A 5 minutes read.
Written on May 20, 2024.

Where did cybersecurity come from?

Cyber loosely refers to the virtual space created by computers and computer networks. When you play a game online, that is a cyber game. Cybercrime happens when criminals use the "cyber" space to conduct illegal activities in a particular jurisdiction. When it is possible to commit a crime in the cyber space, the natural question is how can we secure the cyber space so that unwanted activities do not occur. In this sense, cybersecurity is a broad term that is associated with protection of individuals against cybercrime. Thus, cybersecurity may sound like a field more related to law, but the reality is that cybersecurity has little to do with law. Try searching the word cybersecurity in Britannica and you will find out that the actual article written for cybersecurity is titled computer security, meaning that cybersecurity is nothing more than what we already know about computer security.

So what is computer security?

Computer security, as defined by Britannica, is "the protection of computer systems and information from harm, theft, and unauthorized use." The definition indicates the protection of computer systems, which is the central component in which the crime (attack) can occur and requires active and solid protection against known and possibly unknown attacks. The problem is not new to computers. Computer security is a problem that inherits a lot of its characteristics from data protection and privacy.

Humans have ever wanted to protect their privacy. They use a variety of methods so that data is only transmitted to those they choose to. For example, you refrain from telling your friend about an important secret. But, the problem does not stop there. You may want to communicate with your friend remotely. In the old times, people used basic postal systems to send and receive written messages. These messages could be intercepted and read by their enemies or rivals, causing problems and undermining their interests. To protect the privacy of written messages, the idea of cryptography came to life. The Arab philosopher, al-Kindi was one of the pioneers that developed methods to encrypt messages, transforming them to formats that are unreadable unless by the recipient (which has a prior arrangement with the sender). Cryptography developed far beyond its original roots and became a sophisticated field that led to critical ideas that empower the Internet's security today.

How does computer security relate to data protection?

Computer security aims to provide three pillars, integrity, confidentiality, and availability (the definitions of these are all over the Internet). In computer security, we study ways to verify computer program so that they are not hijacked by attackers to conduct unwanted activities. We also provide protocols that secure the communications over computer networks. We study methods for protecting data on cloud-based services. There is a highly active area of research around trustworthy AI, which aims to provide safety and security to critical and highly automated artificial intelligence systems (such as autonomous machines or robotic surgeons). These are a

The relationship with data protection is clear. Computer security's primary goal is to maintain privacy of data and thus individuals. Without securing the systems or providing safety to AI systems, one cannot keep their data private. Some of the problems such as network security have direct implications on data privacy. You simply do not want to share your messages with everyone on the Internet. However, securing an operating system leads to improved integrity of user applications, which reduces remote attacks, resulting in better protection of user data in applications.

How big is the cybersecurity problem?

There are numerous security threat reports indicating that cybersecurity is a severe and immediate problem facing global systems. For example, Microsoft digital defense report states that 4,000 identity attacks are blocked by Microsoft per second. According to the report, attackers are increasingly using cybercrime-as-a-service (or other variations such as ransomware-as-a-service) to conduct identity or DDoS attacks at scale. The existence of cybercrime-as-a-service shows that cybersecurity has become an important and persistent business for cybercriminal, further complicating the problem of combating them. Ransomware are particularly successful on unmanaged devices. An unmanaged device is one like an IoT machine. These machines are built to be easily operated with minimal user intervention, leaving them exposed to remote attacks by users.

Conclusion

We can go on and write much longer articles about the state of cybersecurity and why is it important. This blog post particularly aims to dig a little deep into the actual problems that we deal with in the field so that the reader understand the implications of the word and why encouraging young students to study and work in this field is critical to any economy.

Note: there is also a good article by IBM regarding cybersecurity.

Image credit: GPT-4o.