Cybersecurity: definition

Home » FAQ: all the answers to your questions » Cybersecurity: definition

Contact us to learn more about our programs

Would you like to join us?

What is cybersecurity?

Cybersecurity represents the entirety of the defensive means devoted to the fight against hacking on all computer networks, mobile devices, servers and company data. There are many issues at stake:

  • Ensure that users have the necessary permissions to open a network and that their data is secure
  • Secure information in transit and stored data
  • Protect software and devices from outside intrusion
  • Respond effectively to security breaches and ensure the proper recovery of operations by following a precise methodology

The digitization of the world has increased the opportunities for companies to expand, while at the same time increasing their exposure to third-party infiltration risks. With the massive use of data storage and transfer via the cloud, online security has become a key issue for individuals and businesses.

Why is cybersecurity particularly important for businesses?

With the phenomenal development of data and the cloud, the role of cybersecurity has become central. Companies are taking advantage of the general expansion of data and the cloud, but not without risk. The storage of so-called “sensitive” data belonging to customers or companies is a valuable asset, particularly exposed to the risk of theft. Thus, cybersecurity is the subject of particular attention as its role has become an essential link in the balance of companies. As such, it uses the most powerful computer weapons to counter attempts at infringement and data theft.

These cyber attacks come from an external environment and give hackers the opportunity to penetrate companies’ computer networks in order to extort sensitive data for ransom. Even if the attempts are exponential, human error is also blamed for the opening of security holes. This is another aspect of cybersecurity concerning companies, the need to develop a culture of vigilance among employees.

The challenge of cybersecurity is major because the losses generated can simply be fatal to their survival. Thus, companies risk:

  • Collapse of profits
  • global exchanges stopped due to computer unavailability
  • weakening of a company’s brand image

It is important to remember that cybersecurity does not only concern large structures. All companies are affected by the threat of cyber attacks. In this respect, we note that small and medium-sized companies are taking the digital turn with a certain enthusiasm, and are therefore also using computer protection tools:

  • 80 percent of large companies have experienced cyber attacks
  • 87 percent have cloud data storage
  • 52 percent of them use public clouds making them particularly vulnerable
  • 40 percent of large companies have an enhanced cybersecurity program
  • 32 percent of them do not feel adequately protected despite their devices.

Cybersecurity and personal data

In France, it is the CNIL, the French authority regulating the use of personal data, which determines the permitted and prohibited actions with respect to personal data. The Covid example is particularly representative of the use that can be made of it.

For example, when reporting a Covid case, a patient’s personal information is strictly regulated and cannot, under any circumstances, be collected by an employer. Therefore, companies cannot proceed to generalized collection of personal information in order to categorize their employees according to their health status.

However, due to the state of emergency, the European Data Protection Committee has authorized the tracking of geolocation data via the French operator Orange. For now, tracking is limited to anonymized data, but the status of personal data may change.

During the same period, the healthcare industry has suffered repeated cyber attacks. In order to secure the personal data of the French in many public sectors, many organizations have been set up. 360 global experts have come together to establish a major cybersecurity plan, called Cyber Threat intelligence, to counter these malicious organizations.

At the same time, the ANSSI has distributed a security methodology on a large scale so that everyone can ensure the protection of their personal data. Such devices show how the issue of cybersecurity with regard to our data has become of paramount importance, in all sectors of society.

What is a cyber threat?

A cyber threat is a risk of attack on a public or private computer system. By using various intrusion tools, the cybercriminal is able to manipulate the protection systems in place and exploit the security holes. Hackers act individually or in an organized group dynamic. Behind these acts of hacking, the cybercriminals’ motivation is :

  • financial benefit (blackmail, extortion)
  • a political or ideological act
  • Industrial espionage
  • Technical sabotage (Paralysis of a company’s IT infrastructure)

What kinds of cyber threats are there?

The most common attacks faced by companies are :

  • Malware:

Malware is malicious software also called “Trojan horse”, whose purpose is the intrusion and contamination of a computer system. Users of this type of program aim to make money, but also to sabotage industrial equipment. The ideological or political stakes against governments can also explain acts of cybercrime.

  • Phishing:

This practice consists of recovering a user’s personal data, often bank details, by sending fraudulent emails or impersonating them. The fake contacts look like an official content (Post office, bank, energy service…) and invite the Internet user to fill in his bank details through a hyperlink.

  • Ransomware:

Ransomware can be defined as a digital hold-up. This malicious program hijacks software, devices or networks, jamming their use with encryption or interference. In most cases, access to the data is restored by paying a ransom.

  • Denial of service:

This technique consists in saturating a website with a large number of requests in order to make the service inoperative. In many cases, it is a matter of diverting attention in order to extort confidential information.

What are the new cyber threats?

Containment periods have literally made cyber threats explode. The closure of traditional stores and the explosion of online ordering have encouraged piracy of all kinds. National security authorities are determined three major types of attacks:

  • Spontaneous, untargeted attacks involving emails containing an infected attachment to a very large number of recipients. The sums extorted are small, but the mass of recipients makes it possible to bring a large amount of money to the cybercriminals
  • Targeted attacks are aimed at organizations with greater financial capabilities, such as large enterprises. They affect fewer people but the ransom demanded is higher.
  • Zoombombing, referring to the video conferencing software, relies on security holes in the software, allowing hackers to enter online conversations, business meetings and university courses conducted remotely.

How to protect Internet users?

The personal data of Internet users today represents a gold mine for cybercriminals. Beyond the use of adapted software, we can find accessible methods to protect ourselves against these new threats:

  • The sharing of personal data on social networks represents a constant risk for users. Once a photo or text is posted, the information belongs to the platform and can be used without the user’s consent. Nothing can be completely deleted once a piece of information is posted. It is recommended not to post anything that could be detrimental to the user (such as vacation dates)
  • First element of protection, the use of the password must be judiciously elaborated.
  • Use at least 8 characters
  • Alternate upper and lower case letters, numbers and special characters
  • Change it regularly
  • Use an antivirus software whose effectiveness has been recognized and proven. Therefore, it is preferable to opt for a paid software, the only way to be assured of a guaranteed efficiency.
  • Verify the source of the sites on which transactions are made. Safety markers can be found on official websites. The presence of the padlock in the address bar and the “https” protocol are good examples.

Learn more about cybersecurity training

Updated 2 January 2024