Computer security, cybersecurity or information technology security (IT security) importance, types, pros and cons
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks, These cyber attacks are aimed at accessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes, A successful cybersecurity approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe, the people & processes.
Cybersecurity, Computer security, or information technology security (IT security) is the protection of computer systems from theft or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide, It consists of technologies, processes and controls designed to protect systems, networks and data from cyber attacks.
Cybersecurity is growing in importance due to increasing reliance on computer systems, the Internet and wireless networks such as Bluetooth & Wi-Fi, and due to the growth of smart devices such as smartphones, televisions and many tiny devices, Effective cybersecurity reduces the risk of cyber attacks and protects against the unauthorized exploitation of systems, networks and technologies.
It is the protection of Internet-connected systems, including hardware, software & data, from cyber attacks, Security comprises cybersecurity and physical security, both are used by enterprises to protect against unauthorized access to data centers and other computerized systems, Information security is a subset of cybersecurity and it is designed to maintain the confidentiality, integrity & availability of data.
Robust cybersecurity involves implementing controls based on three pillars which are people, processes & technology, This three-pronged approach helps organizations defend themselves from both organized attacks and common internal threats, such as accidental breaches and human error.
It refers to a range of concepts including the practice of protecting an organization’s information, networks, computer, and resources against attacks from security and computer attacks, The users must understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data.
Cybersecurity is important to give organizations and individuals the computer security tools needed to protect themselves from cyber attacks, The endpoint devices like computers, smart devices, and routers must be protected, Technology is used to protect these entities include next-generation firewalls, DNS filtering, malware protection, antivirus software, and email security solutions.
Types of cybersecurity threats
It is necessary to protect information and other assets from cyber-threats, which take many forms, Ransomware is a type of malware software that involves an attacker locking the victim’s computer system files (typically through encryption) and demanding a payment to decrypt & unlock them, It is designed to extort the money by blocking access to files or the computer system until the ransom is paid, and paying the ransom does not guarantee that the files will be recovered or the system restored.
Cyber threats come in the form of social engineering which is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected, the adversaries can solicit a monetary payment or gain access to confidential data, It can be combined with any threats to click on links, download malware, or trust a malicious source.
Phishing is a form of fraud, fraudulent emails are sent that resemble emails from reputable sources, these emails can steal sensitive data, such as credit card or login information, It’s the most common type of cyber attacks, You can help protect yourself through education or a technology solution that filters malicious emails, Malware is any file or program used to harm the computer user, such as worms, computer viruses, Trojan horses and spyware, It is used to gain unauthorized access or to cause damage to a computer.
The vulnerability is a weakness in design, implementation, operation or internal control, Most of the vulnerabilities that have been discovered are documented in the Common Vulnerabilities and Exposures (CVE) database, The exploitable vulnerability is one for which at least one working attack or “exploit” exists, Vulnerabilities are often hunted or exploited with the aid of automated tools or manually using customized scripts.
You should secure the computer system, Many attacks can be made against it, The backdoor (in a computer system, a cryptosystem or an algorithm) is any secret method of bypassing normal authentication or security controls, The backdoor exists for many reasons, It is used by original design or from a poor configuration, It can be added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons, It can create a vulnerability for short term or long term, depending on the measures taken by the IT team.
Eavesdropping is the act of surreptitiously listening to the private conversation, It can be eavesdropped upon via monitoring the faint electromagnetic transmissions generated by the hardware, DoS (Denial of service attacks) is designed to make the machine or network resource unavailable to its intended users, The attackers can deny service to the individual victims by deliberately entering a wrong password enough consecutive times that locks the victims account, or they may overload the capabilities of the machine or network and block all users at once.
Although the network attack from a single IP address can be blocked by adding a new firewall rule, many forms of Distributed denial of service (DDoS) attacks are possible, where the attack comes from a large number of points, and defending is very difficult, The attacks can originate from the zombie computers of the botnet, but many other techniques are possible including reflection and amplification attacks, where the innocent systems are fooled into sending traffic to the victim.
Direct-access attacks: The unauthorized user gaining physical access to the computer is most likely able to directly copy data from it, They may compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice, Disk encryption and Trusted Platform Module are designed to prevent these attacks.
Advantages of cybersecurity
Cybersecurity protects systems and computers against viruses, worms, spyware, malware and other unwanted programs, It offers protection against data from theft, It protects the computer from being hacked, It minimizes computer freezing & crashes, It gives privacy to users, It offers strict regulations and it is difficult to work with non-technical users.
Cybersecurity offers protection from malicious attacks on your network, It presents deletion and/or guaranteeing malicious elements within a preexisting network, It prevents users from unauthorized access to the network, It denies programs from certain resources that could be infected and it secures confidential information.
Cyber Security offers improved security of cyberspace, It increases cyber defense, It increases cyber speed, It protects company data and information It protects individual private information, It protects networks and resources, It fights computer hackers and identity theft.
Disadvantages of cybersecurity
Cyber security makes the system slower than before, Firewalls can be difficult to configure correctly, Incorrectly configured firewalls may block users from performing certain actions on the Internet, until the Firewall configured correctly, You need to keep updating the new software in order to keep security up to date, Cyber Security will be costly for average users.
Simple rules for emailing & How to protect yourself against spam emails
Software firewalls and hardware firewalls advantages and disadvantages
DDoS Attacks risks, How to protect your website from DDoS Attacks