Cybersecurity FAQ

What is cybersecurity?

Cybersecurity focuses on protecting computers, networks, programs from unintended and unauthorized access, change and destruction. Cyber-activity is also referred to as the information technology security

Who is responsible for cybersecurity?

Everyone is responsible for cyber security. If you are one of the followings in any information systems, then you are responsible for security: information owner, information user, information systems manager. As the enumeration engages general public, everybody is responsible for cybersecurity provision.

Why do we need cybersecurity?

The increasing reliance of our information age economies and governments on cyber (computer-based) infrastructure makes them progressively more vulnerable to cyber attacks on our computer systems, networks and data. In their most disruptive form, cyber attacks target the enterprise, government, military, or other infrastructural assets of a nation or its citizens. Both the volume and sophistication of cyber threats (cyber warfare, cyber terrorism, cyber espionage and malicious hacking) are monotonically increasing, and pose potent threats to our enterprise, government, military, or other infrastructural assets. Knowing that to be forewarned is to be forearmed, we are well advised to effect strong Cybersecurity defenses that will thwart rapidly evolving cyber threats.

Recent newsworthy cyber attacks on critical cyber infrastructure (e.g., Target data breach, Mt. Gox bitcoin hacker attacks, NSA data leaks and subsequent PRISM revelations) demonstrate the urgent need for improved cybersecurity. As cyber threats grow, so must our abilities to neutralize them. The European Union Agency for Network and Information Security (ENISA) lists all known public documents of National Cyber Security Strategies in the EU as well as the rest of the world.

What is a cyber attack?

An offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, including unauthorized access, unapproved changes, and malicious destruction. Examples of cyber attacks include Distributed Denial of Service (DDoS) and Man-in-the-Middle (MITM) attacks.

What is a cyber threat?

A potential cyber attack, which may be assigned a probability of occurrence that can be used for cyber risk assessment.

What is a cyber risk?

A risk assessment that has been assigned to a cyber threat, such as DDoS attack or a data breach. A cyber risk assessment may be either qualitative or quantitative, where the latter should estimate risk (R) as a function of the magnitude of the potential loss (L) and the probability that L will occur (i.e., R = p * L).

What are the differences among the terms cyber attack, cyber threat & cyber risk?

The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.

For example, a Distributed Denial of Service (DDoS) cyber attack by a botnet is a cyber threat for many enterprises with online retail websites, where the associated cyber risk is a function of lost revenues due to website downtime and the probability that a DDoS cyber attack will occur.

What is malware?

Malware is an umbrella term derived from "malicious software", and refers to any software that is intrusive (unauthorized access), disruptive, or destructive to computer systems and networks. Malware may take many forms (executable code, data files) and includes, but is not limited to, computer viruses, worms, trojan horses (trojans), bots (botnets), spyware (system monitors, adware, tracking cookies), rogueware (scareware, ransomware), and other malicious programs. The majority of active malware threats are usually worms or trojans rather than viruses.

What is cyber hygiene?

Cyber hygiene refers to activities that computer system administrators and users can undertake to improve their cybersecurity while online. Cyber hygiene related activities for computer system administrators include, but are not limited to, segmenting networks, enforcing compartmentalized ("need to know") user permissions, enforcing strong password rules and bi- or multi-authorization procedures, ensuring that firewalls are properly installed, updating both “white lists" and "black lists", ensuring that all antivirus and spam ware protection software is properly installed, removing all unauthorized software, ensuring that all firmware and software patches are current.

Cyber hygiene related activities for computer system users include using strong passwords which are changed frequently and not written down, avoid accessing cybersecure systems on unauthorized and/or non-secure BYODs (Bring Your Own Devices), avoid mixing personal with cybersecure email and/or work documents.

How does cybersecurity work?

Cybersecurity technologies and processes are most effective when organizations diligently practice good cyber hygiene habits while concurrently checking their cyber defense vulnerabilities defenses via aggressive white hat" (a.k.a. "ethical hacking") Penetration Testing ("pen testing").

How can readers submit new questions for this FAQ?

Please contact us to submit new questions for this Cybersecurity FAQ.