Like the “real” world, the virtual world and, if you believe in the impending Metaverse where we will apparently someday actually live, is fraught with crime and peril. In the physical domain, we might worry about things like car theft, home robbery, and getting mugged in a dark alley. In the cyber-world we also face losing our valuables, but in a digital landscape. Online, we worry about things like phishing, identity theft, internet fraud, and having our cyber systems held for ransom (Red Points). In both scenarios, we have to find ways to protect ourselves and minimize our risks. In the online realm, we call that protection ‘cybersecurity,’ and in this three-part series, we’ll discuss what cybersecurity is, why we need it, and how to implement it.
What is Cybersecurity?
According the Cybersecurity & Infrastructure Security Agency, “Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information” (CISA). In a nutshell, cybersecurity encompasses the available structures, measures, and solutions through which we protect all of our vulnerable information and ourselves from unlawful online activity.
History of Cybersecurity
Cybersecurity became a necessity in the 1970s, before computers were even a staple in people’s homes. A man named Bob Thomas created the very first virus (appropriately called ‘Creeper’) and Ray Tomlinson (who coincidentally invented email) wrote the program that chased it down and deleted it.
The 1980s saw the birth of the commercial antivirus. In 1987, John McAfee released VirusScan, and McAfee became a recognized name in virus protection.
Since then, the world has moved progressively further online and virtual. This has resulted in an exponential increase of network security threats which has lead to a mass production of cybersecurity products to protect the public (Cyber Magazine).
Why is Cybersecurity Critical?
Cybersecurity is critical because it protects your personal and/or business data from theft and destruction. Sensitive data includes (but is not limited to) things like:
- Personally identifiable information
- Protected health information
- Intellectual property
- Personal and business data
- Government and industry information systems
Without a cybersecurity system in place, your organization will be unable to defend its information against cybercriminals.
Consider the following startling statistics:
- Cybercrime rose by 600% due to the COVID-19 pandemic.
- Total malware infections rose from 12.4 million in 2009 to 812.67 million in 2018.
- Ransomware cost businesses more than $75 billion per year.
- 50% of 582 information security professionals surveyed don’t believe their organization is prepared to repel a ransomware attack.
- CEO fraud (via phishing) is now a $12 billion scam.
- The average cost of a malware attack on a company is $2.4 million.
- The average time a malware attack costs a company in terms of productivity loss is 50 days.
What’s at Risk?
A better question would be what’s not at risk? You would be hard-pressed to name a system that doesn’t rely on computers. Our communications, entertainment, transportation, shopping, and even healthcare systems are all online (CISA). Our personal information is “out there” … all over the place … and all of it is at risk. You can lose time, money, assets, productivity, your reputation, and even your livelihood to cyber-attacks.
The next article in this series will define ‘hacking,’ look into the most common types of hackers, and discuss how they operate and what they target.