What Is Cyber-Security?
Cyber-security is the set of activities, frameworks and processes that enable people to safely use information systems without risking data breaches, phishing scams, identity theft and other types of criminal activity. It involves implementing powerful information storage mechanisms and security protocols like two-factor authentication and more to prevent access to systems by people who aren’t authorized for them. It also includes mobile security, as more and more organizations rely on mobile devices like phones and tablets to run business applications.
Despite the best technology defenses, even the most secure companies can suffer from costly security breaches due to unintentional employee negligence or malicious attacks. Educating employees on computer security best practices and company policies through seminars, classes and online courses is crucial to reducing the risk of these issues.
The threat landscape is constantly evolving, as evidenced by new technologies that require robust security measures and by increasingly sophisticated malware. These threats include distributed denial-of-service (DDoS) attacks that engulf a network or website by flooding it with messages, connection requests and packets to crash or slow it down; advanced persistent threat (APT) attacks in which attackers infiltrate a system and remain undetected for long periods of time, stealing data; man-in-the-middle (MitM) attacks in which an attacker intercepts communication between two parties that believe they are communicating directly with each other; and other exploits that leverage technology to gain unauthorized access.
Cyber-security professionals must be familiar with these and other attack techniques to effectively protect an organization’s systems, assets and data. In addition, they need to be able to detect these attacks using tools and methods that go beyond detection to stop an attack before it has a chance to cause harm.