The exercise of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks is known as cyber security. It is also referred to as information technology security or electronic data security. The term is used in a variety of contexts, ranging from business to mobile computing, and can be classified into a few general categories.
Network security is the practice of defending a computer network against intruders, whether they are targeted attackers or opportunistic malware.
Application security is concerned with keeping software and devices safe from threats. A compromised application may allow access to the data it is supposed to protect. Security starts in the design stage, long before a program or device is deployed.
Information security safeguards the integrity and privacy of data while it is in storage and transit.
The processes and decisions for handling and protecting data assets are included in operational security. This includes the permissions that users have when connecting to a network as well as the procedures that govern how and where data can be stored or shared.
Disaster recovery and business continuity define how a company responds to a cyber-security incident or any other event that results in the loss of operations or data. Disaster recovery policies govern how an organization restores its operations and information in order to resume normal operations following a disaster. Business continuity is the plan that an organization uses when it is unable to operate due to a lack of resources.
End-user education addresses the most unpredictable factor in cyber security: people. By failing to follow good security practices, anyone can introduce a virus into an otherwise secure system. Teaching users to delete suspicious email attachments, not to plug in unidentified USB drives, and a variety of other important lessons is critical for any organization’s security.