Cybersecurity

Computer security, also known as cybersecurity or IT security, is about protecting computer systems, networks, and software from threats like data theft, unauthorized access, or damage.^[1][2]

An example of a physical security measure: a metal lock on the back of a computer to stop someone from accessing it.

As people rely on computer more, it has become important to protect the Internet and smart devices like smartphones and IoT devices. With information systems becoming more complex, securing them is a big challenge we face today, especially for areas like power grids, elections, and finance.^[3][4] While digital tools like passwords and encryption are key, traditional physical security, like locks, are still significant considerations. Cybersecurity is a broad field and doesn’t fully overlap with other types of security. It can be categorized into 3 areas:

• Database protection, which involves encryption, control, data backup, and regular access monitoring.
• Identity and Access Management (IAM) provides access to systems and data based on the level of trust and user rights.
• Threat detection and prevention includes antivirus software, firewalls and intrusion prevention systems (IPS).^[5]

Why Cybersecurity is Important

Prevention of Cyberattacks

Cybersecurity measures help prevent various attacks, including malware, ransomware, and phishing. These attacks can result in significant operational disruption,^[6] data loss, and financial damages. The global average cost of a single data breach reached USD 4.88 million in 2024, which is a 10% increase over the year before.^[7] This figure reflects direct financial losses and the long-term costs associated with incident response,^[8] legal liabilities, and reputational damage due to cyberattacks.^[9]

Protection of Data

Cybersecurity plays a critical role in safeguarding sensitive information, including personally identifiable information (PII),^[10] financial records, healthcare data, intellectual property, and business intelligence.^[11] These categories of data are frequently targeted in cyberattacks due to their value for identity theft, financial fraud,^[12] and other forms of exploitation. Unauthorized access^[13] to such data can result in significant individual harm and institutional reputational damage.

The scale of data exposure continues to grow annually. In 2024, it was reported that personal data belonging to over 1.7 billion individuals was compromised in various breaches.^[14] This widespread compromise shows that data breaches are becoming more serious and common, putting regular people at risk of identity theft, financial loss, and privacy violations. This highlights the fact that cybersecurity is essential not only for organizations but also for the protection of the general public. It plays a vital role in ensuring the security of individuals’ private information, safeguarding them from the rising threats associated with an increasingly interconnected digital environment.

Compliance and Regulatory Requirements

Various laws and regulations, such as the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the Federal Information Security Modernization Act (FISMA), mandate specific cybersecurity standards. Organizations must comply with these to avoid legal and financial penalties.