4. What aspects does cybersecurity cover?
Cybersecurity can be divided into different branches. Within a state, an organisation, a company or even a private household, these must be effectively combined and coordinated. This is the only way to guarantee success.
At the application level, security measures prevent data or code from being stolen, hijacked or locked out for the user by an app or malware. These precautions can be inserted during the development stage of the software or later with an update.
Even hardware components have vulnerabilities. Attack strategies such as Meltdown or Spectre exploited vulnerabilities in modern processors. This allowed sensitive information to be extracted from processor memory - regardless of whether it was a mobile device or a personal computer. Specific software and operating system patches can now prevent the worst. However, this example clearly shows that cyber security must even work at the hardware level.
Information security & data security
Information security actually means any kind of information, regardless of whether it is digital or analogue. However, there are overlaps, especially since a lot of information is now stored on computers or hard drives, databases, etc.
Business records, personal data, customer data, financial data, intellectual property and much more sometimes form the foundation of any business, organisation or private life. One of the priorities of cyber security is to protect this data from unauthorised third parties.
is another subcategory of cybersecurity. It ensures the reliability and functioning of networks. The protection of data also plays an important role. This requires a number of security protocols such as a well-secured WLAN, regular software updates, password protocols and multi-factor authentication. Furthermore, experts or cybersecurity companies carry out so-called penetration tests. They identify and close any leaks or vulnerabilities.
Companies are also responsible for customer data that they store with a cloud provider. Corresponding service providers focus on guaranteeing the security of this data, if only for self-serving image reasons. Ultimately, however, much is in the hands and responsibility of the user. The user must configure access restrictions correctly and also sufficiently secure the system at its end.
Operational safety & disaster recovery
To guarantee business continuity, a business must prepare for possible attacks. Only in this way can they be recognised, analysed and defended against in good time. The business can continue work processes or, in the best case, there is no interruption at all.
However, this is not always the case. Every company and every organisation should have a so-called disaster recovery plan. This enables the business to continue operations as quickly as possible and to recover lost data. This includes effective communication with all parties involved to ensure efficient cooperation in this process.
Lack of cybersecurity can have an impact on physical reality. One point of attack is the so-called Internet of Things (IoT), which is usually not sufficiently protected against cyberattacks (read more about IoT security in this free whitepaper
). Attacks affect digital assistants, household appliances or cameras connected to the internet. Smart devices in companies and factories are also on this list. Even penetrating the computer systems of modern cars
is theoretically possible.
Networked security systems of offices or homes are an additional risk factor. Cybersecurity has to deal with all these consequences in the physical world.