What is cybersecurity?

Learn about cybersecurity and how to defend your people, data, and applications against today’s growing number of cybersecurity threats.

What is cybersecurity.

Cybersecurity defined

Cybersecurity is a set of processes, best practices, and technology solutions that help protect your critical systems and network from digital attacks. As data has proliferated and more people work and connect from anywhere, bad actors have responded by developing sophisticated methods for gaining access to your resources and stealing data, sabotaging your business, or extorting money. Every year the number of attacks increases, and adversaries develop new methods of evading detection. An effective cybersecurity program includes people, processes, and technology solutions that together reduce the risk of business disruption, financial loss, and reputational damage from an attack.

Types of cybersecurity threats

A cybersecurity threat is a deliberate attempt to gain access to an individual or organization’s system. Bad actors continuously evolve their attack methods to evade detection and exploit new vulnerabilities, but they rely on some common methods that you can prepare for.

  • Malware

    Malware is a catchall term for any malicious software, including worms, ransomware, spyware, and viruses. It is designed to cause harm to computers or networks by altering or deleting files, extracting sensitive data like passwords and account numbers, or sending malicious emails or traffic. Malware may be installed by an attacker who gains access to the network, but often, individuals unwittingly deploy malware on their devices or company network after clicking on a bad link or downloading an infected attachment.

  • Ransomware

    Ransomware is a form of extortion that uses malware to encrypt files, making them inaccessible. Attackers often extract data during a ransomware attack and may threaten to publish it if they don’t receive payment. In exchange for a decryption key, victims must pay a ransom, typically in cryptocurrency. Not all decryption keys work, so payment does not guarantee that the files will be recovered.

  • Social engineering

    In social engineering, attackers take advantage of people’s trust to dupe them into handing over account information or downloading malware. In these attacks, bad actors masquerade as a known brand, coworker, or friend and use psychological techniques such as creating a sense of urgency to get people to do what they want.

  • Phishing

    Phishing is a type of social engineering that uses emails, text messages, or voice mails that appear to be from a reputable source to convince people to give up sensitive information or click on an unfamiliar link. Some phishing campaigns are sent to a huge number of people in the hope that one person will click. Other campaigns, called spear phishing, are more targeted and focus on a single person. For example, an adversary might pretend to be a job seeker to trick a recruiter into downloading an infected resume.

  • Insider threats

    In an insider threat, people who already have access to some systems, such as employees, contractors, or customers, cause a security breach or financial loss. In some cases, this harm is unintentional, such as when an employee accidentally posts sensitive information to a personal cloud account. But some insiders act maliciously.

  • Advanced persistent threat

    In an advanced persistent threat, attackers gain access to systems but remain undetected over an extended period of time. Adversaries research the target company’s systems and steal data without triggering any defensive countermeasures.

  • Why is cybersecurity important?

    Today’s world is more connected than ever before. The global economy depends on people communicating across time zones and accessing important information from anywhere. Cybersecurity enables productivity and innovation by giving people the confidence to work and socialize online. The right solutions and processes allow businesses and governments to take advantage of technology to improve how they communicate and deliver services without increasing the risk of attack.

Cybersecurity best practices

Adopt a Zero Trust security strategy

With more organizations adopting hybrid work models that give employees the flexibility to work in the office and remotely, a new security model is needed that protects people, devices, apps, and data no matter where they’re located. A Zero Trust framework starts with the principle that you can no longer trust an access request, even if it comes from inside the network. To mitigate your risk, assume you’ve been breached and explicitly verify all access requests. Employ least privilege access to give people access only to the resources they need and nothing more.

Conduct regular cybersecurity training

Cybersecurity is not just the responsibility of security professionals. Today, people use work and personal devices interchangeably, and many cyberattacks start with a phishing email directed at an employee. Even large, well-resourced companies are falling prey to social engineering campaigns. Confronting cybercriminals requires that everyone works together to make the online world safer. Teach your team how to safeguard their personal devices and help them recognize and stop attacks with regular training. Monitor effectiveness of your program with phishing simulations.

Institute cybersecurity processes

To reduce your risk from cyberattacks, develop processes that help you prevent, detect, and respond to an attack. Regularly patch software and hardware to reduce vulnerabilities and provide clear guidelines to your team, so they know what steps to take if you are attacked.

You don’t have to create your process from scratch. Get guidance from cybersecurity frameworks such as the International Organization for Standardization (SOC) 2700 or the National Institute of Standards and Technology (NIST).

Invest in comprehensive solutions

Technology solutions that help address security issues improve every year. Many cybersecurity solutions use AI and automation to detect and stop attacks automatically without human intervention. Other technology helps you make sense of what’s going on in your environment with analytics and insights. Get a holistic view into your environment and eliminate gaps in coverage with comprehensive cybersecurity solutions that work together and with your ecosystem to safeguard your identities, endpoints, apps, and clouds.

Cybersecurity solutions

Defend your identities, data, clouds, and apps with comprehensive solutions that work together and across environments.

Protect it all with Microsoft Security

Frequently asked questions

|

As you build your own program, get guidance from cybersecurity frameworks such as the International Organization for Standardization (SOC) 2700 or the National Institute of Standards and Technology (NIST). Many organizations, including Microsoft, are instituting a Zero Trust security strategy to help protect remote and hybrid workforces that need to securely access company resources from anywhere.

Cybersecurity management is a combination of tools, processes, and people. Start by identifying your assets and risks, then create the processes for eliminating or mitigating cybersecurity threats. Develop a plan that guides teams in how to respond if you are breached. Use a solution like Microsoft Secure Score to monitor your goals and assess your security posture.

Cybersecurity provides a foundation for productivity and innovation. The right solutions support the way people work today, allowing them to easily access resources and connect with each other from anywhere without increasing the risk of attack.

Cyber hygiene is a set of routines that reduce your risk of attack. It includes principles, like least privilege access and multifactor authentication, that make it harder for unauthorized people to gain access. It also includes regular practices, such as patching software and backing up data, that reduce system vulnerabilities.

Cybersecurity is a set of processes, best practices, and technology solutions that help protect your critical systems and data from unauthorized access. An effective program reduces the risk of business disruption from an attack.