Cyber-Reality - 10 domains of cybersecurity you need to know

Cybersecurity, cyberwars, cyberattacks, cyber law … cyber – something is becoming a new reality. One day (very soon) we will stop thinking of cyber as something intangible and distant. It will simply become a reality we live in.

Take few minutes to understand 10 domains of cybersecurity and understand why it is your reality right now.

1. Access Control
2. Software Development Security
3. Business Continuity and Disaster Recovery Planning
4. Cryptography
5. Information Security Governance and Risk Management
6. Legal, Regulations, Investigations, and Compliance
7. Operations Security
8. Physical and Environmental Security
9. Security Architecture and Desige
10. Telecommunications and Network Security

From deliberate attacks to unforeseen errors, software failures to web weakness, today's IT environment is complex. Get more insight into cybersecurity importance! See the video:

Access is an ability (usually a technical one such as a read, create, modify, or delete) to do something with a computer resource.

Access control includes authorization – the permission to use a resource, and an authentication – prove that the user is the one who claims to be.

Software development security requires full process or system lifecycle control. It means proper planning  complete analysis, proper design,  careful implementation and maintenance.  

Once system is in place it needs strong procedures to assist organization in case of disruption events. That is why BCP (Business Continuity Plan) is being prepared as well more details procedures of disaster recovery.

Cryptography is used to scramble plaintext into cyphertext (which is called encryption) and then back again into a simple text (which is called decryption). It is used to for storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Even strong encryption cannot secure data when it does not come along with strong governance and risk management. Key element here is to classify all data and properly secure all of them. Apart from that all roles in an organization need to understand responsibilities for data protection and need to have knowledge on how to make their duties. Education is key to success!

Once there is lack of strong data protection and governance risk may come true.. there are lots of examples of data leakage, legal allegations or criminal investigations on a daily news.. Google, Sony, Facebook, Talk Talk, LinkedIN.. just to name few spectacular ones.

It simply shows that all data processed by the company needs special attention and need to be handled, secured and destroyed in a proper way.

However cybersecurity is not only about the cyberspace, physical & environmental threats and equally important. It may be that emergencies, service interruptions, natural disasters or sabotage would impact on systems or processes data.

It is usually true that the hardware is not that important as all data stored and accessible via it. That is why cybersecurity is about all 3: hardware, software and OS system security. If one of element is defected, all are in serious threat.

Threats are coming from a much wider space, which is telecommunication and computer network. It is necessary to use firewalls and protected routers as well as various protocols and secured voice communicators.

It is worth to see how easy it is to break what you think is strong cybersecurity. Watch Inventing for the world's largest problems: Pablos Holman at TEDxMidwest: https://www.youtube.com/watch?v=FtYW4sPefhY&feature=youtu.be