According to TechJury.net, “Every 39 seconds, there is a new attack somewhere on the web, globally 30k websites are hacked daily, and an average of around 24k malicious mobile apps are blocked daily on the internet.” Ensuring organizational data and information resources are adequately protected from many types of attacks, detecting when such attacks occur, and proactively searching for vulnerabilities or intrusions are fundamental to cybersecurity operations.
Ensuring an organization’s data and information resources are adequately protected from many types of attacks, detecting when such attacks occur, and remediating deficiencies as effectively as possible – expressed in one significant framework as the following five functions: Identify, Protect, Detect, Respond, and Recover are fundamental to cybersecurity operations.
Fundamentally, cybersecurity operations can be categorized according to three high-level control objectives:
- Security in design: Operational contributions from the IS leader or function to governance, risk management, and IT-managed control processes ensure adequate protection of data and resources.
- Prevention: Technologies like encryption, email and network filters, and antivirus and data loss prevention software thwart attempts to misuse or disrupt information resources or communications. Cybersecurity awareness training also helps employees understand their role in protecting the organization’s resources and reduces the likelihood that they will fall victim to social engineering or other malicious tactics.
- Detection: Tools and processes such as cybersecurity monitoring — which includes event log monitoring and forensic analysis of system outages or anomalies, vulnerability management, and penetration testing — identify control weaknesses or the presence of entities or objects acting maliciously in the computing environment.