What Is Cybersecurity?
Definition, Types, Tips, and More

JJ Cranford - January 27, 2023

Cybersecurity Definition

Cybersecurity is the act of defending digital assets, including networks, systems, computers, and data from cyberattacks. Also known as information technology security (IT security), it protects against threats that aim to access or destroy sensitive information, exhort money from users, or interrupt normal business practices.

Why Is Cybersecurity Important?

While any organization or individual can be the target of a cyberattack, cybersecurity is especially important for organizations that work with sensitive data or information such as intellectual property, customer information, payment details or medical records. Many adversaries tend to focus on high-value targets, such as financial institutions, government organizations, military branches or large companies. When sensitive information is leaked, consequences can range from companies losing revenue and having people’s identity stolen to severe threats to national security.

In order to protect and defend against digital attacks, organizations must develop and deploy a comprehensive security strategy that includes both preventative measures, as well as rapid detection and response capabilities. To protect its digital assets, customers, and reputation, an organization should partner with one of the leading cybersecurity companies, such as CrowdStrike, to develop a comprehensive and flexible strategy based on their unique needs.

Types of Cybersecurity

Within cybersecurity, there are different security domains specific to the defense of each digital asset.

Types of cybersecurity include:

TypeDescription
Endpoint SecurityEndpoint security, or endpoint protection, is the process of protecting a network’s endpoints – such as desktops, laptops, and mobile devices – from malicious activity. Unlike traditional security, endpoint security protects in real-time across a large number of endpoints, geographic regions, and bandwidths.
Cloud SecurityCloud security is the collective term for the strategy and solutions that protect a cloud infrastructure, and any service or application hosted within its environment, from cyber threats. For organizations that use a cloud-based model, it is important to develop and deploy a comprehensive security strategy that is specifically designed to protect cloud-based assets.
Application SecurityApplication security reduces vulnerability at the application level such as preventing data or code within the app from being stolen, leaked or compromised.
Network SecurityNetwork security is a broad term that refers to the tools, technologies and processes that protect the network and related assets, data and users from cyberattacks. It includes a combination of preventative and defensive measures designed to deny unauthorized access of resources and data.
Data SecurityData security, also referred to as information security, is the technologies, policies, services and security controls that protect any type of data. It protects your sensitive data from leakage or misuse through breaches, exfiltration, and unauthorized access.
Identity SecurityIdentity security protects all types of identities within the enterprise—human or machine, on-premises or hybrid, regular or privileged—to detect and prevent identity-driven breaches. This happens especially when adversaries manage to bypass endpoint security measures.
Critical Infrastructure SecurityCritical infrastructure security is the practice of protecting the computer systems, networks, and other assets vital to the daily function of our way of life. The incapacitation of these assets would have a debilitating effect on the safety and security of our citizens.
Internet of Things (IoT) SecurityIoT security focuses on protecting, monitoring and remediating threats related to the Internet of Things (IoT) and the network of connected IoT devices that gather, store and share data via the internet. IoT devices include laptops, smartphones, smart thermostats, cameras, printers, and anything connected to the network.

Common Cybersecurity Threats

Cybersecurity threats can come in many forms. Some common examples include:

Malware

Malware (malicious software) is a term used to describe any program or code that is created with the intent to do harm to a computer, network or server. Common types of malware include ransomware, trojans, keyloggers, spyware, fileless malware, and more.

Denial-of-Service (DoS) attacks

Denial-of-Service (DoS) attack is a malicious, targeted attack that floods a network with false requests in order to disrupt business operations. In a DoS attack, users are unable to perform routine and necessary tasks, such as accessing email, websites, online accounts or other resources that are operated by a compromised computer or network. Similarly, hackers can use Botnet, a set of infected devices, to perform a Distributed Denial-of-Service (DDoS) attack and flood a website with fake traffic.

Phishing

Phishing is a type of cyber attack that uses email, SMS, phone, or social media to entice a victim to share sensitive information—such as passwords or account numbers—or to download a malicious file that will install viruses on their computer or phone.

Insider Threats

Insider threats are people who abuse their access permissions to carry out malicious activities. They can include current or former employees, business partners, contractors, or anyone who has had access to systems or networks in the past. It can be tricky to detect insider threats because traditional security solutions like firewalls and intrusion detection systems focus on external threats.

Identity-Based Attacks

According to Crowdstrike’s Global Threat Report 2022, identity-based attacks comprise about 80% of all breaches because they are extremely hard to detect, taking on average, 250 days. Attacks that involve compromised identities are hard to detect because attackers tend to learn beforehand typical user behavior and can easily mask it, making it hard to differentiate between the two.

A man-in-the-middle attack, for instance, is a type of identity-based cyberattack in which an attacker eavesdrops on a conversation between two targets, usually two people, two systems, or a person and a system. The ultimate goal is to collect personal data, passwords or banking details, and/or to convince the victim to take an action such as change their login credentials, complete a transaction or initiate a transfer of funds.

Social Engineering

Social engineering is the act of manipulating people to take a desired action, such as giving up confidential information, by using compelling emotions and motivators like money, love, and fear. These attacks can come with little sophistication, but can often be quite sophisticated, where even highly suspicious people are fooled.

Learn More

Read our post on the most common types of cyber attacks where you can learn more in detail about each type with examples.  Read: Most Common Types of cyber Attacks

Cybersecurity Best Practices

Cyber threats are on the rise. Fortunately, there are many things your organization can do to stay secure. There are basic things to implement, like a security training program for employees to ensure they use a private wifi, avoid clicking on suspicious emails or links, and don’t share their passwords with anyone. Nevertheless, for your organization to stay as secure as possible, it must follow these cybersecurity best practices:

  • Perform Routine Software Updates: Enable the automatic software download option and make sure to install software patches so that attackers cannot easily take advantage of your vulnerabilities.
  • Run Comprehensive Antivirus Software: They detect, quarantine, and remove different types of malware. Make sure to enable automatic virus definition updates to ensure protection against latest threats.
  • Keep Passwords Safer than Ever: Creating a unique password and not sharing it can go a long way, but it is not enough. Follow password storage best practices such as ensuring your passwords differ for different accounts, making them a catchphrase or 16 characters long, and changing your default username and password as soon as possible.
  • Implement Multi-Factor Authentication (MFA): MFA allows companies to use more than one identity authentication method, decreasing chances of a breach even if the attacker knows usernames and passwords.
  • Install a Firewall: Firewalls restrict unnecessary communications and block malicious traffic before entering a system.
  • Implement a Cybersecurity Training Program: As basic as this one is, it is absolutely essential to implement. If only some of your employees are following cybersecurity best practices, attackers will have endless opportunities to access sensitive data or perform an attack. Ensure all employees complete comprehensive cybersecurity training on the importance of keeping sensitive data safe, best practices to keep this data safe, and a thorough understanding on the different ways cyber attacks can happen.

Cybersecurity Resources

In order to prepare your organization from the threats of cyber attacks, start by using a valuable framework to guide you in the process. For example, The National Institute of Standards and Technology (NIST) has a cybersecurity framework that helps organizations learn how to identify attacks, protect computer systems and networks, detect and respond to threats, and recover from attacks.

​​Here is a list of the best, most trusted resources for businesses:

Cybersecurity Careers

As companies transition into digital environments, the supply of cybersecurity experts that protect against the rising number of cyber threats has not kept up with the demand. It is essential that the industry provides training and education to allow people interested in cybersecurity to enter the space and help close the skills gap, preventing more cyber attacks as a result.

This list contains some technical roles and responsibilities typical within the cybersecurity space:

  • Chief Information Security Officer (CISO): Implements security programs across the organization and oversees IT department’s operations.
  • Cybersecurity Administrator: Deeply understands critical infrastructure of a company to keep it running smoothly, serves as point of contact for all cybersecurity teams, and drafts relevant training programs/policies. Installs and troubleshoots security solutions as needed.
  • Cybersecurity Architect: Designs, builds, and installs security systems for computing and data storage systems to support enterprise’s critical infrastructure.
  • Cybersecurity Analyst: Plans and analyzes security measures and controls. Conducts internal and external security assessments.
  • Cybersecurity Engineer: Ensures company endpoints, users, and data are secure from threats. Focus on quality control.
  • Incident Responder: Trained to respond to cybersecurity threats and breaches in a timely manner and ensure similar threats don’t come up in the future.
  • Forensic Investigator: Analyzes causes of a breach, ascertains methodology, and discovers who the perpetrator is.
  • Penetration Tester: Also known as ethical hackers, they test security systems, networks, and applications in search for vulnerabilities that could be exploited by attackers.

Check out the CrowdStrike careers page to explore the hundreds of open cybersecurity jobs across multiple locations.

GET TO KNOW THE AUTHOR

JJ Cranford is a Senior Manager of Product Marketing at CrowdStrike primarily responsible for Incident Response and Advisory Services. JJ previously held roles at Cybereason, OpenText and Guidance Software where he drove go-to market strategy for XDR, EDR and DFIR product suites. JJ provides insight into market trends, industry challenges, and solutions in the areas of incident response, endpoint security, risk management, and ransomware defense.