Cybersecurity is the practice of protecting essential systems and sensitive information from digital attacks.
Cybersecurity measures are designed to combat threats against networked applications systems, whether these threats come from inside or outside an organization. In 2020, a study showed that the average cost of a data breach was USD 3.86 million worldwide, and USD 8.64 million in the United States.
Cybercriminals target personally identifiable information (PII) of customers — names, addresses, national identification numbers (such as Social Security number in the US, tax codes in Italy), and credit card information — to sell these records on underground digital markets. Compromised PII often leads to customer trust loss, regulatory fines and even legal action.
The complexity of the security system, created by disparate technologies and the lack of internal expertise, can amplify these costs. But organizations with a comprehensive cybersecurity strategy, governed by best practices and automated using advanced analytics, artificial intelligence (AI) and machine learning, can combat cyber threats more effectively and reduce the lifecycle and impact of breaches when they occur.
Cybersecurity is a broad field that encompasses several disciplines. It can be divided into seven main pillars:
- Network security: Most attacks occur on the network and network security solutions are designed to identify and block these attacks. These solutions include data and access controls, such as data loss prevention (DLP), IAM (identity and access management), NAC (network access control) and NGFW (next-generation firewall) application controls to enforce secure web usage policies. Advanced and multi-layered network threat prevention technologies include IPS (intrusion prevention system), NGAV (next-generation antivirus), sandboxing and CDR (content disarm and reconstruction). Network analysis, threat hunting and automated SOAR (security orchestration and response) technologies are also important.
- Cloud security: As organizations increasingly adopt cloud computing, securing the cloud becomes a major priority. A cloud security strategy includes solutions, controls, policies and cybersecurity services that help protect an organization’s entire cloud deployment (applications, data, infrastructure, etc.) from attacks. Although many cloud providers offer security solutions, they are often inadequate for the task of achieving enterprise-level security in the cloud. Complementary third-party solutions are required for protection against data breaches and targeted attacks in cloud environments.
- Endpoint security: The zero trust security model prescribes creating microsegments around data wherever they are. One way to do this with a mobile workforce is to use endpoint security. With endpoint security, organizations can protect end-user devices, such as desktops and laptops, with data and network security controls, advanced threat prevention, such as antiphishing and antiransomware, and technologies that provide forensic analysis, such as endpoint detection and response (EDR) solutions.
- Mobile security: Often overlooked, mobile devices, such as tablets and smartphones, have access to corporate data, exposing organizations to threats from malicious applications, zero-day, phishing and IM (instant messaging) attacks. Mobile security prevents these attacks and protects the operating systems and devices from rooting and jailbreaking. When included with an MDM (mobile device management) solution, this allows organizations to ensure that only compliant mobile devices have access to corporate assets.
- Application security: Processes that help protect the applications that operate on-premises and in the cloud. Security should be built into applications at the design stage, with considerations on how data is handled, user authentication, etc.
- IoT security: Measures to protect the internet of things (IoT) devices and networks from cyberattacks. IoT devices, such as smart home appliances, wearables, sensors, etc., are often vulnerable to hacking, data theft, denial of service, and other threats. IoT security requires a holistic approach that covers device security, network security, data security, and identity and access management.
- Identity and access management (IAM): Solutions that help organizations manage the identities and access rights of users, devices, and applications across their systems. IAM solutions include authentication, authorization, single sign-on, multifactor authentication, password management, and identity governance.
These are the main types, threats and domains of cybersecurity. I hope you find this text useful and informative.
