Today, I’d like to talk about a very basic question, “what is cybersecurity?”
As a cybersecurity professional, I have been invited to many conferences, seminars, or meetups. I recall we had one meeting with universities and colleges to discuss how to design a cybersecurity curriculum. There was a lady in the group said: “Hey, before we do that, can we get a consensus on the definition of cybersecurity?” It immediately triggered a huge debate in the group. In the end, people still could not agree with each other.
So, I think to share my thoughts on cybersecurity today. Hopefully, it makes sense to you.
When coming to cybersecurity, you often hear the following opinions:
- Cybersecurity is related to a virus. For many years, finding and killing computer viruses is the main job for security people.
- Cybersecurity is an IT problem. It is up to our computer guys to fix it.
- Cybersecurity is to protect the network, for example, setting up a firewall. Some technical people believe, as long as they have a firewall with some good firewall rules, they can block all network attacks.
- Cybersecurity is about encryption. You can simply protect your data and devices by encrypting the whole thing. Then, no one else can access it.
- Most people also relate cybersecurity to hackers. Because, almost every day, you hear some news about hacking or breach on Internet, TV, or Newspapers.
While all these opinions are valid, they only address some parts of cybersecurity.
Before I give you my definition of cybersecurity, let me show you a picture.
The story of “blind men and elephant”
Has anyone heard the old story of “Blind men and elephant”? Basically, it was about several blind people went to see an elephant. Of course, all they could do was touching the elephant. Depending on which part they touched, they described the elephant as: it was like a snake (nose), a tree (leg), a fan (ear), a wall (body), a rope (tail). While they were right based on the information they had, the question was, did we get a clear picture of the elephant?
If we think cybersecurity is like that elephant, it is exactly the same story. When people associating cybersecurity with virus, IT, network, firewall, encryption, or hacker, they only touch some parts of it. We still miss a complete picture of cybersecurity!
Elephant in the room
Speaking of an elephant, there is an idiom in English called “Elephant in the Room”. It means we have an obvious problem or risk that no one wants to discuss. When I worked as the director of product development, at one executive meeting, I asked my boss: “Can I get more budget for the new product development?” The CEO smiled and replied very politely: “This is an elephant in the room.”
In fact, cybersecurity is like this elephant in many organizations. Everyone knows it is critical, but few people want to address it or know how to address it. The problem is, this elephant is always in your room. If you do nothing, when it moves around, it will break a lot of things.
Now, let me share with you my definition of cybersecurity.
Cybersecurity is often used as one word today. But to fully understand it, we need to separate it into two words: Cyber and Security.
What is cyber?
For millions of years, we are living in a physical world with all these tangible things like food, clothes, or trees. But with the fast growth of information technology, people are engaging in a virtual world called “cyber“. Especially for the younger generation, they are spending more time in this virtual world for things such as online games, social media, or instant messaging. Some researchers even believe that human will eventually move to this virtual world in the near future, just like what the movie “Matrix” showed us, a cyber world controlled by supercomputers or AI.
But for now, let’s look at what are the common things in the cyber world:
- Devices, which include computers, smart phones, tablets, smart watches, smart thermometers… anything can be connected to a network.
- Communications, which include the Internet, WiFi, Bluetooth… these allow different devices to talk to each other.
- Systems, which include the operating systems such as Windows, Linux, macOS, iOS, Android, and all kinds of applications such as CRM, ERP, Accounting, or Games.
- Information, which includes data in the database, documentation, videos, audios, pictures etc.
In short, cyber is a digital world which has numerous connected devices powered by all kinds of systems to exchange information.
What is security?
Simply put, it is about protection. Traditionally, we have physical security to protect our valuable assets in the physical world. But when we move more toward the cyber world, we need a new set of tools to protect the cybersecurity.
There are three most important principles for the cybersecurity:
- Confidentiality – this focuses on protecting the “Read” operation. You do not want unauthorized people to read your confidential information, for example, your credit card number, social insurance number, or payroll amount
- Integrity – this focuses on protecting the “Write” operation. You do not want to unauthorized people to modify your data. For example, you do not want someone to withdraw money from your bank account without your permission.
- Availability – this means the systems and data are always accessible when you need them. For example, an online banking system or an online shopping site should always be on.
What is cybersecurity?
Now we can put these two words – Cyber and Security together. What is cybersecurity? Cybersecurity is about to protect the cyber world in terms of Confidentiality, Integrity, and Availability.
If you want to break down this definition a little further, you just need to look into the elements of the cyber. Then you will get:
- Device Security – to protect the confidentiality, integrity, and availability of laptops, workstations, servers, phones, IoTs, etc.
- Network and Communication Security – to protect the confidentiality, integrity, and availability of the Internet, Intranet, WiFi, Bluetooth, etc.
- System and Application Security – to protect the confidentiality, integrity, and availability of Windows, Linux, macOS, iOS, Android, applications, etc.
- Information Security – to protect the confidentiality, integrity, and availability of data, database, documents, files, etc.
What is cybersecurity? It is about Confidentiality, Integrity, and Availability. When you take care of them, you will get a thing called the security in the cyber world.
There is another interesting question about cybersecurity: Can you achieve all three things (Confidentiality, Integrity, Availablity) 100% at the same time?
In a perfect world, the answer is “Yes”. But in a real world, you often have to give priorities to two of them and sacrifice the third element a little. In other words, your job as a cybersecurity professional is not to get three of them 100% at the same time; your job is to find a good balance point suitable for your organization among these three security principles – Confidentiality, Integrity, Availablity.
By the way, I also I created a short video on this topic as follows. Hope you will find it helpful.