What Is Cybersecurity? Definition + Industry Guide

Written by Coursera Staff • Updated on

Find out what cybersecurity is and how you can start a career in this field.

[Featured Image]:  IT Security Analyst working on a cybersecurity plan for the organization.

Technology is a significant part of our lives. Many of us rely on it daily for everything from entertainment to banking. As a result, we often store sensitive information on our desktop and mobile devices, like credit card information, addresses, phone numbers, passwords, and personal data. Cybersecurity is the branch of technology that aims to protect those devices and information from malicious actors who want to gain unauthorized access to them or cause harm. 

What is cybersecurity?

Cybersecurity protects data, devices, and networks from attackers, criminals, and anyone harming a system. Any software that contains sensitive information, such as medical records or financial information, must be equipped to handle cyber attacks to avoid theft or corruption. Having inadequate security measures in place could expose your devices and data to harmful threats like malicious software.

Why is cybersecurity important?

Vulnerabilities (flaws or weaknesses) in software, firmware, or hardware expose systems to cyber attacks. Accordingly, cybersecurity measures are critical to the value and quality of a system. If attackers gain unauthorized access to a weak system with sensitive data, they can steal and sell your info, which leads to fraudulent purchases and activity. 

These vulnerabilities may arise from programming inefficiencies or misuse of hardware. There should be layers of security as a safety net to safeguard information and systems should one of the other security measures fail. That way, not one singular vulnerability can make the entire system unreliable.

Read more: Cybersecurity Frequently Asked Questions (FAQ)

Types of cybersecurity

Just as various types of cyber threats exist, so do ways to protect against them. The following sections provide a brief overview of several subcategories of cybersecurity.

Application security

App security is the creation of security features for apps to prevent cyber attacks and account for any exploitable vulnerabilities in the software. Application security is crucial to the reliability and functionality of the software.

Cloud security

Cloud security is a segment of IT that deals with handling risks and problems with a cloud-based network. It also entails finding and implementing solutions, mostly wirelessly. Cloud security specialists assist the needs of the cloud in terms of memory, security, and any possible vulnerabilities that need patching.

Critical infrastructure security

Critical infrastructure security is technological security typically used by the public to protect assets, systems, and networks that belong to a community, city, or country. This sector of cybersecurity focuses on the defense of municipal and government-owned infrastructure.

Information security (InfoSec)

Information security is about securing information and preventing fraudulent access and interception of personal details. Information security primarily focuses on the protection of sensitive data and information. Information security specialists will determine where the valuable data is stored and develop safeguards to protect that info from being modified or accessed. Information security deals with confidentiality, integrity, and availability, which determine the quality of a system that manages or holds information.

Read more: What is InfoSec? Definition + Career Guide

Network security

Network security defends the reliability and security of a company’s infrastructure. Network security focuses on network integrity to ensure systems are secure enough to prevent malicious actors from infiltrating them via the internet. 

Common cyber threats

Often, those who attack information systems are motivated by the potential for monetary gain. However, some bad actors attempt to steal or destroy data for political reasons, as an insider threat to the company they work for, to boost the interests of their country, or simply for notoriety. The attack vector (or, method of cyber attack) varies. The list below contains five common attack strategies:

  • Password attacks: Password cracking is one of the most widespread methods for fraudulently gaining system access. Attackers use various tactics to steal passwords to access personal information or sensitive data. Password crackers sometimes use brute force attacks. In other words, they guess every possible password until there's a match. They may also use dictionary attacks, where a program tries many common passwords for them to find a match, among other more complicated algorithms.

  • Phishing scams: Phishing attacks are one of the most persistent threats to personal systems. This practice involves sending mass emails disguised as being from legitimate sources to a list of users. These emails contain malicious links that, when clicked, can install malware and allow illegitimate access to personal information. These attacks can also take place on websites, social media, or over the phone (also known as vishing).

  • DOS attacks: DOS stands for denial-of-service attack. This cyber attack occurs when software or a group of devices attempt to overload a system so it cannot operate properly and serve its purpose.

  • Man-in-the-middle attacks: A man-in-the-middle attack occurs when an attacker exploits security vulnerabilities in a network to insert themselves into a two-machine interaction. They then monitor the IP packets being sent back and forth. In this way, they can intercept valuable information.

  • Malware: Malware attacks consist of software that was designed to exploit a system or act maliciously against a user or institution. Many different types of malware attacks exist, for example, viruses, trojans, worms, ransomware attacks, and spyware. Almost all of these types of software deploy themselves and use system vulnerabilities to infect other machines and capture specific data or simply disrupt or damage a device.

You can read more quick definitions of cybersecurity terms in our Cybersecurity Terms Glossary

Read more: 5 Cybersecurity Threats to Know

Cybersecurity careers

Cybersecurity professionals use their technological skills to assess systems, patch weaknesses, and build secure systems for their clients. Demand for cybersecurity professionals is at an all-time high, and this growth is projected to increase over the next few years. The US Bureau of Labor Statistics (BLS) expects the need for cybersecurity specialists to grow by 32 percent between 2022 and 2032 [1].

That figure is much higher than the 3 percent growth average projected for all occupations. This demand is due mainly to the growing frequency of cyberattacks and the continual development of sophisticated software. The BLS projects an average of 16,800 job openings per year in cybersecurity.

Read more: 10 Cybersecurity Jobs: Entry-Level and Beyond

Keep learning about cybersecurity with Coursera

Start building job-ready skills in cybersecurity with the Google Cybersecurity Professional Certificate on Coursera. Get hands-on experience with industry tools and examine real-world case studies, all at your own pace. Upon completion, you’ll have a certificate for your resume and be prepared to explore job titles like security analyst, SOC (security operations center) analyst, and more.

Article sources

  1. US Bureau of Labor Statistics. "Information Security Analysts, https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-6." Accessed September 27, 2023.

Keep reading

Updated on
Written by:

Editorial Team

Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.