Cybersecurity (sometimes called computer security) is a set of methods and practices of protection against malicious attacks for computers, servers, mobile devices, electronic systems, networks and data. Cybersecurity finds application in a variety of fields, from the business sphere to mobile technologies. There are several main categories in this direction.
Network security – actions to protect computer networks from various threats, such as targeted attacks or malware.
Application security is the protection of devices from threats that criminals can hide in programs. An infected application can give an attacker access to the data it is supposed to protect. The security of the application is provided at the development stage, long before its appearance in open sources.
Information security – ensuring the integrity and privacy of data both during storage and during transmission.
Operational security – handling and protection of information assets. This category includes, for example, the management of network access permissions or rules that determine where and how data can be stored and transmitted.
Disaster Recovery and business continuity – responding to a security incident (the actions of intruders) and any other event that may disrupt the operation of systems or lead to data loss. Disaster recovery is a set of rules describing how an organization will deal with the consequences of an attack and restore workflows. Business continuity is an action plan in case an organization loses access to certain resources due to an attack by intruders.
Awareness raising– user training. This direction helps to reduce the influence of the most unpredictable factor in the field of cybersecurity – human. Even the most secure system can be attacked due to someone’s mistake or ignorance. Therefore, each organization should conduct trainings for employees and tell them about the main rules: for example, that it is not necessary to open suspicious attachments in e-mail or connect questionable USB devices.