What is cybersecurity? - Definition from WhatIs.com

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, the term security implies cybersecurity. According to a December 2010 analysis of U.S. spending plans, the federal government has allotted over $13 billion annually to cybersecurity over the next five years.

Ensuring cybersecurity requires coordinated efforts throughout an information system. Elements of cybersecurity include:

One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected against. Such an approach is insufficient in the current environment. Adam Vincent, CTO-public sector at Layer 7 Technologies (a security services provider to federal agencies including Defense Department organizations), describes the problem:

"The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk. It's no longer possible to write a large white paper about the risk to a particular system. You would be rewriting the white paper constantly..."

To deal with the current environment, advisory organizations are promoting a more proactive and adaptive approach. The National Institute of Standards and Technology (NIST), for example, recently issued updated guidelines in its risk assessment framework that recommended a shift toward continuous monitoring and real-time assessments.

According to a December 2010 analysis of U.S. spending plans, the federal government has allotted over $13 billion annually to cybersecurity over the next five years.

 

Learn more:

The Department of Homeland Security offers more resources on cybersecurity.

The Computer Emergency Readiness Team provides tips on improving cybersecurity for end users.

Richard W. Walker wrote about the need for better risk management in federal cybersecurity

This was last updated in December 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • social engineering penetration testing

    - Social engineering pen testing is designed to test employees' adherence to the security policies and practices defined by management. The purpose is to ascertain the company's vulnerability to soci... (WhatIs.com)

  • software attack surface

    - The software attack surface is the complete profile of all functions in any code running in a given system that are available to an unauthenticated user. The more surface there is, the better the ... (WhatIs.com)

  • social engineering attack surface

    - Social engineering attacks usually take advantage of human psychology: the desire for something free, the susceptibility to distraction, or the desire to be liked or to be helpful. The social engin... (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.