Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.
Ensuring cybersecurity requires coordinated efforts throughout an information system. Elements of cybersecurity include:
- Application security
- Information security
- Network security
- Disaster recovery/business continuity planning
- Operational security
- End-user education
One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected against. Such an approach is insufficient in the current environment.
To deal with the current environment, QSACK is promoting a more proactive and adaptive approach.
- Risk Management Framework Integration
- Computer Network Defense
- Identity Management & Privileged User Access
- Security Policy and Procedures
- Systems Security