CYBER SECURITY

CYBER SECURITY

Krishna Panchal and Manas Sharma

What is Cyber Security?

• Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories.
• Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware.
• Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.
• Information security protects the integrity and privacy of data, both in storage and in transit.
• Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.

Why Is Cyber Security Important?

Today, as the scope, sophistication, and strategy of cyberthreats continually evolve, legacy security tools like firewalls and antivirus are insufficient to prevent hackers from gaining unauthorized access.

At the height of the COVID-19 pandemic, many organizations adopted bring your own device (BYOD) policies for employees, partners, and other stakeholders. However, a large number of these organizations lacked malware protection or relied on legacy endpoint and network security solutions to protect BYOD. In failing to account for remote work in their cybersecurity risk management programs, many gambled with their sensitive information, and likely saw costs rise as a result.

Even now, as many organizations settle into hybrid work models, numerous factors—enabling secure remote access and connectivity, adopting technologies to maintain productivity and ensure security, enforcing remote security policies, and handling security issues such as shadow IT on home networks, to name a few—have become everyday headaches for security admins alongside the ongoing shortage of cybersecurity talent.

To this end, organizations can look to the National Institute of Standards and Technology (NIST), which develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of US industry, federal agencies, and the broader public.

Without an effective cybersecurity program, organizations can fall prey to cyberattacks that overtax budgets and harm the bottom line due to:

• Loss of intellectual property and sensitive information
• Downtime stemming from system failure or ransomware attacks
• Data compromise resulting in legal trouble and/or lost business