Essay About Cyber Security
Cybersecurity is defined as “the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks” (What is Cyber Security). The main categories of cybersecurity include network security, application security, information security, and operational security. Network security involves securing a network from intruders such as targeted attackers or malware. Application security includes keeping devices and software free of threats. Information security protects data in both storage and transit. Operational security is the decisions and processes used when handling and protecting data and networks. However, the most important aspect of cyber security involves end-user education because people are the most unpredictable cyber-security factor.
According to RiskBased Security, “within the first nine months of 2019, there have been 5,183 breaches reported with 7.9 billion records exposed” (RBS). The vast majority of these cybersecurity breaches are the responsibility of malicious criminals and have been experienced by medical services, public entities, and retailers. According to the International Data Corporation, ‘worldwide spending on security-related hardware, software, and services is forecast to reach $133.7 billion in 2022” (New IDC Spending Guide). There are three types of cyber threats: cybercrime, cyber-attacks, and cyber-terrorism. Cybercrime is defined as single assailants or groups that target systems for financial gain or to cause disruptions. Cyber-attacks are usually politically motivated and involve information gathering. Cyber terrorism‘s goal is to cause mass panic or fear through undermined electronic systems.
The most common cyber threat is malware, or “software that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s computer” (What is Cyber Security). Malware can take on many different forms and can be easily spread through seemingly legitimate email attachments or supposedly harmless downloads. One form of malware is a virus or self-replicating program that spreads by infecting computer files with malicious code. A Trojan is malware disguised as legitimate software that, once downloaded, collects data or inflicts damage. Spyware is a form of malware that records information on a user, such as credit card or bank details. Ransomware blocks a user from accessing important files or data unless a ransom is paid to the attacker. Adware utilizes advertising software to spread malicious attacks. Lastly, botnets are networks of computers that have been infected with malware and are used online without user permission.
End-user protection, also called endpoint security, is a crucial aspect of cybersecurity because “it is often an individual (the end-user) who accidentally uploads malware or another form of the cyber threat to their desktop, laptop or mobile device” (What is Cyber Security). The first cybersecurity measure that can be taken to protect end-users is encryption. Cryptographic protocols are used to encrypt emails, files, and critical data and guard against loss, theft, and tampering. Additionally, end-user security software can be used to scan for malicious code, quarantine the threat, and then completely remove it from the computer. By focusing on real-time malware detection, electronic security protocols can “use heuristic and behavioral analysis to monitor the behavior of a program and its code to defend against viruses or Trojans that change their shape with each execution” (What is Cyber Security). These security programs are able to learn from and analyze malware in order to understand how to better detect new threats.