Cybersecurity: Definition, Prevent and respond (Beginners)

 

1  1-    Definition 

Cybersecurity refers to all activities aimed at protecting data and all "information systems" against threats from cyberspace, which could compromise their availability, integrity or confidentiality.

Availability

Availability is the ability to access data or service at the desired time. It can be, for example, compromised by destruction (deletion of data), encryption (information becomes unreadable unless have the decryption key) or by interrupting of a service. A computer can become inaccessible if software encrypts all the data it contains.

Integrity

Integrity is the property that ensures that data is accurate, complete and have not been altered. Integrity can be compromised by changing the contents of a file. Like what the integrity of student grades on a digital workspace is compromised if their grades are changed by someone not having the right to do so.

Confidentiality

Confidentiality is the guarantee that data, services or any other goods are only accessible to authorised persons. Confidentiality is compromised when an unauthorized person accesses data or any other property without having the right to do so. For example, if a person manages to open a phone mobile and access the information contained in it.

2 2-  Prevent and respond 

Cybersecurity covers two main dimensions.

Prevention

Prevention corresponds to all the measures that make it possible to strengthen the security of an information system to enable it to Resist attacks that could threaten data and services to which it allows access.

Prevention mainly involves :

-         The implementation of security measures adapted in particular to the technical level, such as regularly backing up data in a separate, secure environment or end-to-end encryption of conversations via messaging.

-         Raising awareness of risks and good practices computer security to prevent errors or facilitate the work of attackers, for example, by displaying their PIN code on the back of their phone.

-         To go further, the in-depth analysis of the risks for a system or for an organization that identifies additional security measures to enhance their safety.

The reaction

The reaction corresponds to all the means and activities to detect and respond to cyberattacks in sight to stop them and return to a normal mode of operation.

The response to cyberattacks includes:

• -         Detection of cyberattacks.
• -         Incident response, through the mobilization of teams (CSIRTs).
• -         Managing a cyber crisis within an organization.
• -         The reconstruction of infected information systems.
• -         The fight against cybercriminals.