Cybersecurity is the practice of defending computers, servers, mobile devices, electronic and operational systems, networks and data from cyber attacks. The term applies in a variety of contexts, from business to mobile computing and can be divided into the following categories: application security, network security, information assurance and security management, data security, and disaster recovery.
It’s important to realize that cybersecurity cannot be guaranteed, but a timely and appropriate reaction can so it’s important to be prepared for what-if scenarios. Also, cybersecurity is also not a problem to be solved – it’s an ongoing risk to be managed. Just like a person’s immune system, a reliable cybersecurity system is the ability to detect problems and sound the alarm, solve the problem, and then recover and remember.
In cybersecurity, it’s simply not a question of what could go wrong today but, rather, what if such things happen tomorrow. It’s also no longer a question of if a company will be attacked but more a question of when an attack is waged – and what that company is going to do about it.
The human immune system offers a helpful analogy for the new required approach. When a germ breaches the body’s natural barriers, the immune system mounts a three-step defense: Sound the alarm, solve the problem, then recover and remember.
The first defenders on the scene are the white blood cells, which constantly circulate throughout the body, much like police on patrol. Next, specialized white blood cells (lymphocytes) engage in a two- pronged attack, one directed at infected cells and the other at hostile microbes roaming through the blood. Finally, once the invaders and the compromised cells have been destroyed, the immune system’s soldiers return to their bases, leaving a smaller number of seasoned veterans to attack if the invader returns.
The effectiveness of a cybersecurity defense, like that of the immune system, depends largely on smart network surveillance, early warning indicators, multiple layers of defense, and learning from past events are all critical components of true cyber resilience. When things go wrong, whether in a major or minor way, the ability to quickly identify and respond to a problem will determine the company’s ultimate recovery.