Cybersecurity definition
Cybersecurity is the practice of protecting systems and data from unauthorized access. It covers a wide range of tools, from organization-wide policies to dedicated software. With the advent of cyber warfare and cyber espionage, as well as the proliferation of ransomware, cybersecurity has become a key issue for both public and private entities.
See also: cybersecurity ecosystem, cybersecurity framework, cyberthreat, cyber warfare, security incident and event management, identity and access management, endpoint security
Common cybersecurity disciplines
- Network security: Defending internal networks from intrusion. Popular tools include firewalls and virtual private networks (VPNs).
- Endpoint security: Securing individual user devices (like computers or mobile phones) so that they don’t become springboards for further attacks. Endpoint security uses endpoint detection and response (EDR) systems as well as tools like antivirus and anti-malware software.
- Application security: Protecting software through practices like secure coding and penetration testing.
- Cloud security: Securing data and applications in cloud environments using cloud-native security tools and encryption.
- Identity and access management (IAM): Verifying who users are and what they are allowed to do. This is the cybersecurity discipline that regular people are most likely to engage with everyday, since it encompasses tools like multifactor authentication (MFA) or single sign-on (SSO).
- Incident response: Detecting, analyzing, and mitigating attacks when they happen/
- Threat intelligence: Researching potential adversaries and studying successful past incursions to and predict future attacks.
