Cyber security is the practice of defending computers and servers, mobile devices, electronic systems, networks and data from malicious attacks. It is also known as information technology security or electronic information security. The term is broad-ranging and applies to everything from computer security to disaster recovery and end-user education.

The US government spends $13 billion per year on cyber-security, but warns that cyber-attacks continue to evolve at a rapid pace. To combat the proliferation of malicious code and aid in early detection, the National Institute of Standards and Technology (NIST) recommends continuous, real-time monitoring of all electronic resources.

The threats countered by cyber-security are three-fold: Cybercrime, which includes single actors or groups targeting systems for financial gain; Cyberwar, which often involves information gathering and is politically motivated; and Cyberterror, which is intended to undermine electronic systems and cause panic or fear. Common methods used by attackers to control computers or networks include viruses, worms, spyware and Trojans. Viruses and worms can self-replicate and damage files or systems, while spyware and Trojans are often used for surreptitious data collection. The average user typically comes in contact with malicious code via an unsolicited email attachment or by downloading programs that look legitimate, but in fact carry a malware payload.

End User Protection

So how does cyber security measures protect users and systems?

First, cyber security relies on cryptographic protocols used to encrypt emails, files and other critical data. This not only protects information that is transmitted but also guards against loss or theft. In addition, end user security software scans computers for pieces of malicious code, quarantines this code and then removes it from the machine. In more extreme cases — such as a boot sector infection — these systems are able to completely wipe a computer.

Electronic security protocols also focus on malware detection — ideally in real time. Many use what's known as "heuristic analysis" to evaluate the behavior of a program in addition to its code, helping to defend against viruses or Trojans that can change their shape with each execution (polymorphic and metamorphic malware). By allowing potentially malicious programs to execute in a virtual bubble separate from a user's network, security programs can analyze any action taken and increase their knowledge of malicious code behavior.

Cyber-security is an evolving discipline focused on providing the best protection for electronic systems in the face of evolving threats.