What is Cybersecurity?

3min. read

Cybersecurity refers to the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access.

Cybersecurity refers to a set of techniques used to protect the integrity of an organization’s security architecture and safeguard its data against attack, damage or unauthorized access.

According to a 2018 Gartner study, the global cybersecurity market is expected to reach US$170.4 billion by 2022. This rapid market growth is fueled by an array of new technology initiatives, such as cloud-based applications and workloads that require security beyond the traditional data center, connected “internet of things” devices, and stringent data protection mandates (e.g., the European Union’s General Data Protection Regulation, or GDPR, and the National Institute of Security Technology’s Cybersecurity Framework).

Why Cybersecurity Is Required
At its core, cybersecurity involves protecting information and systems from cyberthreats. Cyberthreats take many forms, such as application attacks, malwareransomwarephishing and exploit kits. Recent technological advancements have opened up new possibilities for cybersecurity, but unfortunately, adversaries have benefited from these advancements, as well. Taking advantage of automation, attackers can deploy large-scale attacks at significantly reduced costs. Further, the cybercrime economy makes sophisticated attacks easy to deploy and available to a wide variety of motivated adversaries. Cybersecurity tools and technologies should incorporate automation, machine learning and shared threat intelligence to help organizations get ahead and stay on the cutting edge to combat advanced threats, such as:

  • DNS tunneling: Domain Name System is a protocol that translates human-friendly URLs into machine-friendly IP addresses. Cybercriminals know that DNS is widely used, trusted and often unmonitored. DNS tunneling exploits the protocol to transfer malware and other data through a client-server model.
  • Malicious cryptomining: Browser-based cryptomining attacks are possible when an attacker has found a way to inject JavaScript into a website that allows them to hijack the processing power of site visitors’ devices to mine cryptocurrency, such as bitcoin. In the case of malware-based cryptomining, a user’s entire device is taken over and its CPU used at a higher level to mine currency.
  • Ransomware: Ransomware is the focus of a criminal business model that installs malicious software on a device and holds valuable files, data, or information ransom. With its low barrier to entry and high revenue potential, ransomware is the largest threat facing organizations today.

How to Maintain Effective Cybersecurity
Historically, organizations and governments have taken a reactive, point product approach to fighting cyberthreats, cobbling together individual security technologies to protect their networks and data. However, this method is expensive as well as complex, and stories of devastating breaches continue to dominate headlines, indicating this approach is ineffective.

Enabling automation, machine learning and shared threat intelligence in their security architecture will help organizations keep pace with the growth of sophisticated cyberattacks. Machine learning can help accurately identify variations of known threats, recognize patterns, predict the next steps of an attack, and inform automation tools to create and implement protections across the organization, all in near-real time. With shared threat intelligence, anything one user sees, identifies or prevents benefits all other members of the shared community. More comprehensive prevention, attainable more quickly, reduces overall cybersecurity risk to something easier to manage.

Organizations should consider a natively integrated, automated security platform specifically designed to provide consistent, prevention-based protection for endpoints, data centers, networks, public and private clouds, and software-as-a-service environments.

The Palo Alto Networks Security Operating Platform® was designed to help your teams operate simply and efficiently to protect your organization. It prevents successful attacks, including attacks in progress, to secure the enterprise, the cloud and the future.

Secure the Enterprise
Built for simplicity, our tightly integrated innovations are easy to operate, delivering consistent protection across network, cloud and mobile users.

Secure the Cloud
Prisma™ is the industry’s most complete cloud security offering. Accelerate your cloud journey with a product suite designed to secure today's complex IT environments.

Secure the Future
Cortex™ is the industry's only open and integrated AI-based continuous security platform that constantly evolves to stop the most sophisticated threats.

 

What is Cyber Security?

To learn more, check out the Next-Generation Security Platform webpage.

Related Resources

Article

What is a Security Operating Platform?

A Security Operating Platform is an automated, integrated, and agile cybersecurity approach, designed to protect against successful cyber attacks.

Read
Article

4 Ways Cybersecurity Automation Should Be Used

Cyberattacks have become heavily automated. Automation is the only way to level the playing field, reduce the volume of threats, and enable faster prevention. 

Read