What is cybersecurity?
On May 7, 2021, Colonial Pipeline learned a painful lesson about the need for cybersecurity. On that date, the oil pipeline fell victim to a ransomware attack, impacting the computerized equipment used to manage its system. To contain the attack, the oil pipeline halted all operations before paying the hacker group DarkSide the equivalent of $4.4 million in bitcoin to restore the system.
This ransomware attack is just one high-profile example of the importance of cybersecurity, a field that aims to protect electronic assets that store and transmit information. As the digital realm continues to extend into practically all elements of work, life, and everything in between, the need for cybersecurity professionals will only grow.
ADVERTISEMENT
Master’s in Cybersecurity Online From UC Berkeley
Earn a Master’s in Cybersecurity Online in Just 20 Months Visit Website
What is cybersecurity?
Cybersecurity is the protection of computer systems and networks from attacks by malicious actors. If undeterred, these attacks can result in the leak of unauthorized information, disruption of services, or damage to hardware and software. As our world has become increasingly reliant on computers, so has the need for cybersecurity.
Jimmie Lenz, director of the master’s of engineering in cybersecurity and master’s of engineering in fintech programs at Duke University’s Pratt School of Engineering,” defines cybersecurity as the “protection and detection of electronic attacks.”
“Attacks come in a number of different forms,” he says. “Most common are attacks that people receive via email, phishing type attacks, and spear phishing type attacks that most people are pretty familiar with.”
From fighting off cyber criminals to securing systems to fending off nation-states who wish to challenge the integrity of governmental systems, the field of cybersecurity is interesting and ever evolving.
What are 7 types of cybersecurity?
To protect their digital systems, organizations must consider different types of cybersecurity. As the Colonial Pipeline can attest to, a cybersecurity breach can prove costly.
Application security: As the name suggests, application security concerns the unauthorized use and access of software and related data. Despite the best efforts of developers, vulnerabilities can be created during the development and publishing of an app. Application security aims to address these flaws through software’s entire life cycle.
Cloud security: Cloud security is a broad category that includes all technology, policies, and controls used to secure cloud computing data, applications, services, and infrastructure. There are typically two categories of cloud security concerns: issues faced by the organizations providing infrastructure, software or platform services through the cloud, and the issues of their customers who store data and host applications on the cloud.
As organizations increasingly incorporate more cloud-based tools and services, the importance of cloud security will only grow. “Cloud security is getting larger and larger as more and more people avail themselves of those tools,” Lenz says. Generally, the responsibility for handling cloud security is shared between cloud service providers and organizations.
Critical infrastructure security: The cyberattack on Colonial Pipeline illustrates the importance of critical infrastructure security. Large infrastructure systems—such as those involving communications, transportation, and energy—must be protected. “That’s the one that we fear a lot,” says Rob Honomichl, assistant professor of cyber operations at the University of Arizona’s College of Applied Science & Technology. “We’ve seen, in other countries, where they’ve done some damage, taking out grids and things like that.”
Data security: This form of cybersecurity concerns protecting the confidentiality, availability and integrity of digital assets. From health records to credit card information, data security is of vital importance in our digital age. Lenz says this is probably the largest subject in the field of cybersecurity.
Endpoint security: Endpoint security involves the physical devices that connect to network systems, such as laptops, desktops, mobile devices, and servers. These devices are the most common entry point for cyberattacks. Endpoint security aims to protect these devices and their data from vulnerabilities.
Internet of things security: The “internet of things” (IoT) is a term to describe devices with sensors, software, processing ability, and other technology that exchange data with other devices through the internet. IoT security aims to minimize the vulnerabilities that these devices present. In 2013, retail giant Target was the victim of a data breach where hackers compromised the data of 40 million shoppers after gaining access to the company’s payment system through internet-connected HVAC units. Target paid a $18.5 million settlement to those affected.
Network security: Network security involves protecting the hardware and software of a network to stave off service disruptions and unauthorized access. Most cyberattacks begin with a breach of network security. This branch of cybersecurity aims to observe, detect, and respond to network threats. Honomichl says an organization’s network administrator and security team must consider a wide variety of threats to their network, including firewalls, human scams, phishing through ransomware, and other issues.
8 types of cybersecurity threats
Just as there are many types of cybersecurity, there are also many types of threats. These threats may overlap or be used in conjunction to target organizations. And like everything else in the field of cybersecurity, these threats are constantly evolving.
Automated teller machine (ATM) cash out: This type of attack usually impacts small-to-medium-sized financial institutions. In an ATM Cash Out, large cash withdrawals are made at several ATMs in many different regions. It may also involve large withdrawals from one ATM. In this attack, cyber criminals change the settings on an ATM through web-based control panels to allow an unlimited withdrawal of funds.
Corporate account takeover: In a corporate account takeover, or CATO, cyber thieves impersonate a business and conduct unauthorized financial transactions. These funds are then sent to accounts belonging to cyber criminals. These attacks often target businesses with weak safeguards and few controls over online banking systems.
Distributed denial of service: A distributed denial of service—or DDoS—attack overwhelms online services with excessive traffic, making websites unavailable for use or slowing down response time. These attacks are frequently used to create a distraction so that other kinds of fraud can be attempted. “These were really, really popular a few years ago as a way to shut down different sorts of websites,” Lenz says. “These have become a little less popular lately.”
IP spoofing: In this type of attack, a cyber criminal creates a false source Internet Protocol (IP) address for the purpose of impersonating another computing system. This allows hackers to steal data, infect devices with malware, and crash servers without being detected.
Malware: Malware are programs that can impact data, applications, and operating systems. After being secretly inserted into a system, malware can cause widespread damage and disruption. There’s also spyware, malware created to violate privacy. Spyware has become more common in recent years and can be used to enact financial fraud or track a person’s activities.
Phishing: Phishing is a form of social engineering that attempts to obtain sensitive information. With phishing, victims are sent fraudulent messages that appear to be sent by a trustworthy business or individual. Phishing attempts often ask victims to respond to a link to a fake website or email to get them to provide confidential information. “People need to be really, really vigilant about clicking on any kind of links or opening up any kind of attachment that is sent to them,” Lenz says. “These are getting better and better and better all the time.”
Ransomware: Through malware, ransomware prevents or limits a user from accessing their system. A widely used method of attack, ransomware asks users to pay a ransom to regain access to systems or data, usually asking for online payment through bitcoin or other online payment methods.
Spam: We’ve all encountered unwanted messages and emails known as spam. Typically, these messages serve a commercial purpose, but they can also conceal malicious attempts to access your computer.
Cybersecurity careers
From large corporations to governmental entities to healthcare systems, it seems like practically every institution needs cybersecurity professionals in a wide variety of roles. Here are a few:
- Cyber crime analysts provide expertise in creating cybersecurity safeguards and responding to incidents.
- IT auditors review information systems and participate in risk assessments.
- Cybersecurity engineers manage infrastructure and applications, and create new policies and procedures to safeguard systems.
“They really run the gamut,” says Lenz of the opportunities on the market. “This is a vital function for any sort of organization.”
The U.S. Bureau of Labor Statistics states that information security analysts—a title similar to cybersecurity professionals—is the fifth fastest growing occupation. In 2022, median pay for an information security analyst was $112,000 a year.
There are an estimated 3.5 million unfilled cybersecurity jobs across the globe, according to Cybersecurity Ventures, a researcher and publisher that covers the international cyber economy. That follows a 350% growth in the number of open cybersecurity jobs between 2013 and 2021.
The takeaway
Cybersecurity is a broad and dynamic field that’s in high demand and pays well. There are a variety of cybersecurity types and roles to specialize in, and the field is constantly changing.
Honomichl recommends that cybersecurity aspirants visit Cyberseek, an online tool that aims to help explain the relevant credentials and career pathways within the field.
Lenz says it’s important for a person to figure out which segment of cybersecurity they’re interested in before setting off on a career within the field. “Network with people first, and then start to look at what training you need for a particular role.”