What is cybersecurity and why is it needed?

Understanding cybersecurity and cyber attacks

What is cybersecurity?

What is cybersecurity?

Cybersecurity is the practice of defending technical assets and data from malicious attack. This includes protecting computers, servers, mobile devices, electronic systems, networks, and corporate data. Cybersecurity encompasses:

  • Network security, securing a computer network from intruders.
  • Application security, keeping software and devices threat-free, important because they can provide access to corporate data.
  • Information security, protecting data in storage and in transit.
  • Operational security, ensuring users have appropriate permissions when accessing a network and that data is stored and shared securely.
  • Disaster recovery and business continuity, planning for adequate response to security incidents, data losses, or outages, as well as recovery in those instances. Business continuity is the plan the organization uses to continued operating when dealing with an incident.

What is a cyber attack?

A cyber attack is an attempt to steal, alter, expose, disable, destroy, or simply gain unauthorized access to a computer system or network. Some common types of attacks include:

Distributed Denial of Service (DDOS) In which attackers overwhelm the targeted resource (such as a website or network) with superfluous requests attempting to overload the servers in order to prevent some or all legitimate requests from being fulfilled. For example, the attacker may use many different IP addresses to send hundreds of thousands of contact us requests to a website, overwhelming the site and causing it to go down.

Phishing In which attackers obtain a set of phone numbers/email addresses and send a compelling message to all of them hoping to get the user to click a link leading to a fake website where the user will enter his or her username and password. The attacker can then use it to log in and capture data, steal money, etc.

Spear phishing In which attackers send carefully crafted and very believable messages to smaller groups of individuals. The messages are specifically relevant to this group of people and often include personal information the attackers have obtained (such as a colleague’s name or some event the individuals recently attended). The message than acts like a regular phishing attack.

Keylogger In which attackers manage to install a program on the user’s machine which captures keystrokes including the usernames and passwords for specific sites, apps, etc.

Credential stuffing In which attackers use stolen username/password pairs and try to use them on many different websites or apps, hoping the user has used the same credentials for multiple sites. (This works because users do frequently use the same credentials across websites.)

Brute force and reverse brute force attacks In which attackers generate possible username/password combinations based on typical patterns that people use, and then programmatically try to use them on many websites/apps to try to gain access.

Man-in-the-middle (MITM) attacks In which attackers insert a program between the user and an app or website. For example, the program might look like a public Wi-Fi login. The program then captures the user’s login credentials or hijacks the user’s session so it can take actions hidden from the user.

What is a security incident and a security breach?

A security incident is an event that violates an organization’s security policies or procedures. Verizon’s 2016 Data Breach Investigations Report defines an incident as a “security event that compromises the integrity, confidentiality, or availability of an information asset.”

A security breach is an incident that meets legal definitions at the state or federal level such that it qualifies as a data breach. Many state, federal, and compliance regulations require specific notifications in the event of a data breach, such as letting affected individuals or regulatory organizations know.

How do you implement cybersecurity?

There are no cybersecurity silver bullets, but being proactive and attentive increases the chances of preventing or mitigating a security incident or breach. Protecting your business or organization from cyber attack requires coordinated activity on multiple fronts.

The IT department in an organization generally “owns” cybersecurity, but every employee, vendor, supplier, and person who has access to corporate resources plays a role. Defending the organization requires efforts on at least three fronts:

  • Technology—The right technical security tools are, of course, critical. Technical solutions should be implemented to protect on-prem networks and systems, cloud systems and apps, and all endpoints, i.e. devices, internet of things (IoT), routers, and any other entry points to your networks and systems. A Privileged Access Management system and an Identity Access Management system are critical technologies.

  • Processes—Staying diligent and successfully addressing potential or actual cybersecurity events can only occur if you have taken the time to define and roll out processes that support cybersecurity. These processes must be verified and updated regularly.

  • People—If the people in your business ecosystem don’t implement the required processes and technology, you won’t be successful. Moreover, people are a frequent target of the most common types of cyber attacks. So educating everyone inside and who works with your organization and ensuring they follow best practices, such as around password security, is mandatory to protect your organization.

These cybersecurity tools must be applied to a set of functions, as per the NIST Framework:

  • Identify potential cybersecurity risks and weak points in the organization.
  • Protect from attack using the information determined in the identify phase.
  • Detect any attacks or potential attacks in real-time.
  • Respond to attacks.
  • Recover from the impact of an event.

Thanks for signing up.

We’ve sent a verification email to

To complete your trial sign up, please check your email and follow instructions to verify. You may need to check your spam. You will be prompted to set up a password and log in. Please note that your user name is your email address.

Get Started in 3 Easy Steps:

Try OneLogin Free

All fields are required

  • This field is required.
  • Please enter your first name
  • Please enter your last name
  • Please enter your job title
  • Please enter your phone number
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter company name
  • .onelogin.com
    Please choose another subdomain
  • Please enter number of employees
  • Please enter country
  • Please enter state
  • By completing and submitting this form, I agree to the storing and processing of my personal data by OneLogin as described in our Terms of Service and Privacy Policy.

  • By creating your account, you agree to the Terms of Service and Privacy Policy.

Related Resources:

How MFA helps prevent common cyberattacks

See how Multi-Factor Authentication (MFA) helps to prevent some of the most common and successful types of cyber attacks.

Learn

Quiz: Name These 7 Common Cyberattacks

Take the Cyberattack Quiz and learn how informed you are about cybersecurity.

Read More

3 lessons Game of Thrones can teach us about cybersecurity

Are there similarities between the defenses of the Night’s Watch and those of cybersecurity teams in the real world? You be the judge.

Read the Blog