Knowledge What Is Cybersecurity? A Beginner-Friendly Guide to the Basics and Key Countermeasures

Cybersecurity refers to all technologies and activities aimed at protecting IT devices such as PCs, servers, smartphones, the networks they connect to, and the data (information assets) stored there from cyberattacks and other various threats.

Its purpose is to prevent leakage, tampering, destruction, and other damage to information caused by these threats, and to maintain systems in a state where they can be used stably.

A closely related term to cybersecurity is “information security.” While the two are closely connected, they differ in the scope of what they protect.

Information security targets the broader range of “all information assets,” including paper documents and even human memory. Cybersecurity, on the other hand, refers to measures that are specifically focused on the “cyberspace” portion of that scope—digital data on computers and networks.

In recent years, the importance of cybersecurity has risen to an unprecedented level. Behind this rise is a dramatic transformation of our business environment.

Core enterprise systems are migrating to the cloud, IoT devices are operating in factories, and virtually all business activities are now premised on digital data. Since critical information assets to be protected are concentrated in cyberspace, a single attack can inflict enormous damage on an entire business.

With the spread of telework, employees now work from home or on the go, in environments where the security level is not necessarily high. As a result, the traditional perimeter-based security model where “inside the company is safe, outside is dangerous” can no longer cover all the threat entry points.

Today’s cyberattacks are not mere pranks by a handful of hackers. They are now part of “businesses” run by criminal organizations for financial gain, such as through ransomware attacks. Attackers are constantly adopting new technologies and techniques, and their methods are becoming ever more sophisticated and advanced.

A fundamental concept in cybersecurity (and information security) is the trio known as “CIA.” These three elements define the state that protected information assets should be in and serve as a guideline for security measures.

Effective security measures maintain and manage a proper balance of these three—confidentiality, integrity, and availability—tailored to the characteristics of the business.

There are many different types of cyberattacks that target companies. Below are some of the most representative examples.

Malware is a collective term for malicious software such as computer viruses, worms, Trojans, and spyware. Among these, “ransomware” has been particularly rampant in recent years. It encrypts data on infected computers, making it unusable, and then demands a ransom in exchange for restoring it.

Phishing scams involve attackers sending fake emails that impersonate financial institutions, business partners, government agencies, etc. and directing recipients to fraudulent websites that closely resemble the real ones. Users are then tricked into entering their IDs, passwords, credit card information, and other data, which the attackers steal. The stolen information is exploited for unauthorized access and financial fraud.

Unauthorized access refers to attacks where perpetrators exploit system vulnerabilities or use authentication information stolen through phishing or other means to break into servers or internal networks. This can lead to the theft of confidential information, system destruction, or the use of compromised systems as a springboard for further attacks.

DoS/DDoS attacks involve overwhelming a specific website or server with a massive volume of requests, overloading the system and forcing it to shut down. When targeted at e-commerce sites, such attacks can cause direct business losses.

Supply chain attacks are those where attackers do not target large, well-secured corporations directly, instead compromising smaller, less-secure partner companies and using them as a stepping stone to infiltrate the final target. This highlights the growing need to consider the security levels of not only one's own organization but also that of the entire supply chain.

What concrete measures should be taken to protect companies from these threats? Countermeasures can broadly be divided into three aspects: “technical,” “organizational,” and “human.”

In addition to basic tools such as firewalls and next-generation antivirus software, it has become important in recent years to build multilayered defenses, including enhancing endpoint monitoring through EDR (Endpoint Detection and Response) and implementing access control and account management based on the zero-trust concept.

Related article: What is Zero Trust (Security Measures for IoT) at Overseas Offices? Points to Realize

It is essential to formulate company-wide information security policies (basic principles and codes of conduct) and operate them under strong leadership from top management. It is also necessary to establish a specialized team (CSIRT) to respond quickly to any incidents that occur, and to define reporting flows and response procedures.

It is often said that the “weakest link” in security measures is people. The awareness and behavior of each employee—such as not opening suspicious emails, not connecting to free Wi-Fi, and setting hard-to-guess passwords—have a major impact on the organization’s overall security level. It is important to raise every employee’s security literacy through regular training and targeted email-attack simulations.

Not only companies, but each of us as individuals is also expected to practice basic security measures in our daily internet use.

• Strengthen passwords and avoid reuse: Set long, complex, and hard-to-guess passwords, and use different passwords for each service.
• Enable multi-factor authentication (MFA): Add an extra layer of authentication, such as SMS or an authenticator app, on top of passwords to greatly reduce the risk of unauthorized logins.
• Update software: Promptly apply security patches that fix vulnerabilities in your OS and applications as soon as they are provided.
• Do not open suspicious emails or links: Make it a habit not to casually open attachments or URLs in unsolicited or suspicious emails.

Cybersecurity is not something that is “done” just by introducing a single product. It is an endless process of responding to constantly evolving threats and continuously protecting your company’s information assets.

Based on the basic knowledge introduced in this article, reviewing the current state of your company’s security measures and reinforcing weak areas is essential to sustaining corporate growth and maintaining trust. Start by correctly recognizing your own risks.

As explained in this article, cyber threats are diversifying, and companies must implement multilayered defenses. However, you may find it difficult to respond to all threats with limited personnel.

KDDI protects customers’ global businesses from threats with the latest security solutions. We offer comprehensive services that cover everything from networks to the cloud and endpoints. For details, please see the link below.