What is Cybersecurity?

I was in a forum with about 30 university and college leaders. The topic was about how to develop a suitable cybersecurity program in higher education. We took almost the whole morning session to debate or argue with each other "What exactly is cybersecurity?" It was a hard argument because people came from different areas and had different perspectives.


When coming to cybersecurity, people often think of Virus, IT, or Internet; Some people will say that as long as we have a Firewall, we are fine; Some people will talk about Password, like how long and how complex your password should be. Some people will mention Data Protection or Encryption. And of course, many people will talk about Hacker, because they are on the news almost every day.


All of these are right. But we need a complete picture of cybersecurity.


There is an old story of "Blind Men and an Elephant." 


A group of blind men have never known an elephant. They try to tell what the elephant is like by touching it. Then they claim the elephant is like a rope, a fan, a snake, or a wall based on which body part they put their hands on.


It is just like when people are talking about cybersecurity. People will say cybersecurity is about Virus, IT, Internet, Firewall, Data, Encryption, or Hacker based on their own experience.


All of these are true, but they are partially true.


So here, I want to give you a big picture of cybersecurity. The complete picture of this elephant.


Of course, it is not an absolute answer. Different books, curriculums, or organizations may explain it differently. And the security industry also evolves very fast with new technologies, concepts, and models added. 


Cybersecurity right now is often used as one word. To fully understand it, we need to separate it into two words: 

Cyber and Security.


What is cyberser?

We are living in a physical world. Just look around. You are in a room, sit by a table, have something to drink. But we are also living in a digital world at the same time. The word of cyber originally means computer networks (e.g., Internet). But we now associate cyber with the critical elements in the digital world.


So, what do we have in this digital world or the cyber world? 


1. Devices 

We usually refer devices to computers (e.g., laptops, desktops, servers). But they can be any smart things, for example, Smart Phone, Smart Watch, Smart Camera. They also include billions of Internet of Things (IoT) used in Smart Homes, Industrial Control Systems, Autonomous Cars.  


2. Communication

Communication allows devices to talk to each other. Nowadays, if your laptop can not access the Internet, it is almost useless. Like Ethernet, Wi-Fi, Bluetooth, 5G, these communication technologies empower the connected cyber world to produce real value.


3. Systems

What are running on devices? All kinds of systems. For example, Operating Systems (like Windows, Linux, iOS, Android) and Application Systems (like CRM, Accounting, E-Commerce, Game).


4. Information

Systems will produce lots of data, like documents, audios, videos, logs, customer records. These data can then be further transformed and analyzed to provide information and intelligence.


So, these are the four main elements of the cyber world. We have billions of Devices connected through Communication protocols, run various Systems, and produce numerous Information.


What is security?

After we understand more about cyber, let's look at security. 


What is security? Simply put, it is about protection. So, cyber security is about protecting the cyber world.


But what exactly do we need to do?


We need to protect three things:


1. Confidentiality

It is about protecting your "Read" privilege. For example, your credit card number is confidential. You don't want others to know about it without your permission.


2. Integrity

It is about protecting your "Write" privilege. For example, you have $1,000 in your bank account. You don't want others to change it to $900 without your permission.


3. Availability

It is about protecting your "Access" privilege. For example, you want to check your emails at night. You don't want to see an error saying the mail server is down.


What is cybersecurity?

Now you should know What Cyber is and What Security is. Let's put them together.

What is Cybersecurity (Cyber Security)? In a nutshell, it is to protect Confidentiality, Integrity, and Availability of the Cyber World.  


If you want to get more specific, you can have:


1. Device Security
Protect Confidentiality, Integrity, and Availability of devices like computers, phones, IoTs.

2. Communication Security
Protect Confidentiality, Integrity, and Availability of communications like Ethernet, Wi-Fi, 5G. 

3. System Security
Protect Confidentiality, Integrity, and Availability of systems like Windows, Linux, Web Applications. 

4. Information Security
Protect Confidentiality, Integrity, and Availability of information like documents, logs, databases. 



Learn more about cybersecurity

This cybersecurity introduction course will help you quickly understand Cybersecurity Concepts, Industry Challenges, Common Cyber Attacks, and Cybersecurity Domains.

Cybersecurity is hot today! Join this high in-demand 1-day virtual seminar of Cybersecurity Essentials. It will help you master fundamental cybersecurity concepts, understand essential cyber controls and technologies, learn necessary cybersecurity compliances and frameworks, and discover exciting career opportunities.

About the author

Bryan Li

Chief Catalyst, Enlighteni

Bryan Li has 20+ years' experience in enterprise solutions, information security, program management, software development, and IT consulting. 


Bryan has delivered numerous cybersecurity courses & seminars at corporations, colleges, and industry conferences. Bryan is a Microsoft Certified Trainer (MCT) and EC-Council Certified Instructor (CEI). Bryan holds CISSP, CCSP, CEH, CND, PMP, and many other professional credentials. 


Sign up to receive information on our learning programs and career events

Leave a comment

Please note, comments must be approved before they are published