What Is Cybersecurity? | Gartner (2023)

What does cybersecurity mean for your business?

Cybersecurity is a business problem that has been presented as such in boardrooms for years, and yet accountability still lies primarily with IT leaders.

In the 2022 Gartner Board of Directors Survey, 88% of board members classified cybersecurity as a business risk; just 12% called it a technology risk. Still, a 2021 survey showed that the CIO, the chief information security officer (CISO) or their equivalent were held accountable for cybersecurity at 85% of organizations.

Organizations have become far more vulnerable to cyberthreats because digital information and technology are now so heavily integrated into day-to-day work. But the attacks themselves, which target both information and critical infrastructure, are also becoming far more sophisticated.

Cyber-risk incidents can have operational, financial, reputational and strategic consequences for an organization, all of which come at significant costs. This has made existing measures less effective, and it means that most organizations need to up their cybersecurity game.

Cybersecurity Roadmap

What is the cybersecurity impact of Russia’s invasion of Ukraine?

The Russian invasion of Ukraine is marked by both military and destructive malware attacks. As the invasion expands, the threat of attacks to critical infrastructure — and the potential for fatal outages — grows. No business is immune.

Many organizations already face a range of lurking security failures, but now, it’s especially important to rely on threat intelligence tailored for your organization and to watch for guidance from your government contacts around how to prepare for attacks you may not be ready to handle.

As the C-suite strategizes its response to the Russian invasion of Ukraine, prioritize cybersecurity planning. Focus on what you can control. Make sure your incident response plans are current. Increase awareness and vigilance to detect and prevent potential increased threats, but be mindful of the added stress and pressure your organization is feeling. A human error due to these forces may have a greater impact on your organization than an actual cyber attack.

Incident Planning Must-Haves

What are the cybersecurity concerns for critical infrastructure?

Critical infrastructure sectors include energy production and transmission, water and wastewater, healthcare, and food and agriculture. In many countries, critical infrastructure is state-owned, while in others, like the U.S., private industry owns and operates a much larger portion of it.

Not only are each of these sectors critical to the appropriate functioning of modern societies, but they are also interdependent, and a cyberattack on one can have a direct impact on others. Attackers are increasingly choosing to deploy attacks on cyber-physical systems (CPS).

The risks were very real even before Russia invaded Ukraine. Attacks on organizations in critical infrastructure sectors rose from less than 10 in 2013 to almost 400 in 2020, a 3,900% increase. It’s not surprising, then, that governments worldwide are mandating more security controls for mission-critical CPS.

The Russian invasion of Ukraine increases the threat of cyberattacks for all organizations. You need to develop a holistic, coordinated CPS security strategy while also incorporating into governance emerging security directives for critical infrastructure. The U.S. “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems,” for example, is prioritizing the electricity and natural gas pipeline sectors, followed by the water/wastewater and chemical sectors.

The crux of the problem is that traditional network-centric, point-solution security tools are no longer sufficient to combat the speed and complexity of today’s cyberattacks. This is particularly the case as operational technology (OT), which connects, monitors and secures industrial operations (machines), continues to converge with the technology backbone that processes organization’s information technology (IT).

Conduct a complete inventory of OT/Internet of Things (IoT) security solutions in use within your organization. Also perform an evaluation of standalone or multifunction platform-based security options to further accelerate CPS security stack convergence.

CPS Security Vendors

(Video) Cyber Security In 7 Minutes | What Is Cyber Security: How It Works? | Cyber Security | Simplilearn

What is a cyberattack?

The most common and notable types of cybersecurity attacks include:

  • Phishing and social-engineering-based attacks.
    Attackers trick legitimate users with proper access credentials into taking action that opens the door for unauthorized users, allowing them to transfer information and data out (data exfiltration).
  • Internet-facing service risks (including cloud services).
    These threats relate to the failure of enterprises, partners and vendors to adequately secure cloud services or other internet-facing services (for example, configuration management failure) from known threats.
  • Password-related account compromises.
    Unauthorized users deploy software or other hacking techniques to identify common and reused passwords they can exploit to gain access to confidential systems, data or assets.
  • Misuse of information.
    Authorized users inadvertently or deliberately disseminate or otherwise misuse information or data to which they have legitimate access.
  • Network-related and man-in-the-middle attacks.
    Attackers may be able to eavesdrop on unsecured network traffic or redirect or interrupt traffic as a result of failure to encrypt messages within and outside an organization’s firewall.
  • Supply chain attacks.
    Partners, vendors or other third-party assets or systems (or code) become compromised, creating a vector to attack or exfiltrate information from enterprise systems.
  • Denial-of-service attacks (DoS).
    Attackers overwhelm enterprise systems and cause a temporary shutdown or slowdown. Distributed DoS (DDoS) attacks also flood systems, but by using a network of devices. (Also see “What is a DDos attack?”)
  • Ransomware.
    This malicious software infects an organization’s systems and restricts access to encrypted data or systems until a ransom is paid to the perpetrator. Some attackers threaten to release data if the ransom isn’t paid.

What is a DDoS attack?

Cyber attackers deploy DDoS attacks by using a network of devices to overwhelm enterprise systems. While this form of cyber attack is capable of shutting down service, most attacks are actually designed to cause disruption rather than interrupt service completely.

Thousands of DDoS attacks are now reported each day, and most are mitigated as a normal course of business with no special attention warranted. But cyber attackers are capable of increasing the scope of the attack — and DDoS attacks continue to rise in complexity, volume and frequency. This presents a growing threat to the network security of even the smallest enterprises.

DDos attacks also increasingly target applications directly. Successful and cost-effective defense against this type of threat therefore requires a multilayered approach:

  • Internal: defenses inside your network behind the firewall.
  • Edge: on-premises solutions (physical devices on or in front of the enterprise firewalls and edge routers)
  • External/cloud provider: outside the enterprise, such as internet service providers (ISPs)
  • People and process: include incident response and the mitigation playbook along with the skill sets needed to stop an attack

DDoS mitigation requires skills distinct from those required to defend against other types of cyberattacks, so most organizations will need to augment their capabilities with third-party solutions.

Security IT Innovations

What are cybersecurity controls and cyber defense?

A range of IT and information system control areas form the technical line of defense against cyberattacks. These include:

  • Network and perimeter security.
    A network perimeter demarcates the boundary between an organization’s intranet and the external or public-facing internet. Vulnerabilities create the risk that attackers can use the internet to attack resources connected to it.
  • Endpoint security.
    Endpoints are network-connected devices, such as laptops, mobile phones and servers. Endpoint security protects these assets and, by extension, data, information or assets connected to these assets from malicious actors or campaigns.
  • Application security.
    It protects data or code within applications, both cloud-based and traditional, before and after applications are deployed.
  • Data security.
    It comprises the processes and associated tools that protect sensitive information assets, either in transit or at rest. Data security methods include encryption, which ensures sensitive data is erased, and creating data backups.
  • Identity and access management (IAM).
    IAM enables the right individuals to access the right resources at the right times for the right reasons.
  • Zero trust architecture.
    It removes implicit trust (“This user is inside my security perimeter”) and replaces it with adaptive, explicit trust (“This user is authenticated with multifactor authentication from a corporate laptop with a functioning security suite”).

Technology controls aren’t the only line of defense against cyberattacks. Leading organizations critically examine their cyber-risk culture and relevant functions’ maturity to expand their cyber defense. This includes building employee awareness and secure behaviors.

(Video) What is Cybersecurity? | Cybersecurity in 2 Minutes | Cybersecurity Online Training | Edureka

What Is Cybersecurity? | Gartner (2)

Why does cybersecurity fail?

Simply put, cybersecurity fails because of a lack of adequate controls. No organization is 100% secure, and organizations cannot control threats or bad actors. Organizations only control priorities and investments in security readiness.

To decide where, when and how to invest in IT controls and cyber defense, benchmark your security capabilities — for people, process and technology — and identify gaps to fill and priorities to target.

Notably, the human element features heavily in cybersecurity risks. Cybercriminals have become experts at social engineering, and they use increasingly sophisticated techniques to trick employees into clicking on malicious links. Making sure employees have the information and know-how to better defend against these attacks is critical.

What is the future of cybersecurity?

The environment itself is evolving in several key ways:

  • Growing network, infrastructure and architectural complexity create a greater number and variety of connections that can be targets of cyberattacks.
  • Increasing sophistication of threats and poor threat sensing make it hard to keep track of the growing number of information security controls, requirements and threats.
  • Third-party vulnerabilities will persist as organizations continue to struggle to establish minimum but robust controls for third parties — especially as most vendors, in particular cloud vendors, are themselves relying on third parties (which become your fourth parties and so on).
  • Cybersecurity debt has grown to unprecedented levels as new digital initiatives, frequently based in the public cloud, are deployed before the security issues are addressed.
  • Cyber-physical systems are engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). Connecting the digital and physical worlds (as in smart buildings) presents a unique and growing area of vulnerability.

What Is Cybersecurity? | Gartner (4)

(Video) Cybersecurity in Just 1 Minute | What Is Cybersecurity? | Introduction to Cybersecurity

Who is responsible for managing cybersecurity?

Cybersecurity is interconnected with many other forms of enterprise risk, and the threats and technologies are evolving quickly. Given this, multiple stakeholders must work together to ensure the right level of security and guard against blind spots. But despite the growing view that cybersecurity is a business risk, accountability for cybersecurity still falls mostly on the shoulders of IT leaders.

A 2021 Gartner survey found that the CIO, CISO or their equivalent were held accountable for cybersecurity at 85% of organizations. Non-IT senior managers held accountability in only 10% of organizations surveyed, and only 12% of boards have a dedicated board-level cybersecurity committee.

To ensure adequate security, CIOs should work with their boards to ensure that responsibility, accountability and governance are shared by all stakeholders who make business decisions that affect enterprise security.

Evaluate the Security Team

What cybersecurity metrics do I need?

Most cybersecurity metrics used today are trailing indicators of factors the organization does not control (e.g., “How many times were we attacked last week?”). Instead, focus on metrics related to specific outcomes that prove your cybersecurity program is credible and defensible.

Gartner expects that by 2024, 80% of the magnitude of fines regulators impose after a cybersecurity breach will result from failures to prove the duty of due care was met, as opposed to the impact of the breach.

Gartner advocates the “CARE” model of outcome-driven metrics (ODMs):

Consistency

Consistency metrics assess whether controls are working consistently over time across an organization.

Adequacy

Adequacy metrics assess whether controls are satisfactory and acceptable in line with business needs.

Reasonableness

Reasonableness metrics assess whether the controls are appropriate, fair and moderate.

Effectiveness

Effectiveness metrics assess whether the controls are successful and/or efficient in producing a desired or intended outcome.

How much should I spend on cybersecurity?

The amount you spend on cybersecurity does not reflect your level of protection, nor does what others spend inform your level of protection compared to theirs.

Most monetary representations of risk and security readiness (i.e., “Is that a $5 million risk or a $50 million risk?”) are neither credible nor defensible, and, even when they are credible, they do not support daily decision making related to priorities and investments in security.

Use outcome-driven metrics to enable more effective governance over cybersecurity priorities and investments. ODMs don’t measure, report or influence investments by threat type; it is outside your control to align spending to address ransomware, attacks or hacking. Rather, align investments to the controls that address those threats.

(Video) What Is Cybersecurity: How It Works? |Cyber Security In 2 Minutes | Cyber Security | Simplilearn

For example, an organization cannot control whether it suffers a ransomware attack, but it can align investments to three critical controls: back up and restore, business continuity and phishing training. The ODMs of these three controls reflect how well the organization is protected against ransomware and what that level of protection costs — a business-based analysis that tells a compelling story for the board and other senior leaders.

Note that a control can be any combination of people, process and technology that you own, manage and deploy to create a level of protection for the organization. Take a cost optimization approach to evaluate the cost (investment), value (benefit) and the level of risk managed for each control. Generally, better protection (less risk) will be more expensive.

Cybersecurity IT Priorities

For executives and their teams

Latest Cybersecurity Insights

5 Security Questions Your Board Will Definitely Ask Read now
5 Must-Read Ransomware and Cybersecurity Articles Read Now
Ransomware Attacks: Prepare, Plan and Respond Watch Webinar
5 Security Questions Your Board Will Definitely Ask Read now

Cybersecurity Initiatives

Cybersecurity in Your Supply Chain Download Now
Treat Cybersecurity as a Business Decision Download Now
Roadmap for Information Security Program Download Now
Cybersecurity in Your Supply Chain Download Now

Resources for Cybersecurity Leaders

CISO Role as a Digital Business Leader Learn More
CIO Role in Digital Transformation Learn More
U.S. Executive Order on Cybersecurity: What Government Agencies Must Know and Do Watch Webinar
(Video) What is CyberSecurity?

FAQs

What is cyber security Short answer? ›

Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems.

What is cybersecurity in your own words? ›

Cyber security is the application of technologies, processes, and controls to protect systems, networks, programs, devices and data from cyber attacks. It aims to reduce the risk of cyber attacks and protect against the unauthorised exploitation of systems, networks, and technologies.

What is cybersecurity why do we need it? ›

According to the Cyber Security & Infrastructure Security Agency (CISA), "Cyber security is the art of protecting networks, devices and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity and availability of information."

What does cybersecurity mean to you essay? ›

Cybersecurity means protecting data, networks, programs and other information from unauthorized or unattended access, destruction or change. In today's world, cybersecurity is very important because of some security threats and cyber-attacks. For data protection, many companies develop software.

What is cyber security and how it works? ›

Cyber security can be described as the collective methods, technologies, and processes to help protect the confidentiality, integrity, and availability of computer systems, networks and data, against cyber-attacks or unauthorized access.

What are the 5 types of cyber security? ›

The Different Types of Cybersecurity
  • Network Security. Most attacks occur over the network, and network security solutions are designed to identify and block these attacks. ...
  • Cloud Security. ...
  • Endpoint Security. ...
  • Mobile Security. ...
  • IoT Security. ...
  • Application Security. ...
  • Zero Trust.

What is the main goal of cyber security? ›

The goal of cybersecurity is to ensure a risk-free and secure environment for keeping the data, network and devices guarded against cyber threats.

What are the main objectives of cybersecurity? ›

The ultimate and the main goal of cyber security is to prevent information from being stolen or compromised. To do so, we'll look at three key cybersecurity objectives. The CIA triad- confidentiality, integrity, and availability is the foundation of all security programs.

Who needs cyber security the most? ›

Although it is necessary for ALL businesses to instill a sense of value around cyber security, there are 6 institutions that are believed to need it the most. Namely; healthcare, small businesses, government agencies, manufacturing, financial institutions, education and energy and utility institutions.

What is the conclusion of cyber security? ›

Conclusion. Cyber security is one of the most important aspects of the fast-paced growing digital world. The threats of it are hard to deny, so it is crucial to learn how to defend from them and teach others how to do it too.

How do I write a personal statement for cyber security? ›

Confidence, accountability and effective communication would take me to my professional goals. Apart from being a good employee, I wish to be a responsible cybersecurity leader. The advanced program in cybersecurity that your university offers would largely help me realize these goals.

How does cybersecurity impact the world? ›

Cybersecurity protect sensitive data, like customer information and trade secrets against unauthorised access and comprise. Implementing a cybersecurity program is also a mandatory requirement of many regulations and data privacy laws.

What is cyber security introduction? ›

What is Cyber Security? Cyber Security is a process that's designed to protect networks and devices from external threats. Businesses typically employ Cyber Security professionals to protect their confidential information, maintain employee productivity, and enhance customer confidence in products and services.

What makes cybersecurity difficult? ›

Some factors that make cyber security hard to learn are: Large numbers of tools. Since there are so many potential attacks, a cyber security professional must be familiar with various complex cybersecurity tools, technical skills, and software.

Is cyber security easy? ›

No, cybersecurity isn't hard. Although there may be difficult concepts, like cryptography or areas that require more technical knowledge, cybersecurity is one of the few fields in the tech world that doesn't require a strong technical background.

What are the three elements of cyber security? ›

The CIA triad refers to an information security model made up of the three main components: confidentiality, integrity and availability. Each component represents a fundamental objective of information security.

What is cyber security kids? ›

What is cyber security? Cyber security is the way through which individuals can protect their privacy and reduce their risk of being affected by cybercrime. It can also help to protect devices and services accessed online from theft or damage.

What is cyber security introduction? ›

What is Cyber Security? Cyber Security is a process that's designed to protect networks and devices from external threats. Businesses typically employ Cyber Security professionals to protect their confidential information, maintain employee productivity, and enhance customer confidence in products and services.

Is cyber security easy? ›

No, cybersecurity isn't hard. Although there may be difficult concepts, like cryptography or areas that require more technical knowledge, cybersecurity is one of the few fields in the tech world that doesn't require a strong technical background.

What is type of cyber security? ›

Application security. Network security. Cloud security. Internet of Things (IoT) security.

How does cybersecurity affect us? ›

Cyberattacks are malicious attempts to access or damage a computer or network system. Cyberattacks can lead to the loss of money or the theft of personal, financial and medical information. These attacks can damage your reputation and safety.

Is the internet safe? ›

The Internet can be wonderful for kids. They can use it to research school reports, communicate with teachers and other kids, and play interactive games. But online access also comes with risks, like inappropriate content, cyberbullying, and online predators.

How do you teach students about cyber security? ›

Teaching Cybersecurity Education at Home
  1. Use the internet to find cybersecurity resources. ...
  2. Keep your data to yourself. ...
  3. Introduce your kids to a password manager and help them create their vault. ...
  4. Monitor engagement on social platforms. ...
  5. Establish household best practices for online security.
27 Jul 2022

What are the main objectives of cyber security? ›

Summary. To summarise, the primary goal of cybersecurity is to ensure the privacy of information, the correctness of data, and access to authorized users. This brings us to focus on the 3 crucial aspects of security which are confidentiality, integrity, and availability of data collectively known as the CIA Triad.

Why is cybersecurity so hard? ›

Some factors that make cyber security hard to learn are: Large numbers of tools. Since there are so many potential attacks, a cyber security professional must be familiar with various complex cybersecurity tools, technical skills, and software.

Is cybersecurity a lot of math? ›

Does cybersecurity involve math? The short answer is yes. Cybersecurity is a technical field in computer science, and potential job seekers will need strong analytical skills. It isn't a math-intensive field—not like astrophysics or engineering—but it requires comfort using certain math types.

What skills do you need for cyber security? ›

10 cybersecurity technical skills
  • Scripting. Scripting is a type of coding in which you make a program do something. ...
  • Controls and frameworks. ...
  • Intrusion detection. ...
  • Network security control. ...
  • Operating systems. ...
  • Incident response. ...
  • Cloud. ...
  • DevOps.
13 Jul 2022

What is security risk? ›

Definition of security risk

1 : someone who could damage an organization by giving information to an enemy or competitor. 2 : someone or something that is a risk to safety Any package left unattended will be deemed a security risk.

What are security tools? ›

Security Tools are all information used to verify Client when implementing transactions, including but not limited to user name, password, registered telephone number, online code, OTP, and other types of information as prescribed for each trading mode.

Videos

1. Introduction To Cyber Security | Cyber Security Training For Beginners | CyberSecurity | Simplilearn
(Simplilearn)
2. What is Cybersecurity? | Cybersecurity Explained in 2 Minutes For BEGINNERS.
(Zero To Mastery)
3. Cybersecurity 101
(NOVA PBS Official)
4. Gartner - What is Gartner - en-US
(senhasegura)
5. An Introduction to Cybersecurity Careers
(Infosec)
6. Cyber Security Career - Salary, Jobs And Skills | Cyber Security Career Roadmap | Simplilearn
(Simplilearn)
Top Articles
Latest Posts
Article information

Author: Neely Ledner

Last Updated: 12/24/2022

Views: 5825

Rating: 4.1 / 5 (42 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Neely Ledner

Birthday: 1998-06-09

Address: 443 Barrows Terrace, New Jodyberg, CO 57462-5329

Phone: +2433516856029

Job: Central Legal Facilitator

Hobby: Backpacking, Jogging, Magic, Driving, Macrame, Embroidery, Foraging

Introduction: My name is Neely Ledner, I am a bright, determined, beautiful, adventurous, adventurous, spotless, calm person who loves writing and wants to share my knowledge and understanding with you.