such as data loss, identity theft, reputational damage, legal liability, or physical harm. Cyber attacks are a growing threat to businesses, governments, and individuals, as the number and sophistication of cyber attacks increase every year. According to some estimates, cybercrime will cost the world economy over $10 trillion by 2025. To prevent or mitigate cyber attacks, it is important to implement effective cybersecurity measures, such as encryption, authentication, firewalls, antivirus software, backup systems, and security awareness training.
Malware is a type of software that is designed to harm or exploit a computer system, network, or device. Malware can take many forms, such as viruses, worms, trojans, spyware, adware, ransomware, and more. Malware can be used to steal data, damage files, hijack systems, or launch further attacks.
Phishing is a type of social engineering attack that uses email, text messages, or other communication channels to trick users into revealing sensitive information, such as passwords, credit card numbers, or personal data. Phishing attacks can be highly effective, as they often appear to come from a trusted source and use persuasive language to convince the user to take action.
A DoS attack is a type of attack that floods a computer system, network, or device with traffic, making it unavailable to users. DoS attacks can be launched using various methods, such as sending large amounts of data, exploiting vulnerabilities, or using botnets.
Ransomware is a type of malware that encrypts a victim’s files and demands payment in exchange for the decryption key. Ransomware attacks can be devastating, as they can cause data loss, financial damage, and reputational harm.
Social engineering is a type of attack that exploits human psychology to gain access to sensitive information or systems. Social engineering attacks can take many forms, such as pretexting, baiting, quid pro quo, or tailgating.
A MitM attack is a type of attack that intercepts communication between two parties, allowing the attacker to eavesdrop, modify, or inject data. MitM attacks can be launched using various methods, such as ARP spoofing, DNS spoofing, or SSL stripping.
SQL injection is a type of attack that exploits vulnerabilities in web applications to execute malicious SQL statements. SQL injection attacks can be used to steal data, modify data, or execute arbitrary code.
A zero-day exploit is a type of attack that exploits a vulnerability that is unknown to the software vendor or security community. Zero-day exploits can be highly effective, as they can bypass existing security measures and allow the attacker to gain unauthorized access.
An APT is a type of attack that uses sophisticated techniques to gain unauthorized access to a computer system, network, or device, and remain undetected for a long time. APT attacks can be launched by nation-states, criminal organizations, or other advanced threat actors.
An insider threat is a type of attack that is launched by an authorized user who has access to sensitive information or systems. Insider threats can be intentional or unintentional, and can cause significant damage to the organization.
It is important to note that this is not an exhaustive list of cyber attacks, and new types of attacks are constantly emerging. To protect against cyber attacks, it is important to stay informed about the latest threats and vulnerabilities, and to implement effective security measures.