Cybersecurity Definition
Cybersecurity encompasses the technology, services, strategies, practices, policies designed to secure people, data and infrastructure from a wide range of cyber attacks. The $124 billion network security industry[1] includes hardware, software and services aimed at securing organizations, employees, customers and other entities.
Network security is a subset of cybersecurity that focuses on protecting the components of an organization’s network, including servers, routers, endpoint devices, data lines connecting different parts of the network, and the data itself.
Cybersecurity is no longer just something you add onto your business after building the core pillars of production, distribution, marketing, finance, HR and the like. Cybersecurity is one of those pillars. Your organization’s success depends on how well you protect your people, the data they create, and the platforms they rely on.
For years, most cybersecurity efforts have focused on protecting the network perimeter from external attacks. But for most organizations, that perimeter has all but dissolved.
The workforce has gone remote. People use their personal devices for work. And critical infrastructure and data reside in the cloud. So cyber attackers have shifted their attacks away from technical vulnerabilities to human ones. Today’s attacks target people.
That’s why organizations must take a people-centric approach to cybersecurity.
History of Cybersecurity
The history of cyber attacks reflects the history of the internet itself. The first computer virus was created in the early 1970s and was discovered on ARPANET, the U.S.-created predecessor to the internet.
High-profile cyber attacks
Among the most high-profile cases of a tech company hit by a cyber attack was the 2013-14 breach of Yahoo, which jeopardized personal information of 13 billion Yahoo users, including their names, passwords and other data. Yahoo didn’t reveal the breach until 2016, resulting in a fine of $35 million by the SEC.
Edward Snowden became a household name in the U.S. in 2015, when the former CIA employee and a U.S. government contractor copied and leaked classified information from the National Security Agency.
The WannaCry incident in 2017 was believed to be the first ransomware attack. The “cryptoworm” targeted 230,000 computers running Windows in 150 countries, demanding ransom payment in Bitcoin to release the machines. Soon after, “NotPetya” struck another 12,500 Windows computers operated by energy companies, banks and governmental officials. NotPetya at first appeared to be ransomware, but many now suspect that it was a state-sponsored attack meant to damage critical infrastructure.
And in 2017 breach of Equifax, a credit reporting agency, compromised the data of an estimated 143 million Americans holding 209,000 credit cards.[2]
These are just a few of the biggest known attacks. Countless other attacks have diverted money, stolen valuable data, damaged critical systems and conned victims—and many more go unreported.
For decades, cybersecurity has tried to stop these attacks, with varying degrees of success. As a discipline, cybersecurity can be broken into three distinct periods: the Access-Control Era, the Detection Era, and today’s People Era.
The Access Control Era of Cybersecurity
In the early days everything digital—from computing and information to electronic funds—was easier to secure. You could simply lock a door. Think of this as the Access-Control Era.
But then we connected everything to networks. And everything that was on the network eventually got connected to the internet. Locking down access was no longer feasible—or even desirable. We had to move on from simply locking doors. The Detection Era had arrived.
The Detection Era of Cybersecurity
This Detection Era was all about finding viruses, worms—things we could catch with an antivirus tool or intrusion detection or prevention systems (IDS/IPS). And we uncovered compliance issues in activity logs with tools like data loss prevention (DLP). That created a new set of challenges, such as alert fatigue and compliance overhead.
This era focused on shoring up enterprise infrastructure—patching system vulnerabilities, hardening the perimeter, managing endpoints, and so on.
The People Era of Cybersecurity
As we move our IT infrastructure to the cloud, there’s no longer a perimeter to defend. At the same time, attackers have shifted their focus from infrastructure to people.
That’s why modern cybersecurity is all about people: their digital hygiene and how they respond to social engineering; how they’re attacked and by what attackers; and who has access to what data, systems and resources.
Analysis
Not only have the number of cybersecurity breaches increased over time, the attack methods used have expanded and evolved. Here are some of the broad cyberattack methods that have evolved over the years:
- Malware. Short for malicious software, malware is software that a cybercriminal has created to disrupt or damage a legitimate computer network. It often sneaks into a network via an unsolicited email or a legitimate-looking download and, once inside, steals money or makes politically-motivated cyber-attacks. Types of malware include spyware, ransomware, adware and botnets.
- SQL Injection. SQL (short for Structured Query Language) is a type of attack designed to steal data from a database. Cyber criminals exploit vulnerabilities in data-driven applications to insert malicious code into a database.
- Phishing. Cyber criminals go “phishing” to target victims with emails that appear to be from a legitimate company asking for sensitive information. Phishing attacks are often used to dupe people into handing over credit card data and other personal information.
- Man-in-the-middle attack. In these attacks, a cyber criminal intercepts communication between two people to steal data. For example, on an unsecure Wi-Fi network, an attacker could intercept data being passed from the victim’s device to the network.
- Denial-of-service attack. In a DNS scheme, cyber criminals prevent a computer system from fulfilling legitimate requests by overwhelming the networks and servers with traffic. Imagine the cars on a typical rush hour freeway riding on the racetrack during the Indy 500. This renders the system unusable, preventing an organization from carrying out vital functions.[3]
- Business email compromise (BEC) and email account compromise (EAC). In BEC scams, the attacker pretends to be someone the victim trusts. It usually starts with an email address disguised to look like it belongs to the trusted person—typically a boss, co-worker, vendor or business partner. Then the attacker asks the victim to wire money, send a payment to a new account, send sensitive information and more.
- EAC is closely related to BEC, but it uses identity deception with a twist. In some ways, EAC is even harder to detect and stop than BEC. In BEC, the attacker tries to impersonate a trusted person’s email account. In EAC, the attacker takes over that trusted email account. The email account doesn’t just seem legitimate—it’s the real thing.
What You Can Do
Understanding the dynamic array of cybersecurity threats out there and maintaining a constant coordinated network security defense against them is critical to the success of your organization. The benefit of having a well thought out cybersecurity strategy in place is that you will be prepared for anything.
Email, social media, and mobile devices are the tools of your trade today—and for cyber criminals, the tools of attack. As you embrace and depend on these emerging tools, you must also protect your people, data and brand against advanced threats and compliance risks designed around this new technology.
Today’s attackers are taking advantage of these changing business dynamics to target people everywhere they work. Staying current on the latest cybersecurity attack vectors and threats is an essential part of securing your enterprise against breaches and compromised data.
[1] Steve Morgan (Cybercrime Magazine). “Global Cybersecurity Spending Predicted To Exceed $1 Trillion From 2017-2021.”
[2] Sarah Hospelhorn, Varonis.com “8 Events That Changed Cybersecurity Forever.”
[3] Kaspersky Lab. “What is Cyber Security?”