What is Cybersecurity? An introductory guide

(To Alessandro Rugolo)

We hear more and more often about cybersecurity, but how many are able to say what it's really about?

Let's try to understand it together.

It seems trivial but giving a definition is as indispensable as it is complex. If we do a quick online investigation, perhaps asking a search engine for help, we find many definitions of cybersecurity and not always very clear.

To avoid gross errors it is always advisable to look for official or authoritative sources.

Among the official ones we can certainly rely on some institutions, among these:

- ENISA (European Union Agency For Network And Information Security);

- NIST (National Institute of Standards and Technology - USA Agency);

- Italian legislation: Decree n. 82 of 82 June 14, establishing the ACN (National Cybersecurity Agency).

Among the most authoritative institutions on the subject of cybersecurity I always put the big companies that deal with cybersecurity: CISCO, CrowdStrike, Kaspersky and so on...

So let's get to the definitions.

According to NIST (Special Publication 800-39) with the term cybersecurity means: "The ability to protect or defend the use of cyberspace from cyber attacks".

According to Italian legislation, the term cybersecurity means: "set of activities necessary to protect networks, information systems, IT services and electronic communications from cyber threats, ensuring their availability, confidentiality and integrity, and also guaranteeing their resilience".

According to CISCO, with cybersecurity means: "the practice of protecting systems, networks and programs from digital attacks. These cyber attacks are usually aimed at accessing, transforming or destroying sensitive information, as well as extorting money from users or interrupting normal processes corporate".

According to Kaspersky, cybersecurity means: "the set of actions aimed at defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks. It is also known as computer security or electronic information security".

As announced, as many definitions as there are interlocutors consulted. And if we expand the search to dictionaries we will realize that things are not simplified at all. This is the reality, it is worth taking note of it and referring to one definition or the other from time to time, depending on the context or the purpose to be achieved. 

However, I hope that it is now clearer what is meant by cybersecurity. If it isn't yet, I invite you to take a look at the ENISA paper in which the term is analyzed according to the main standards... but without being able to reach a common definition.

This simple search introduces us to a world full of terms that are also not always clear: "cyberspace, cyber threats, confidentiality, resilience...". We'll see them in the next episodes!

- https://www.cisco.com/c/it_it/products/security/what-is-cybersecurity.html 

- https://www.kaspersky.it/resource-center/definitions/what-is-cyber-security