What is cybersecurity?
Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyber threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centres and other computerized systems.
Why do we need cybersecurity?
The importance of cyber security comes down to the need to keep data and devices secure. In todays world, people store vast quantities of data on connected devices. Much of this is sensitive, such as Personally Identifiable Information. And then there’s Intellectual Property (IP).
If a cybercriminal was to gain access to this data they can cause havoc. They can steal funds, share sensitive information, or even change data so that it benefits them. Organizations need to have security solutions that enable them to be compliant.
What is a Cyber Attack?
A cyber attack is an assault launched by cybercriminals using computers against other computers or networks. A cyber attack can disable computers, steal data, or use a breached computer as a launch point for other attacks. Cybercriminals use a variety of methods to launch a cyber attack, including malware, phishing, ransomware, DOS, etc.
What is a cyber threat?
A cyber threat is a potential cyber attack, which may be assigned a probability of occurrence that can be used for cyber risk assessments.
What is a cyber risk?
While cyber risk may seem self-explanatory, its not always clearly defined. At its most basic, cyber risk is the risk of damage to an organization through its information systems.
Cyber risk may take several forms. Cybercrime, corporate espionage, cyber terrorism, faulty safety controls of vendors and other third parties, and insider threats all are sources of cyber risk. Those risks can take specific forms, like phishing or ransomware attacks.
What are the differences between the terms cyber attack, cyber threat & cyber risk?
The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.
What are the differences between the terms cyber attack, cyber threat & cyber risk?
The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.
What are the differences between the terms cyber attack, cyber warfare, cyber crime & cyber terrorism?
| CLASSIFICATION | ACTOR | ATTACK EFFECT EQUIVALENCY |
| Cyber Attack [generic] | TBD | TBD |
| Cyber Warfare [includes Cyber Espionage, Cyber Sabotage] | State [nation] | war act |
| Cyber Crime | Non-State (individual/organization) | criminal act |
| Cyber Terrorism | Non-State (individual/organization) | terrorism act |
What is malware?
Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for malicious software. Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware.
| MALWARE TYPE | REQUIRES HOST FILE TO INFECT? | SELF-SPREADING? | APPEARS LEGITIMATE (HARMLESS)? | CAN CARRY HARMFUL PAYLOAD? | CAN COMMO WITH COMMAND & CONTROL SERVER? | CAN ATTACK OS KERNEL & FIRMWARE? |
| Virus | 👍 | 👎 | N/A | 👍 | N/A | 👎 |
| Worm | 👎 | 👍 | N/A | 👍 | N/A | 👎 |
| Trojan | 👍 | 👎 | 👍 | 👍 | N/A | 👎 |
| Bots/Botnet | N/A | N/A | N/A | 👍 | 👍 | 👎 |
| Spyware | 👎 | 👎 | N/A | 👎 | 👍 | 👎 |
| Rootkit | N/A | N/A | N/A | 👍 | N/A | 👍 |
| Blended Threat | 👍 | 👍 | 👍 | 👍 | 👍 | 👍 |
What is cyber hygiene?
Cyber hygiene refers to fundamental cybersecurity best practices that an organization’s security practitioners and users can undertake. As you have personal hygiene practices to maintain your own health, cyber hygiene best practices help protect the health of your organization’s network and assets.
What are the best practices for cyber hygiene?
- Protect your computer network with secure routers with robust firewalls. While travelling, use a Virtual Private Network (VPN) and/or software firewall.
- Install dependable anti-virus (AV) and anti-malware software that continuously scans your computer/mobile phone, and update it frequently
- Update all OS, Web Browser and Application software with security patches on time.
- Define strong passwords and use Multi-Factor Authentication (MFA) whenever available
- Practice safe web browsing habits
- Practice safe email habits
- Keep your user data separate from applications, and apply strong encryption to all sensitive and confidential data
- Keep your user data separate from applications, and back up data regularly
- Be wary and selective when buying goods or services online.
- When selling and disposing of computers and storage devices securely erase all persistent storage.
What does the prefix cyber- mean?
“Cyber” is a prefix used to describe a person, thing, or idea as part of the computer and information age.
What is cyberspace?
Cyberspace is the virtual computer world that could be an object that is floating around a computer network or system. Cyberspace has now extended to global computer networks as well. For example, you would have sent an email to your friend. It means that you have sent a message through cyberspace.
