Cyber security is the safeguarding of computers, servers, mobile devices, electronic systems and networks from attack, illegal access, theft, misuse and misappropriation. It encompasses the use of anti-virus software, firewalls, encryption, secure Wi-Fi and strong passwords. It also includes training end-users to delete suspicious emails, not plug unidentified USB drives into their computer and other useful security practices.
Cyber-attackers range from thrill seekers to well resourced state-sponsored attackers. Typical motivations include financial gain, disruption, espionage or political activism. The proliferation of internet-enabled products and services such as smart cars, smart cities, medical-device apps and even wearable fitness trackers makes them increasingly attractive targets to cybercriminals.
A cyber security breach can be devastating to any business and can have wider repercussions than just the loss of customer data. For example, a successful attack on the IT infrastructure of an airline could cause air traffic control outages or even loss of lives. Such attacks are called cyber-kinetic attacks, and the US government has established a task force to respond to them.
Companies should strive to develop and implement technologies that make attacking their data or systems inherently more difficult for attackers. One approach is known as security by design, where the design of a system considers the security requirements right from the start. Another is to employ microkernel operating systems that run the most privileged code at the lowest level of privilege and use less privileged user space to host other components of the OS such as device drivers and protocol stacks. Encrypting data at rest and in transit can also be effective, as can cryptographic authentication techniques such as theorem proving to verify that algorithms meet their specifications. SOCaaS