www.busterCyber.com

Cybersecurity Domains


First



What is cybersecurity?



busterCyber's Definition: "Cybersecurity is the process of protecting and facilitating appropriate authorization for who, what, where, when, why, and how access to data and information is accomplished. Cybersecurity also involves preventing, detecting, responding, and recovering from attacks, such as by any unauthorized entity attempting to obtain access to protected data or information systems, as well as attempts to prevent access to a system".



Why is it important?



A few things to consider



It can be said that access control, or modern access management, may be derived from the Greek concept of kubernētēs, which refers to a pilot or steersman.


This is a very old concept. In a computer system context, access control is a component of security.


A system designer will provide a specification for implementing a process for piloting, or steering, access to the computer system, data, and information. A system administrator controls who is allowed access and monitors for any disallowed access to the system.



Note: There are many different areas of cybersecurity. Consider that cybersecurity for an individual's smart phone will be different from a computer system used to grant access to payroll data.


A smart phone is used by an individual. A payroll system involves multiple individuals with very different reasons to access the various data about multiple people that work in an organization. Cybersecurity considerations must be able to apply to an individual, a person within and organization, and meet other requirements related to the access controls across a system.


It can be concluded that the importance of cybersecurity is variable and based on specific factors, such as requirements and risk appetites. It will get more complicated as systems become more sophisticated.



Cybersecurity, including computer security, involves restrictions, or controls, as part of the design or management of the system. The designs for these controls are the fundamental foundation for establishing cybersecurity. Many questions must be answered to determine what controls are necessary, starting with identifying what is important and how to protect it. Designing the controls involves a careful analysis and a thorough understanding of the system, including individual devices, communications protocols, and data access management, for example.



Who needs to focus on cybersecurity?


In general, anyone with a concern about the consequences of access to a system needs to be concerned with cybersecurity.


For example, if an individual does not want a third individual to see a message to a friend, cybersecurity for the individual's phone and the friend's phone should be considered.


Another example may involve an organizational computer system that is designed to allow only access to certain data by a small group of people. If that data becomes available to anyone outside of that small group, the organization may lose money, perhaps by contractual stipulation or government regulations (data privacy requirements).



The Insecure Duck:

"What are those turtles seeing?"


More




bustercyber