In today’s global digital world, it seems
that everything and everyone relies on the internet and on computers, whether
we need to communicate through email and mobile phones, whether we are shopping
through online stores and using credit cards, for our entertainment through
igaming and mp4’s, to promote our business via social media…the list is
endless.
Overall, the internet has made our lives
much more comfortable and efficient. However, there can be another side to the
story. Much of our personal information and that of our businesses and assets
which are stored in our own computers and within the system of others can be at
serious risk but cyber security can protect, prevent, detect and respond to any
cyber attack.
Essentially all cyber security definitions
point to the security of the cyberspace; namely all:
- Interconnected ICT hardware and software
infrastructure
- Data in transit and at rest on the
networks
- Connected users
- Logical connections established among
them
In view of the above, the following
definition of cyber security being adopted by the National Cyber Security
Strategy is:
It is the safeguards and actions that
can be used to protect cyber domain from those threats that are associated with
or that may harm its interdependent networks and information infrastructure. It
strives to preserve the availability and integrity of the networks and
infrastructure and the confidentiality of the information contained therein.
Essentially, cyber security is based upon the
foundations of information security, namely confidentiality, integrity and
availability. Information security aims to safeguard citizens and reduce cyber
space risk. The inherent interconnectedness of cyber-space exposes all of its
constituents to a failure of their most vulnerable elements.
Additionally, effective cyber security
cannot be reached by technological measures alone as modern cyber attacks could
bypass all defence layers by exploiting the human factors through techniques
such as social engineering.
Hence, safeguards and actions hereby refer
to ongoing and planned measures which may potentially be of technical,
operational, legislative, educational, behavioural or disseminative nature.
Above all, cyber security cannot be seen from
a technological aspect only, but needs to cover the needs and expectations of
the state, the economy and society, all of which are increasingly active
participants in an interactive digital world.