La cyber securityalso known as computer security or information systems securityis the set of methods, techniques, practices and disciplines implemented to protect, defend and secure the digital environment against all forms of cyber threat. This constantly evolving discipline responds to the growing challenges of a hyper-connected world where the attack surface is constantly expanding.
π Protection perimeter
This digital environment includes :
- IT systems computers, servers, mobile devices, connected objects (IoT), embedded systems, cloud infrastructures, SCADA systems, etc.
- Computer networks Internet, corporate networks, local networks, wireless networks, VPNtelecommunications networks, satellite networks, etc.
- Digital data This includes personal, professional, financial, strategic and medical information, intellectual property, industrial secrets, structured and unstructured data, metadata, etc., whether stored, used, processed or transmitted.
- Software and applications computer programs, web applications, mobile applications, operating systems, firmware, middleware, databases, APIs, containers, microservices, etc.
- Critical digital infrastructures industrial control systems (energy, transport, water, etc.), telecommunications, online financial services, healthcare systems, national defence, electoral systems, etc.
- Users and processes human behaviour, organisational policies, digital supply chains, digital identities, etc.
π― Objectives
The main objective of cyber security is to guarantee what is now known as the DICPA model (extension of the CIA/CIAA triad) :
- Confidentiality Ensuring that only authorised persons have access to sensitive information. Prevent unauthorised disclosure of data via the encryptionaccess control, segmentation and anonymisation.
- Integrity Ensure that information is accurate, complete and reliable, and that it is not altered or modified in an unauthorised way. Protect against the corruption or malicious modification of data via hashing, digital signature and immutable logging mechanisms.
- Availability Ensure that systems and data are accessible and operational for authorised users when they need them. Preventing service interruptions and attacks that render systems unusable through redundancy, load balancing, backups and business continuity plans.
- Authenticity Verify the identity of users, devices and data. Ensure that the information really comes from the claimed source and that it has not been falsified via multifactor authentication mechanisms, digital certificates and biometrics.
- Proof/Non-repudiation The following are some of the most important elements of this system: guaranteeing that an action or transaction cannot be denied by its author, enabling traceability and legal responsibility to be established via audit logs, time stamps and electronic signatures.
- Auditability To enable the systematic and independent examination of information systems to verify their compliance with current standards and regulations.
π Practical applications
In more concrete terms, cybersecurity aims to :
- Protecting your personal information (passwords, biometric data, credit card numbers, photos, private communications, geolocation data, etc.) against theft, misuse, identity theft and unauthorised commercial exploitation.
- Protecting your computer and devices against virusmalicious software (malware), ransomware (ransomware), the Trojan horsesrootkits, hackers, attacks fromphishing (phishing) and all forms of exploitation of vulnerabilities.
- Ensure that the online services you use (websites, applications, banking services, social networks, e-commerce, etc.) are secure, reliable, compliant with regulations and function correctly without compromising your data.
- Protecting businesses and organisations against attacks that could paralyse their business, steal trade secrets, exfiltrate customer data, or damage their reputation and result in significant financial losses or legal action.
- Protecting essential infrastructure (hospitals, power stations, transport networks, water supply systems, etc.) against cyber attacks which could have serious consequences for national security, the economy and the well-being of the population.
- Preserving digital sovereignty States and their ability to protect their citizens against espionage, sabotage and influence operations carried out by malicious actors.
π Fields and methods
Cybersecurity encompasses many areas and actions:
Prevention and protection
- Proactive safety : Implementing measures to prevent cyber attacks before they happen
- Defence in depth Application of multiple layers of security (firewall new generation, solutions EDR/XDR, advanced antivirus, sandboxing)
- Vulnerability management : Analysis, prioritisation and correction of security vulnerabilities (scans, penetration tests, bug bounty)
- Hardening systems Secure configuration, principle of least privilege, elimination of non-essential services
- Safety by design Integrating safety considerations into system design (DevSecOps)
- Training and awareness-raising : Developing a culture of cybersecurity and vigilance among users
Detection and monitoring
- Continuous monitoring : Use of SOC (Security Operations Centers) and SIEM (Security Information and Event Management)
- Threat Hunting Proactive search for advanced and persistent threats (APT)
- Behavioural analysis Use of AI and machine learning to detect abnormal behaviour (UEBA)
- Honeypots and lures : Deployment of booby-trapped systems to attract and study attackers
- Threat monitoring : Gathering and analysing information on new threats and attack techniques (CTI)
Crisis response and management
- Incident management : Procedures for coordinated response to cyber attacks (CSIRT/CERT)
- Digital investigation : Analysis forensics to understand the nature and extent of an attack
- Containment and eradication : Limiting the spread of attacks and eliminating malware
- Crisis communication Managing internal and external communications during a major incident
- Cooperation with the authorities : Sharing information with national cyber security agencies
Recovery and resilience
- Continuity and recovery plans : Procedures for maintaining or restoring critical functions
- Backup and restore : Redundant and immutable data recovery systems
- Feedback Post-incident analysis to learn lessons and improve safety
- Continuous improvement : Regular review and adaptation of security strategies
- Cyber-resilience Ability to maintain essential activities despite cyber attacks
π Contemporary issues
Cybersecurity faces major challenges in the current context:
- Rapidly evolving threats growing sophistication of attacks, development of cybercrime-as-a-service
- Enlarged attack surface the proliferation of connected devices, massive adoption of the cloud and teleworking
- Skills shortage Global shortage of qualified cybersecurity professionals
- Geopolitical dimension The use of cyberspace as a battleground between states
- Regulatory compliance The proliferation of standards and regulations (RGPD, NIS 2, DORA, etc.)
- Balance between safety and usability The need to protect without hindering the user experience
- IT/OT convergence merging operational and IT technologies to create new risks
- Artificial intelligence Double-edged as a defence tool but also as a vector of attack
Cybersecurity is no longer just a technical issue, but a strategic, economic, legal and societal challenge that requires a global, collaborative approach from all players.
