Author: Annabelle Klosterman
In 2017, a gigantic company data breach occurred, exposing more than half of America’s social security numbers.[1] Due to the lack of technological security, this eventually cost the company nearly 1.4 billion dollars. Ten years ago, that would have been shocking, but today, it doesn’t surprise most people. With the world of technology expanding every day, cybersecurity grows and continues to present a threat to anyone who uses computers, phones, or other sorts of technology. It is becoming clear that there are not enough people to fix the growing security problems that millions of individuals and companies are facing.[2]
The first step to figuring out how to solve these problems is understanding what cybersecurity is. While many people have probably heard of cybersecurity, they might not know what it means. Cybersecurity is also referred to as information security because it is essentially about protecting data – i.e., information, from unauthorized individuals. The confidentiality, integrity, and availability (CIA) of information, is the foundation of cybersecurity.
Think of the physical security that most of us have at home: the fence for the yard; the locks on their doors and windows; alarm systems; and sometimes even security cameras. All of this is to keep unauthorized individuals out. Much of the information and data that companies have is sensitive. This can be data such as personal client and employee information, trade secrets, or proprietary business information. This data type is very valuable to hackers as obtaining that information would make them a lot of money.
Companies try to keep information secure by requiring various types of authentications. Common authentication methods include a username and password for a website, two-factor authentication, biometric verification, or security tokens. Requiring authentication to access sensitive information is one way to help protect valuable information. Ensuring that information remains confidential is critical; it is one of the foundational elements-the “C” in the CIA triad.
Another pillar of cybersecurity is integrity. Integrity in information security refers to the need to maintain the accuracy, consistency, and trustworthiness of data over its entire life cycle. For example, if you were trying to send a package in the mail to your friend, John, you would like the condition of the package to be the same when he receives it. The package would not have integrity if someone were to exchange it for a different package before it got to John.
When it comes to technology, ensuring the integrity of data is not an easy task. Most companies have various security measures in place to protect the information from being altered without authorization. Companies implement techniques that ensure people cannot view or change information that is not their own. Banks, for example, have security systems in place so that you cannot view another individual’s bank account. Without data integrity, we would not know whether we have accurate information or not. This can have a tremendous impact on personal or business decisions.
In addition to confidentiality and integrity, the availability of data plays a vital role in cybersecurity. For any piece of information to be useful, it must be accessible. The availability of data ensures that authorized individuals have access to the information in a timely and uninterrupted manner. When a streaming site is down, the movies and TV shows are no longer accessible to users. Those who are trying to watch a movie can no longer do so. If services or information are not available, then they are typically not secure.
Most companies have processes in place that will help prevent their service, product, or information from becoming unavailable. In the event of a disaster or hardware malfunction, companies implement redundancy, which may include secondary servers and storage immediately available for use. Having a backup plan ensures that the information can be quickly recovered if core systems are lost or corrupted, facilitating rapid restoration so valuable information and services are available when needed. Having data available when needed is a big aspect of cybersecurity. Without it, individuals would not be able to trust companies that provide these services.
Throughout the various industries in the economy, the need for cybersecurity will remain constant for the foreseeable future. Every company needs proper cybersecurity if they want to be successful and continue growing. After a data breach, businesses can end up losing over half of their customers, which may result in significant losses or going out of business.[3] Companies must ensure customers that their information is confidential, has integrity, and is available when needed.
Not only does cybersecurity affect companies, but it also affects individuals. Many individuals have smartphones, laptops, and other smart devices. If hackers can access individuals’ devices, they can steal login credentials, banking information, and other sensitive information. Everyone, individuals, and companies alike, must be mindful and careful of how they use technology so they can ensure that they are not putting themselves at risk.
Fixing these cybersecurity problems is more critical than ever before. With technology being a part of almost every individual’s and business’s lives, we must protect what is important to us. Through properly securing technology, we can protect personally identifiable information, sensitive data, intellectual property, industry information systems, and other private data.
Annabelle Klosterman is a cybersecurity student at Dakota State University. This article was written for Visionary Integration Professionals (VIP) Women in Technology Scholarship (WITS) which Annabelle was awarded.