It’s in the news unfortunately often: a major data breach compromises individuals’ or businesses’ secure information. From the 2013 Adobe hack, to the 2017 Equifax breach that compromised millions of customers’ financial data, to the revelation earlier this year that dating apps had been compromised and exposed hundreds of gigabytes of explicit photos and chats, cyberattacks are serious business, and stopping them is critical.
Put simply, cyber security, or information security, is the practice of ensuring the integrity, confidentiality and availability of digital information; that is to say, making sure that the information itself is intact, that it can’t be accessed by unauthorized users and that it can be accessed by authorized users. There are numerous types of cyber security and security analytics, all focused on finding and improving methods to prevent unauthorized access to or tampering with data.
What’s the Difference? Cyber Security vs. Information Security
These two terms are often used interchangeably, but they’re not quite the same. Information security, or infosec, is concerned with keeping information confidential and accessible, regardless of whether that information is stored electronically or in physical form. Cyber security is specifically concerned with digital data and digital systems. However, as organizations increasingly use electronic systems to store and transmit data, the area of overlap between information security and cyber security will only get bigger.
Data is the most valuable resource in the modern economy and organizations are more dependent on technology now than ever, which makes IT security critical. Data breaches can cause millions of dollars of damage and compromise trade secrets as well as individuals’ privacy. That’s why it’s critical to understand and implement each type of cyber security.
Data Loss Prevention (DLP)
As the name implies, data loss prevention is all about stopping data breaches and maintaining data integrity. Organizations invest in data loss prevention both to protect their own intellectual property and to stay in compliance with laws and regulations pertaining to data security, such as HIPAA for healthcare organizations.
Data loss prevention software controls endpoint activities (that is, points where data can be accessed), filters data transfers and monitors data that is at rest, in motion and in use. DLP includes security measures such as encryption and alerts to bring system administrators’ attention to potential breaches and provide options for remediation.
The goal of network security is to protect the integrity, configuration and accessibility of a network of devices and any data stored or transmitted across the network. Because computer networks have complex architecture and face an ever-changing threat environment, network security solutions must be adaptable and comprehensive.
Network security begins with physical security around network devices, such as locking entrances to a building in which network devices are used or requiring employees who bring network devices home to follow certain security protocols. Technical network security includes software, such as encryption or firewalls, that protect the integrity of data on the network and prevent unauthorized access. Finally, administrative network security refers to the protocols put in place at the organizational level to control user behavior, such as requiring passwords to follow certain standards or be changed frequently, or setting different levels of access for different employees.
Intrusion Detection Systems (IDS)
Intrusion detection or intrusion prevention software is designed to monitor traffic and search for suspicious activity that may indicate a cyberattack. Broadly speaking, IDS systems fall into two categories: host-based systems that are placed on a particular device, and network-based systems that are placed on the network itself. IDS can identify traffic that is universally indicative of malicious or otherwise suspicious activity, such as phishing, as well as browser-specific attacks.
Cloud computing security is specifically intended to protect cloud-based data by authenticating access, filtering traffic, and so on. The specific cloud security solution used by any organization should be a joint effort between the organization and the cloud computing provider.
One of the advantages of a cloud-based solution is centralized IT security. The cloud provider manages traffic analysis and web filtering across the cloud infrastructure; furthermore, it can ensure that software updates and other security measures are rolled out universally across the entire cloud. Cloud-based solutions also allow for more unified and robust security analytics. On the end user side, the organization needs a plan in place to manage access to cloud-based resources and ensure protocols are followed to maintain data integrity.
Antivirus and Anti-Malware Software
“Malware” is a collective term for several types of malicious software, including:
- Viruses: programs that replicate themselves by corrupting or modifying other programs and inserting their own code once triggered by the activation of their host. “Virus” is often misused as an umbrella term to describe other types of malware.
- Adware: unwanted software that installs itself on a system without the user’s consent and displays advertisements, usually in a browser window.
- Trojans: malware that misleads users of its true intent in order to gain unauthorized access to a system.
- Worms: stand-alone pieces of malware designed to self-replicate and propagate independently as soon as they have breached a computer system.
Antivirus or antimalware software is a type of software programmed to prevent, search for, detect and remove these types of cyber security threats.
With more than 60,000 new pieces of malware created every day, antivirus software needs to be regularly updated in order to prevent the latest types of cyber security threats from breaching a system. A typical antivirus program scans files and directories for any known malicious patterns, removes any malicious code detected and protects the overall health of the system. In addition to protecting against known threats, antivirus software can sometimes recognize previously unknown cyber security threats based on patterns of activity.
Organizational Security Practices
One of the most common misconceptions about cyber security is that it’s all about technical solutions: install the right security software and your device or network is protected. In reality, technical solutions are only part of the information security puzzle.
An effective IT security plan also includes good practices around passwords and careful thought behind assigning levels of access. In many respects, it’s not unlike security at a physical office: everyone needs a key to the front door, but only certain executives need access to the room where the most sensitive information is kept. Employee backgrounds need to be checked before they obtain access to intellectual property. Protocols need to be put in place to prevent keys from being lost or duplicated. The same principles apply to passwords, physical security around devices and other administrative steps that can reduce the risk of a cyberattack.
Ready to Get Started in Cyber Security?
As organizations continue to rely more and more on technology, and as the world of cyber security threats continues to grow as well, there will always be a need for cyber security professionals. If you’re ready to take the next step toward honing these important skills, get started with the fully online B.S./B.A./B.A.S. in Information Technology Management at Eastern Oregon University Online.