Cyber-security frequently asked question

What is cyber security?

Cyber security is the collection of technologies, processes, and practices that protect networked computer systems from unauthorized use or harm. Broadly speaking, cyber security topics can be subdivided into two complementary areas: cyber attacks, which are essentially offensive and emphasize network penetration techniques; and cyber defenses, which are essentially protective and emphasize counter-measures intended to eliminate or mitigate cyber attacks.

What is a cyber attack?

cyber attack: An offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, including unauthorized access, unapproved changes, and malicious destruction.

What is a cyber threat?

cyber threat: A potential cyber attack, which may be assigned a probability of occurrence that can be used for cyber risk assessment.

What are the differences among the terms cyber attack, cyber threat & cyber risk?

The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.

What is malware?

Malware is an umbrella term derived from "malicious software", and refers to any software that is intrusive (unauthorized access), disruptive, or destructive to computer systems and networks. Malware may take many forms (executable code, data files) and includes, but is not limited to, computer viruses, worms, trojan horses (trojans), bots (botnets), spyware (system monitors, adware, tracking cookies), rogueware (scareware, ransomware), and other malicious programs. The majority of active malware threats are usually worms or trojans rather than viruses.

What is a cyber defense counter-measure?

A cyber defense countermeasure is a reaction to a cyber threat that it is intended to mitigate or remediate its damage.

What is a firewall and how does it work?

Background: In general usage, a firewall is a fire-resistant barrier that is used to prevent the spread of fire for a prescribed period of time. Fire walls are built between or within buildings, or within an aircraft or vehicle. In the context of computer networks, a firewall is a network security system that monitors incoming and outgoing network message traffic and prevents the transmission of malicious messages based on an updatable rule set. In effect a firewall establishes a barrier between a trusted, secure internal network and external networks (e.g., the Internet) that are assumed to be untrustworthy and non-secure. Firewalls can be implemented as software that runs on general-purpose hardware (e.g., an open source firewall on a Windows PC or Mac OS X computer) or a dedicated hardware device (appliance). How does a firewall work? In essence, firewalls function as a filter between a trusted, secure internal network and external networks (e.g., the Internet) that are assumed to be untrustworthy and non-secure. The firewall filter may be flexibly programmed to control what information packets are allowed and blocked.