Lecture 1. Introductory lecture

Cybersecurity
Main
Cybersecurity is a set of technologies, processes and practices designed to protect networks, devices, applications and data from attack, damage or unauthorised access. Cybersecurity may also be referred to as information technology security.
The importance of cybersecurity.
Cybersecurity is important as government, military, corporate, financial and healthcare organisations collect, process and store unprecedented amounts of data on computers and other devices. Much of this data may be confidential information - intellectual property, financial data, personal data or other types of data that could be damaged if unauthorised access is granted. In the course of doing business, organisations transmit sensitive data over networks and to other devices, and cybersecurity describes the discipline of protecting this information and the systems used to process or store it. As the volume and sophistication of cyber attacks grows, companies and organisations, especially those tasked with protecting national security, healthcare or financial records, need to take steps to protect their sensitive business and personnel information. As early as March 2013, the country's intelligence chiefs warned that cyberattacks and digital espionage were the biggest threat to national security, eclipsing even terrorism.
Types of cyber threats.
The most common types of cyber threats include:
• Hacking
• Social engineering
• Attacks on physical security
• Viruses and malicious software (malware)
• Ransomware attacks
Cybersecurity challenges.
Cybersecurity is constantly facing challenges such as hackers, data loss, privacy, risk management and changing cybersecurity strategies. The number of cyberattacks is not expected to decrease in the near future. Moreover, the increase in attack entry points, for example with the emergence of the Internet of Things (IoT), and the growing attack surface, increase the need to protect networks and devices.
Key challenges that need to be continuously addressed include the evolution of threats, data flow, cybersecurity training, labour shortages and skills gaps, and supply chain and third-party risks.




Evolution of threats
One of the most challenging elements of cybersecurity is the evolution of security risks. As new technologies emerge, and as technologies are used in new or different ways, new attack paths emerge. Keeping up with these frequent changes and evolving attacks, as well as updating defences against them, can be challenging. One of the challenges is ensuring that all elements of cybersecurity are kept up to date to protect against potential vulnerabilities. This can be particularly challenging for smaller organisations that do not have sufficient staff or in-house resources.


Data flows
In addition, organisations can collect a lot of potential data about individuals who use one or more of their services. As the amount of data increases, the likelihood that a cybercriminal will want to steal personal information (PII) increases. For example, an organisation that stores PII in the cloud could be targeted by a ransomware attack. Organisations should do everything they can to prevent cloud storage from being hacked.


Cybersecurity awareness training
Cybersecurity programmes should also include end-user training. Employees may accidentally bring threats and vulnerabilities into the workplace on their laptops or mobile devices. They may also act in unsafe ways, such as clicking on links or downloading attachments from phishing emails.
Regular security awareness training will help employees contribute to protecting the company from cyber threats.


Labour shortages and skills gap
Another challenge for cybersecurity is the shortage of qualified cybersecurity personnel. As the amount of data collected and used by businesses grows, so does the need for cybersecurity professionals to analyse, manage and respond to incidents. The International Security Institute (ISC)2 estimates that the gap between the cybersecurity jobs needed and the security professionals is 3.4 million.


Supply chain attacks and third-party risks
Organisations can do all they can to maintain security, but if the partners, suppliers and third parties accessing their networks don't act securely, all those efforts will be for naught. Software and hardware attacks on supply chains are becoming increasingly complex security challenges to deal with. Organisations need to address third-party risks in the supply chain and reduce software supply issues, for example by using software specifications.