What is cybersecurity?
Learn about cybersecurity and how to defend your people, data, and applications against today’s growing number of cybersecurity threats.
Types of cybersecurity threats
A cybersecurity threat is a deliberate attempt to gain access to an individual or organization’s system. Bad actors continuously evolve their attack methods to evade detection and exploit new vulnerabilities, but they rely on some common methods that you can prepare for.
Malware is a catchall term for any malicious software, including worms, ransomware, spyware, and viruses. It is designed to cause harm to computers or networks by altering or deleting files, extracting sensitive data like passwords and account numbers, or sending malicious emails or traffic. Malware may be installed by an attacker who gains access to the network, but often, individuals unwittingly deploy malware on their devices or company network after clicking on a bad link or downloading an infected attachment.
Ransomware is a form of extortion that uses malware to encrypt files, making them inaccessible. Attackers often extract data during a ransomware attack and may threaten to publish it if they don’t receive payment. In exchange for a decryption key, victims must pay a ransom, typically in cryptocurrency. Not all decryption keys work, so payment does not guarantee that the files will be recovered.
In social engineering, attackers take advantage of people’s trust to dupe them into handing over account information or downloading malware. In these attacks, bad actors masquerade as a known brand, coworker, or friend and use psychological techniques such as creating a sense of urgency to get people to do what they want.
Phishing is a type of social engineering that uses emails, text messages, or voice mails that appear to be from a reputable source to convince people to give up sensitive information or click on an unfamiliar link. Some phishing campaigns are sent to a huge number of people in the hope that one person will click. Other campaigns, called spear phishing, are more targeted and focus on a single person. For example, an adversary might pretend to be a job seeker to trick a recruiter into downloading an infected resume.
In an insider threat, people who already have access to some systems, such as employees, contractors, or customers, cause a security breach or financial loss. In some cases, this harm is unintentional, such as when an employee accidentally posts sensitive information to a personal cloud account. But some insiders act maliciously.
Advanced persistent threat
In an advanced persistent threat, attackers gain access to systems but remain undetected over an extended period of time. Adversaries research the target company’s systems and steal data without triggering any defensive countermeasures.
Why is cybersecurity important?
Today’s world is more connected than ever before. The global economy depends on people communicating across time zones and accessing important information from anywhere. Cybersecurity enables productivity and innovation by giving people the confidence to work and socialize online. The right solutions and processes allow businesses and governments to take advantage of technology to improve how they communicate and deliver services without increasing the risk of attack.
Cybersecurity best practices
Adopt a Zero Trust security strategy
With more organizations adopting hybrid work models that give employees the flexibility to work in the office and remotely, a new security model is needed that protects people, devices, apps, and data no matter where they’re located. A Zero Trust framework starts with the principle that you can no longer trust an access request, even if it comes from inside the network. To mitigate your risk, assume you’ve been breached and explicitly verify all access requests. Employ least privilege access to give people access only to the resources they need and nothing more.
Conduct regular cybersecurity training
Cybersecurity is not just the responsibility of security professionals. Today, people use work and personal devices interchangeably, and many cyberattacks start with a phishing email directed at an employee. Even large, well-resourced companies are falling prey to social engineering campaigns. Confronting cybercriminals requires that everyone works together to make the online world safer. Teach your team how to safeguard their personal devices and help them recognize and stop attacks with regular training. Monitor effectiveness of your program with phishing simulations.
Institute cybersecurity processes
To reduce your risk from cyberattacks, develop processes that help you prevent, detect, and respond to an attack. Regularly patch software and hardware to reduce vulnerabilities and provide clear guidelines to your team, so they know what steps to take if you are attacked.
You don’t have to create your process from scratch. Get guidance from cybersecurity frameworks such as the International Organization for Standardization (SOC) 2700 or the National Institute of Standards and Technology (NIST).
Invest in comprehensive solutions
Technology solutions that help address security issues improve every year. Many cybersecurity solutions use AI and automation to detect and stop attacks automatically without human intervention. Other technology helps you make sense of what’s going on in your environment with analytics and insights. Get a holistic view into your environment and eliminate gaps in coverage with comprehensive cybersecurity solutions that work together and with your ecosystem to safeguard your identities, endpoints, apps, and clouds.
Defend your identities, data, clouds, and apps with comprehensive solutions that work together and across environments.
Safeguard your identities
Protect access to your resources with a complete identity and access management solution that connects your people to all their apps and devices. A good identity and access management solution helps ensure that people only have access to the data that they need and only as long as they need it. Capabilities like multifactor authentication help prevent a compromised account from gaining access to your network and apps.
Detect and stop threats
Stay ahead of threats and automate your response with security information and event management (SIEM) and extended detection and response (XDR). A SIEM solution stitches together analytics from across all your security solutions to give you a holistic view into your environment. XDR protects your apps, identities, endpoints, and clouds, helping you eliminate coverage gaps.
Protect your data
Identify and manage sensitive data across your clouds, apps, and endpoints with information protection solutions that. Use these solutions to help you identify and classify sensitive information across your entire company, monitor access to this data, encrypt certain files, or block access if necessary.
Get cloud protection
Control access to cloud apps and resources and defend against evolving cybersecurity threats with cloud security. As more resources and services are hosted in the cloud, it’s important to make it easy for employees to get what they need without compromising security. A good cloud security solution will help you monitor and stop threats across a multicloud environment.
Protect it all with Microsoft Security
Azure Active Directory
Provide secure adaptive access, a seamless user experience, and simplified governance with a complete identity and access management solution.
Get a bird’s-eye view across the enterprise with a cloud-based SIEM and unparalleled AI.
Microsoft 365 Defender
Prevent and detect attacks across your identities, endpoints, and apps with automation and AI.
Microsoft Defender for Cloud
Protect your multicloud and hybrid cloud workloads with built-in XDR capabilities.
Microsoft Defender for Cloud Apps
Get deep visibility and control of cloud apps with a leading cloud access security broker.
Microsoft Defender for Endpoint
Discover and defend Windows, macOS, Linux, Android, iOS, and network devices against sophisticated threats.
Microsoft Defender for Identity
Protect on-premise identities and help detect suspicious activity with cloud intelligence.
Microsoft Defender for IoT
Get full visibility and continuous threat monitoring of your IoT infrastructure.
As you build your own program, get guidance from cybersecurity frameworks such as the International Organization for Standardization (SOC) 2700 or the National Institute of Standards and Technology (NIST). Many organizations, including Microsoft, are instituting a Zero Trust security strategy to help protect remote and hybrid workforces that need to securely access company resources from anywhere.
Cybersecurity management is a combination of tools, processes, and people. Start by identifying your assets and risks, then create the processes for eliminating or mitigating cybersecurity threats. Develop a plan that guides teams in how to respond if you are breached. Use a solution like Microsoft Secure Score to monitor your goals and assess your security posture.
Cybersecurity provides a foundation for productivity and innovation. The right solutions support the way people work today, allowing them to easily access resources and connect with each other from anywhere without increasing the risk of attack.
Cyber hygiene is a set of routines that reduce your risk of attack. It includes principles, like least privilege access and multifactor authentication, that make it harder for unauthorized people to gain access. It also includes regular practices, such as patching software and backing up data, that reduce system vulnerabilities.
Cybersecurity is a set of processes, best practices, and technology solutions that help protect your critical systems and data from unauthorized access. An effective program reduces the risk of business disruption from an attack.