Cyber security involves protecting information, systems and networks from malicious attacks. It also includes safeguarding data in transit. This protects against cybercriminals seeking to steal sensitive or confidential information, disrupt operations and cause other damage. This is a major concern, especially for enterprises.
Cyberattacks can come from outside and within. From the outside, hackers can target weaknesses in software and hardware and gain unauthorized access to computer systems. Typical attacker actions include creating malware, stealing information and manipulating data. Insider threats are when unauthorized users have access to information and assets through privileged accounts or credentials (for example, by exploiting flaws in the software used to manage a company’s computer systems). Attacks on infrastructure, such as web servers and internet-facing services, can be caused by distributed denial of service attacks (DDoS), advanced persistent threat attacks and man-in-the-middle attacks.
Employees may introduce vulnerabilities as well. For example, Karen in customer service might browse the internet for personal tasks on her work device. She might download movies or play games. Or she might click on a suspicious link, giving cybercriminals the information they need to breach corporate systems.
Companies should align cybersecurity priorities and investments to the business objectives they seek to achieve. They should measure the risk and impact of those measures. They should also use outcome-driven metrics to enable effective governance over cybersecurity-related investments and support daily decision making. SOCaaS