Skip to main content
HashnodeCyvallyCyvally

Command Palette

Search for a command to run...

Cybersec Base #004: Types of Cybersecurity

Updated
5 min read
Cybersec Base #004: Types of Cybersecurity
C
Cyvally
Part of seriesCybersec Shell

So far, I have told you about my cybersecurity love story, we've talked about what cybersecurity is and why it's important, and we've discussed the three pillars of cybersecurity, which are people, process, and technology.

Like the body contains eyes, the heart, legs, hands, and other parts to ensure a fully functional body, so cybersecurity has different elements/types to ensure fully robust security.

This post discusses the 10 types of cybersecurity and emphasizes the importance of having a detailed understanding of cybersecurity in order to protect assets from cyber threats. Knowing the different approaches and techniques used to secure computer systems, networks, and data is essential in identifying potential areas of interest or specialization within the field.

Don't blink, you might miss something!!!

1.1 Types of Cybersecurity

Organizations and individuals can employ a range of cybersecurity techniques to protect their systems and data against cyber attacks. Here are a ten types of cybersecurity:

Type 1: Network Security

Network security is the process of preventing unwanted access and attacks on networks and their infrastructure. It provides solutions such as data and access controls such Data Loss Prevention (DLP), NAC (Network Access Control), advanced technologies like IPS and sandboxing, and network analytics to prevent network-based threats. Threat hunting and automated SOAR technologies are also important components of network security.

Type 2: Application Security

Application security aims to protect software systems and applications from attackers by discovering and addressing vulnerabilities. The goal is to develop and provide secure applications that are resistant to destructive attacks and defects and have many security protections in place to prevent unwanted access, data manipulation, and change. The main concerns include preventing data breaches, protecting sensitive personal data, and ensuring the availability and integrity of programs throughout their lifecycles.

Type 3: Data Security

Data security refers to the protection of information from unauthorized access, theft, corruption, and other cyberthreats. To protect data from unauthorized access or modification, a number of security techniques such as encryption, access controls, firewalls, and intrusion detection and prevention systems must be implemented. The goal of data security is to maintain the confidentiality, integrity, and availability of data during its entire lifecycle, from creation to disposal.

Type 4: Cloud Security

Protecting apps, data, and the cloud infrastructure against online attacks are all part of cloud security. To protect a company's cloud deployment from threats, it entails putting policies, procedures, and solutions in place. For businesses using cloud computing, cloud security is crucial to maintaining the confidentiality, availability, and integrity of their data and applications.

Type 5: Endpoint Security

Endpoint security focuses on protecting endpoint devices from malware, unauthorized access, and other threats by applying security solutions to address vulnerabilities. It allows enterprises to secure end-user devices through the use of data and network security controls, threat prevention, and forensics technology such as endpoint detection and response (EDR) solutions. Mobile security solutions also play an important role in securing mobile devices that pose a security risk to enterprises, as well as ensuring that only compliant devices have access to company assets through Mobile Device Management (MDM) solutions.

Type 6: Social engineering and user awareness

As part of cybersecurity, social engineering and user awareness educate users about social engineering attacks and how to defend against them. An attacker uses social engineering to trick a user into disclosing confidential information or jeopardizing a system's security. By creating a security culture and teaching staff on security best practices, user awareness educates users on how to detect and prevent social engineering attacks. Recognizing phishing scams, generating strong passwords, identifying unusual behavior, and reporting security incidents are all part of this package.

Type 7: IoT Security

IoT security is protection of networks and devices linked to IoT against cyber threats. IoT devices are physical things that can gather, send, or receive data and have an internet connection. IoT security includes a combination of hardware and software restrictions such as encryption, authentication, access control, and vulnerability management. To defend IoT devices from vulnerabilities and runtime attacks, measures such as auto-segmentation, intrusion prevention systems, and firmware upgrades are deployed.

Type 8: Physical Security

Physical security refers to protecting people, places, equipment, and physical assets from damage, theft, and harm caused by illegal access or malicious behavior. This can include the use of security cameras, access controls, obstructions, locks, alarms, security guards, policies and procedures, and other concrete barriers. Physical security is an essential component of a comprehensive cybersecurity strategy because it protects the people and physical resources that support digital systems and data, as well as the safety and well-being of customers and employees.

Type 9 : Identity and access management

Identity and access management (IAM) is a set of policies and technology solutions used by organizations to manage digital identities and control access to resources. IAM solutions typically include user authentication, authorization, access controls, and monitoring of user behavior. IAM technologies such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), Provisioning, Privileged Access Management (PAM), and Role-Based Access Control (RBAC) are important components of modern cybersecurity procedures to reduce the risk of information breaches and unauthorized access to critical systems and data.

Type 10 : Cryptography

Cryptography is a security practice that encrypts, decrypts, and manages keys to prevent unauthorized access to communication and information. It converts plain text messages into unreadable ciphertext using mathematical algorithms and keys. Several applications, such as secure messaging, file encryption, digital signatures, and SSL/TLS, require cryptography. It is also necessary for the protection of privacy in systems such as blockchain technology.

Organizations should create a thorough plan that incorporates these ten types of cybersecurity in order to completely cover its bases.

I understand that some terms used in this post may be unfamiliar to some of us, However, have no fear, for I assure you that forthcoming posts will expound on these peculiar terminologies in a more elaborate fashion. So, sit back, relax, and enjoy the ride!

"The strength of the team is each individual member. The strength of each member is the team."

-Phil Jackson

1.2 Review Questions

  1. What is social engineering and how can it be prevented?

  2. What is physical security and how can it help to protect against cyber attacks?

  3. What is network security and what are some common measures used to secure a network?

  4. ____________ converts plain text messages into unreadable ciphertext using mathematical algorithms and keys

  5. Research: What is the full meaning of the acronym IPS and what are its functions

Cybersec Shell

Part 17 of 20

Welcome to Cyber Shell! Explore cybersecurity resources, including courses and certifications, tailored to all experience levels. Stay updated with the latest trends, and explore opportunities to advance your skills and career. Thanks for visiting!

Up next

Cybersec Base #003: Pillars of Cybersecurity|People, Process, Technology

I never imagined chemistry would come in handy in cybersecurity until I came up with the acronym "Cyber PPT". I remembered using pipette during my chemistry practical days, to transfer liquids and constantly referring to it as "PPT." It was a minor r...

More from this blog

C

Cyvally

26 posts

Cyvally is a blog offering interesting content on everything cybersecurity, with practical tutorials, best practices, and career guidance for beginners and professionals.