Cybersecurity is the practice of protecting critical systems and sensitive data from cyberattacks. Cybersecurity, also known as information technology (IT) security, is designed to combat threats to networked systems and applications that originate within or outside of an organization.
The global average cost of a data breach in 2020 was USD 3.86 million, with the United States costing USD 8.64 million. These expenses include the costs of discovering and responding to the breach, the cost of downtime and lost revenue, as well as the long-term reputational damage to a company and its brand. Customers’ personally identifiable information (PII) — names, addresses, national identification numbers and credit card information — is targeted by cybercriminals, who sell these records in underground digital marketplaces. Customer trust is frequently eroded as a result of PII breaches, regulatory fines, and even legal action.
The complexity of security systems caused by disparate technologies and a lack of in-house expertise can amplify these costs. However, organizations that implement a comprehensive cybersecurity strategy that is guided by best practices and automated through the use of advanced analytics, artificial intelligence (AI) and machine learning can be used to more effectively combat cyberthreats and reduce the lifecycle and impact of breaches when they occur.
Domains of cybersecurity
A strong cybersecurity strategy includes multiple layers of defense to combat cybercrime, such as cyber-attacks that attempt to access, change, or destroy data, extort money from users or the organization, or disrupt normal business operations. Countermeasures should address the following:
Critical infrastructure security – Procedures for safeguarding computer systems, networks, and other assets on which society relies for national security, economic health, and/or public safety. The National Institute of Standards and Technology (NIST) has developed a cybersecurity framework to assist organizations in this area, and the United States Department of Homeland Security (DHS) offers additional guidance.
Network security – Security measures designed to keep intruders out of a computer network, including both wired and wireless (Wi-Fi) connections.
Application security – Processes that aid in the protection of on-premises and cloud-based applications. Security should be built into applications from the start, with considerations for data handling, user authentication, and so on.
Cloud security- To support customer privacy, business requirements, and regulatory compliance standards, cloud security entails encrypting cloud data at rest, in motion and in use.
Information security – Data protection measures, such as the GDPR, that protect your most sensitive data from unauthorized access, exposure, or theft.
End-user education – Raising security awareness throughout the organization to improve endpoint security. Users, for example, can be taught to delete suspicious email attachments and to avoid using unknown USB devices.
Disaster recovery/business continuity planning entails developing tools and procedures for dealing with unplanned events such as natural disasters, power outages, or cybersecurity incidents while minimizing disruption to critical operations.
Storage security – provides rock-solid data resilience with a plethora of safeguards. Encryption, as well as immutable and isolated data copies, are included. These are kept in the same pool so that they can be quickly restored to aid recovery, reducing the impact of a cyber-attack.
Mobile security – With app security, container app security, and secure mobile mail, MaaS360 with Watson enables you to manage and secure your mobile workforce.
Security Strategy Based on Zero Trust
Businesses are more connected than ever before. Your systems, users, and data all exist and function in distinct environments. Security perimeters are no longer but implementing security controls within each environment adds complexity. In both cases, the result is inadequate protection for your most valuable assets. A zero-trust strategy assumes compromise and implements controls to validate the authenticity and purpose of every user, device, and connection into the business. Organizations must be able to combine security information in order to generate the context (device security, location, etc.) that informs and enforces validation controls in order to successfully implement a zero-trust strategy.