14,927
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + − + − + − + − + + + + + +
no edit summary
'''Cybersecurity''' is the practice of protecting systems, networks, and programs from digital attacks. Cyberattacks usually seek to access, change, or destroy sensitive information; extort money from their victims; or disrupt business as usual.<ref>[https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~types-of-threats What is Cybersecurity, Cisco]</ref> Implementing cybersecurity measures is challenging because it is a cat-and-mouse game, and today there are more devices than people.
'''Cybersecurity''' is the practice of protecting systems, networks, and programs from digital attacks. Cyberattacks usually seek to access, change, or destroy sensitive information; extort money from their victims; or disrupt business as usual.<ref>[https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~types-of-threats What is Cybersecurity, Cisco]</ref> Implementing cybersecurity measures is challenging because it is a cat-and-mouse game, and today there are more devices than people.
Ensuring the cybersecurity of computers, networks, programs, and data relies on multiple layers of protection involving the detection, investigation, and remediation of threats. Users need to understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. However, many questions remain over whether people can outsmart [[Social Engineering Attacks]]. Common technology used to protect endpoint devices, such as computers, smart devices, and routers; networks; and the cloud, include firewalls, DNS filtering, malware protection, antivirus software, and email security.
Ensuring the cybersecurity of computers, networks, programs, and data relies on multiple layers of protection involving the detection, investigation, and remediation of threats. Users need to understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. However, many questions remain over whether people can outsmart [[Social Engineering Attacks]]. Common technology used to protect endpoint devices (such as computers, smart devices, and routers), networks, and clouds include firewalls, DNS filtering, malware protection, antivirus software, and email security.
==History==
==History==
*Phone phreaking from the late 1950s through the early 1970s, which pre-dated the creation of ARPANET, marked the beginning of present-day hacking culture. Simple security tools, such as access controls and passwords, were implemented. Then came cryptographic applications, such as public-key cryptography, security verification, cryptographic protocols, and cryptographic hashing.<ref>[https://www.sciencedirect.com/science/article/pii/S0167404817302249?casa_token=deFBX0B2eLMAAAAA:FXPmbrKThtFL1_aSpVTABhyEzhWMiQhyk3wXhXfX5WOewf7FSM9gEHvkYN_TNgqVbn5kJw5pl7Q Hatfield, Joseph. 2018. "Social engineering in cybersecurity." ''Computers & Security'', 73:102-113]</ref>
*From the late 1950s through the 1970s, [[Phone Phreaking]] marked the beginning of present-day hacking culture; simple security tools, such as access controls and passwords, were implemented. Then came cryptographic applications, such as public-key cryptography, security verification, cryptographic protocols, and cryptographic hashing.<ref>[https://www.sciencedirect.com/science/article/pii/S0167404817302249?casa_token=deFBX0B2eLMAAAAA:FXPmbrKThtFL1_aSpVTABhyEzhWMiQhyk3wXhXfX5WOewf7FSM9gEHvkYN_TNgqVbn5kJw5pl7Q Hatfield, Joseph.2018. "Social engineering in cybersecurity." ''Computers & Security'', 73:102-113]</ref>
*The Massachusetts Institute of Technology was granted the first US patent for a cryptographic communication system in 1983.
*In 1983, the Massachusetts Institute of Technology was granted the first US patent for a cryptographic communication system.
*By 1990, [[Malware]], malware detection, antivirus techniques, buffer overflow attacks, intrusion detection, and firewalls were in play.<ref>P.J. & D.E. Denning. (2016)."Cybersecurity is harder than building bridges."
*By 1990, [[Malware]], malware detection, antivirus techniques, buffer overflow attacks, intrusion detection, and firewalls were in play.<ref>P.J. & D.E. Denning.2016."Cybersecurity is harder than building bridges."''Am Sci'', 104(3):1-6</ref>
Am Sci, 104(3):1-6</ref>
*By 2006, automated vigilance had become more-or-less the norm, leading Greiner to call [[Social Engineering Attacks]] "the highest form of hacking."<ref>L. Greiner.2006."
Hacking your network's weakest link – you" ''Netw Mag'', 12(1):9-12</ref>
*In the 2010s, cybersecurity went mainstream: most corporations had to say (if not do) something about client privacy and data security.<ref>[https://www.forbes.com/sites/forrester/2019/12/18/decade-retrospective-cybersecurity-from-2010-to-2019/?sh=60d1b05d4d51 Decade Retrospective, Cybersecurity, Forbes]</ref>
*In 2011, researchers at Lockheed Martin standardized cybersecurity jargon with the publication of their white paper, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains."<ref>[https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf Eric M. Hutchins, Michael J. Cloppert, & Rohan M. Amin.2011."Lockheed Martin Kill Chain.]</ref>
*In 2013, nonspecialists became more aware of nation-state cyberattacks with Mandiant's release of the [[APT1 Report]], which outlined how China was able to quickly steal intellectual property from US firms.
*In 2014, NIST released its first cybersecurity framework, which conceptualized how to identify, protect, detect, respond, and recover from attacks.<ref>[https://www.nist.gov/cyberframework Cyberframework, NIST]</ref>
==Government Involvement==
==Government Involvement==