Cybersecurity seems simple. We know that our information is out there. We know that organizations need to protect sensitive data. What's less clear is the razor-thin balance between making data available for the proper use—research and personalization we crave—while keeping threat actors at bay. This is the delicate, high-wire act of cybersecurity experts. Want to break into this field? Here's what you need to know.
What is cybersecurity?
Cybersecurity is the practice of protecting electronic assets and information and the defense of those assets in the face of attack.
The reality is that cybersecurity is an ever-evolving field. Organizations can't lock down data entirely because no one wants to return to the days of paper applications in healthcare or irrelevant spam ads. We want to support research, and we want companies to understand us. There's no point in collecting data if we don't see the benefits of our data in motion.
Keeping data in motion or ready for actionable insight creates vulnerabilities. Cybersecurity experts must understand how to unlock data for its intended use while also ensuring that it never falls into the hands of threat actors.
What subfields are part of cybersecurity?
Cybersecurity encompasses multiple components and subfields, such as:
- Application security
- Cloud security
- Data security
- Identity management
- Infrastructure security
- Database security
- Mobile security
- Network security
- Disaster recovery
Why is cybersecurity important now?
The Bureau of Labor Statistics expects the cybersecurity job field to grow much faster than the average industry over the next ten years. This growth rate is due to two factors:
- Our lives are online more than ever: With accounts connected, more cloud services, more connected home and office devices, one breach, and the entire thing opens up.
- Technology changes faster than ever: Today, these security structures are unbreakable. Tomorrow, hackers have a solution to that security fix.
Cybersecurity is more critical than ever because the playing field keeps changing. We want the convenience that connection affords us, and we want new solutions to make our lives easier.
The downside to this fast-moving pace is that cybersecurity threats evolve to meet security efforts. Hacks have become more sophisticated with cybercriminals changing tactics, leveraging cutting-edge tools, and exploiting disparate systems. Companies can't rely on antivirus software and firewalls alone because these don't cover all cyber attacks.
What are some examples of hacks?
Some common examples of hacks include:
- Phishing attacks
- Malware
- Distributed Denial of Service (DDoS)
- SQL Injection
- DNS Tunneling
- Social engineering
Businesses need cybersecurity because the cost of breaches, from data loss to regulatory fines, can number in the millions. Governments need cybersecurity because disruptions to local, state, or federal infrastructure can bring communities to a halt. And individuals need cybersecurity because connecting to the grid proves riskier each day.
Even small businesses must take precautionary measures even if they don't believe they have sensitive data. Some hacks aren't about obtaining credit card numbers or social security numbers. Some attacks fill in "columns," meaning hackers can link information about one account (like a password) to another (like a secondary email), making it easier to break into other accounts.
Recent cybersecurity attacks in the news
January 2021—Data management firm SocialArks suffered a hack that exposed more than 214 million users' information from social media sites Facebook, Instagram, and LinkedIn. The problem? A misconfigured database housing personally identifiable information.
February 2021—Kroger experiences a data breach in their human resources department, exposing thousands of user records containing sensitive data, such as social security numbers, phone numbers, home addresses, and health insurance information? The problem? A back door exposed through its third-party cloud provider.
May 2021—Colonial Pipeline suffered a ransomware attack that paralyzed the nation and ended in a paid ransom of 75 bitcoin (or anywhere from $2.3 million to $4.4 million depending on the timeline). The problem? A compromised VPN password.
How can cybersecurity save a company money?
Cybersecurity professionals will make an average of $103,590 per year, a costly figure considering that cybersecurity teams don't always act alone. However, spending big on cybersecurity talent can save companies big:
- The latest estimated cost of a data breach in the US is at an all-time high—$9.05 million, according to a Ponemon Institute report.
- These costs include the immediate cost of shut down and the long-term reputational cost of losing customers and clients, as well as fines issued from violations like GDPR.
- Plus, continued scrutiny from regulatory bodies plus overhauling damaged systems adds further stress on companies.
When companies are willing to invest in cybersecurity, they save time as well as money. According to the same report, it takes an average of 287 days to contain a security breach, meaning companies could pour resources into this issue for the majority of a year after discovery.
How can companies protect themselves against cybersecurity threats?
Companies can invest in cybersecurity experts who will perform risk assessments and design unique security solutions for that company's information systems. These systems include protections for new technologies like the Internet of Things (IoT) and all connected devices, including mobile devices.
Organizations will need new credential patterns to account for remote workers, and cybersecurity measures must protect on-premise, hybrid, and cloud systems. Plus, security systems must evolve to consider the role of AI and machine learning.
Get started in cybersecurity with edX
The edX platform offers several courses, professional certificates, and degrees in cybersecurity. Students can receive foundational training in information security and prevent unauthorized access to sensitive information and intellectual property. Companies will soon look to the next generation of information security professionals. edX can provide a pathway for job seekers who want to make their online lives more secure.
