Introduction to Cybersecurity

Introduction to Cybersecurity

The Evolution of Cybersecurity

Computer security. Network security. Information security. Cybersecurity. All of these terms are used to describe the protection of information assets. Why have there been so many changes in the way we refer to security? 

Safeguarding information has been a priority for as long as people have needed to keep information secure and private. Even simple encryption techniques such as Caesar ciphers were created to ensure confidentiality. But as time and technology move forward, so do the demands of security. Today, the objective of information security is threefold, involving the critical components of confidentiality, integrity and availability (see exhibit 1.1.). All three components are concerned with the protection of information. Confidentiality means protection from unauthorized access, while
integrity means protection from unauthorized modification, and availability means protection from disruptions in access.

In current discussions of security, there are references to both “cybersecurity” and “information security.” The terms are often used interchangeably, but in reality cybersecurity is a part of information security. Marketing, vendors and analysts often use the term “cyber” too broadly, due to the increasingly complex nature of information in the digital age. Additionally, the interconnected nature of critical infrastructure systems has introduced a host of new vulnerabilities with far-reaching implications. All of these factors have influenced the shift from information security to cybersecurity. Generally, cybersecurity refers to anything intended to protect enterprises and individuals from intentional attacks, breaches, incidents and consequences. More specifically, cybersecurity can be defined as “the protection of information assets by addressing threats to information processed, stored and transported by internetworked information systems.”

Cybersecurity and Situational Awareness

Cybersecurity plays a significant role in today’s ever-evolving cyberlandscape. New trends in mobility and connectivity present a broader range of challenges than ever before as new attacks continue to develop along with emerging technologies. Cybersecurity professionals must be informed and flexible to identify and manage potential new threats, such as advanced persistent threats (APTs), effectively. APTs are attacks by an adversary who possesses sophisticated levels of expertise and significant resources, which allow the attacker to create opportunities to achieve its objectives using multiple attack vectors.

In order to successfully protect their systems and information, cybersecurity professionals must demonstrate a high degree of situational awareness. This type of awareness takes time to cultivate, because it usually develops through experience within a specific organization. Each organization has its own distinct culture, which means that conditions vary widely from one organization to another. Therefore, it is critical for cybersecurity professionals to have an awareness of the environment in which they operate.

Central to this awareness is an understanding of key business and technology factors that affect information security. 

Numerous factors, both internal and external, can directly impact an organization and its security needs, including:

• Business plans and business environment
• Available information technology, security process or systems in particular Both of these factors tend to be situational in nature, as every organization faces its own unique challenges and
risk based on the nature of its business. Business environment in particular tends to drive risk decisions. For example, a small start-up company may be much more tolerant of risk than a large, well-established corporation.

Therefore, it can be helpful to reference these broad criteria when evaluating the drivers affecting the security of a specific organization.
With respect to technology, there are many factors that can impact security, such as:

• Platforms and tools used
• Network connectivity (internal, third-party, public)
• Level of IT complexity
• Operational support for security
• User community and capabilities
• New or emerging security tools

When evaluating business plans and the general business environment, consider drivers, such as:

• Nature of business
• Risk tolerance
• Security profile
• Industry trends for security
• Mergers, acquisitions and partnerships
– Consider type, frequency and resulting level of integration
• Outsourcing services or providers

Although business and technology drivers cannot all be predicted with certainty, they should be anticipated reasonably and handled as efficiently as possible. Failure to anticipate key security drivers reflects an inability to effectively react to changing business circumstances, which in turn results in diminished security and missed opportunities for improvement.