Evolution of Cybersecurity
Cybersecurity emerged and evolved over the course of decades. The conflict between attackers and defenders drives the constant evolution of cybersecurity.
A cybercrime is a crime involving or targeting computers.
Regulations are sets of standards that define the responsibilities organizations have. Organizations are often legally obligated to follow regulations.
The specific regulations an organization must adhere to depend on the field or area the organization is a part of.
Some examples of regulations are:
- Computer Fraud and Abuse Act (CFAA)
- The Health Insurance Portability and Accountability Act (HIPPA)
- The Gramm-Leach-Bliley Act (GLBA)
- The Payment Card Industry Data Security Standards (PCI DSS)
Frameworks are optional sets of standards and best practices that organizations can use to improve their overall security.
The NIST Cybersecurity Framework is an example of this.
The NIST Framework consists of five main elements:
- Identify: Identify and understand threats and risks
- Protect: Protect the organization’s assets
- Detect: Detect incidents
- Respond: Respond to incidents
- Recover: Recover from incidents, evaluating how to prevent reoccurrence