14,927
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + − + − + − + − + − +
no edit summary
'''Cybersecurity''' is the practice of protecting systems, networks, and programs from digital attacks. Cyberattacks usually seek to access, change, or destroy sensitive information; extort money from their victims; or disrupt business as usual.<ref>[https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~types-of-threats What is Cybersecurity, Cisco]</ref> Implementing cybersecurity measures is challenging because it is a cat-and-mouse game, and today there are more devices than people.
'''Cybersecurity''' is the practice of protecting systems, networks, and programs from digital attacks. Cyberattacks usually seek to access, change, or destroy sensitive information; extort money from their victims; or disrupt business as usual.<ref>[https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~types-of-threats What is Cybersecurity, Cisco]</ref> Implementing cybersecurity measures is challenging because it is a cat-and-mouse game, and today there are more devices than people.
Ensuring the cybersecurity of computers, networks, programs, and data relies on multiple layers of protection involving the detection, investigation, and remediation of threats. Users need to understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. However, many questions remain over whether people can outsmart [[Social Engineering Attacks]]. Common technology used to protect endpoint devices, such as computers, smart devices, and routers; networks; and the cloud, include firewalls, DNS filtering, malware protection, antivirus software, and email security.
Ensuring the cybersecurity of computers, networks, programs, and data relies on multiple layers of protection involving the detection, investigation, and remediation of threats. Users need to understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. However, many questions remain over whether people can outsmart [[Social Engineering Attacks]]. Common technology used to protect endpoint devices (such as computers, smart devices, and routers), networks, and clouds include firewalls, DNS filtering, malware protection, antivirus software, and email security.
==History==
==History==
*From the late 1950s through the 1970s, [[Phone Phreaking]] marked the beginning of present-day hacking culture; simple security tools, such as access controls and passwords, were implemented. Then came cryptographic applications, such as public-key cryptography, security verification, cryptographic protocols, and cryptographic hashing.<ref>[https://www.sciencedirect.com/science/article/pii/S0167404817302249?casa_token=deFBX0B2eLMAAAAA:FXPmbrKThtFL1_aSpVTABhyEzhWMiQhyk3wXhXfX5WOewf7FSM9gEHvkYN_TNgqVbn5kJw5pl7Q Hatfield, Joseph.2018. "Social engineering in cybersecurity." ''Computers & Security'', 73:102-113]</ref>
*From the late 1950s through the 1970s, [[Phone Phreaking]] marked the beginning of present-day hacking culture; simple security tools, such as access controls and passwords, were implemented. Then came cryptographic applications, such as public-key cryptography, security verification, cryptographic protocols, and cryptographic hashing.<ref>[https://www.sciencedirect.com/science/article/pii/S0167404817302249?casa_token=deFBX0B2eLMAAAAA:FXPmbrKThtFL1_aSpVTABhyEzhWMiQhyk3wXhXfX5WOewf7FSM9gEHvkYN_TNgqVbn5kJw5pl7Q Hatfield, Joseph.2018. "Social engineering in cybersecurity." ''Computers & Security'', 73:102-113]</ref>
*In 1983, the Massachusetts Institute of Technology was granted the first US patent for a cryptographic communication system.
*In 1983, the Massachusetts Institute of Technology was granted the first US patent for a cryptographic communication system.
*By 1990, [[Malware]], malware detection, antivirus techniques, buffer overflow attacks, intrusion detection, and firewalls were in play.<ref>P.J. & D.E. Denning.2016."Cybersecurity is harder than building bridges."Am Sci, 104(3):1-6</ref>
*By 1990, [[Malware]], malware detection, antivirus techniques, buffer overflow attacks, intrusion detection, and firewalls were in play.<ref>P.J. & D.E. Denning.2016."Cybersecurity is harder than building bridges."''Am Sci'', 104(3):1-6</ref>
*By 2006, automated vigilance had become more-or-less the norm, leading Greiner to call [[Social Engineering Attacks]] "the highest form of hacking."<ref>L. Greiner.2006."
*By 2006, automated vigilance had become more-or-less the norm, leading Greiner to call [[Social Engineering Attacks]] "the highest form of hacking."<ref>L. Greiner.2006."
Hacking your network's weakest link – you" Netw Mag, 12(1):9-12</ref>
Hacking your network's weakest link – you" ''Netw Mag'', 12(1):9-12</ref>
*In the 2010s, cybersecurity went mainstream: most corporations had to say (if not do) something about client privacy and data security.<ref>[https://www.forbes.com/sites/forrester/2019/12/18/decade-retrospective-cybersecurity-from-2010-to-2019/?sh=60d1b05d4d51 Decade Retrospective, Cybersecurity, Forbes]</ref>
*In the 2010s, cybersecurity went mainstream: most corporations had to say (if not do) something about client privacy and data security.<ref>[https://www.forbes.com/sites/forrester/2019/12/18/decade-retrospective-cybersecurity-from-2010-to-2019/?sh=60d1b05d4d51 Decade Retrospective, Cybersecurity, Forbes]</ref>
*In 2011, researchers at Lockheed Martin standardize cybersecurity jargon with the publication of their white paper, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains."<ref>[https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf Eric M. Hutchins, Michael J. Cloppert, & Rohan M. Amin.2011."Lockheed Martin Kill Chain.]</ref>
*In 2011, researchers at Lockheed Martin standardized cybersecurity jargon with the publication of their white paper, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains."<ref>[https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf Eric M. Hutchins, Michael J. Cloppert, & Rohan M. Amin.2011."Lockheed Martin Kill Chain.]</ref>
*In 2013, Mandiant releases the [[APT1 Report]], which outlined how China was able to quickly steal intellectual property from US firms.
*In 2013, nonspecialists became more aware of nation-state cyberattacks with Mandiant's release of the [[APT1 Report]], which outlined how China was able to quickly steal intellectual property from US firms.
*In 2014, NIST releases its first cybersecurity framework, which conceptualized how to identify, protect, detect, respond, and recover from attacks.<ref>[https://www.nist.gov/cyberframework Cyberframework, NIST]</ref>
*In 2014, NIST released its first cybersecurity framework, which conceptualized how to identify, protect, detect, respond, and recover from attacks.<ref>[https://www.nist.gov/cyberframework Cyberframework, NIST]</ref>
==Government Involvement==
==Government Involvement==