What is cyber security | Cyber security

Three basic cyber security defence approaches

Security technology

Technology is a crucial element in keeping a business protected from cyber attacks. There are mainly three entities that must be protected: the cloud, endpoint devices (computers, routers, and smart devices), and networks. Some common technology used to protect such entities includes malware protection, email security solutions, firewalls, antivirus software, and DNS filtering.

Processes and frameworks

Organisations also need to have a framework for how they deal with cyber attacks. This works as guidelines for how to identify and avoid attacks. And also for how to protect the company systems, detect and respond to threats, and recover from successful attacks.

Informed people and strong security culture within the organisation

The organisation needs to have informed employees who understand the cyber security risks and threats the organisation is faced with. Just as important, is that the employees also comply with the security frameworks and principles within the organisation. This includes creating strong passwords and notifying the security team when receiving suspicious emails, or other forms of communication.

What are the different types of cyber security?

The term cyber security can be applied to a variety of contexts, and can therefore be divided into some common categories:

Cloud security

Cloud security refers to a broad set of technologies, policies, procedures, and controls. These work together to protect cloud-based systems, data, applications, and the infrastructure of cloud computing.

The security measures are in place to protect the cloud data, support regulatory compliance, and protect the privacy of the users. They also set the authentication rules for individual users and devices.

As more and more organisations and individuals are using cloud computing service providers such as Google Cloud Platform, Amazon Web Services (AWS), and Microsoft Azure, the requirement for security also increases. The implementation of cloud security processes should, in most cases, be a shared responsibility between the cloud solution provider and the business owner.

Disaster recovery and business continuity planning (DR&BC)

When it comes to cyber security, organisations must have the technology and frameworks in place to minimise the chance of cyber attacks. However, it is just as important that they have plans for how to act during a disaster, and after a disaster.

Disaster recovery (DR) and business continuity planning (BC) refers to the processes, plans, monitoring and alerts that help organisations prepare for attacks. It also refers to how to keep business-critical systems online, and up and running during and after any kind of disaster. Additionally, it helps organisations resume lost systems and operations after a cyber incident.

In other words, a disaster recovery plan guides an organisation on how to respond to a disaster. A business continuity plan tells an organisation how they can continue to operate throughout and after a disaster.