February 14, 2025  |  Purdue Global

Cybersecurity is a prominent field of study in today’s technology-driven world. But what is it, how does it work, and why is it so important?

To find out, we talked to Darryl Togashi, MBA, faculty member in the School of Business and Information Technology at Purdue Global. Read on to learn more about the different types of cybersecurity and the threats organizations are facing.

Defining Cybersecurity

Cybersecurity is “the art of protecting networks, devices, and data from unauthorized access or criminal use.”

Cybersecurity has become especially relevant, with attacks increasing in both frequency and severity. In Q2 2024, Check Point Research saw a 30% year-over-year increase in global cyberattacks, with organizations experiencing an average of 1,636 attacks per week. Overall, 2023 saw a 72% increase in data compromises compared to 2021, which held the previous record. Recent estimates also expect the global annual cost of damages resulting from cybercrime to reach $10.5 trillion in 2025.

>>Read More: Get a glimpse at the cybersecurity space in numbers.

Types of Cybersecurity

As the non-profit trade association CompTIA explains, the meaning of cybersecurity varies depending on the specific area of technology being discussed. Generally, this field includes the following categories:

Network Security

Network security safeguards an organization’s network infrastructure with firewalls, antivirus software, access control policies, and other specialized defenses. It has three goals:

  • Prevent unauthorized access to network resources
  • Identify and stop ongoing security breaches
  • Confirm that authorized users have secure access to the network resources they need

Network security operates on two levels. The first is the perimeter, where security measures focus on stopping threats from entering the network. But as these tactics sometimes fail, cybersecurity professionals also focus on resources inside the network. That way, even if cybercriminals gain unauthorized access, there are stopgaps in place to limit the damage.

Endpoint Security

Endpoint security is considered an organization’s primary defense against cybersecurity threats. It protects users and the devices they use to access the business network, such as desktops, laptops, mobile devices, servers, and more.

Endpoints are the top entry point hackers use to infiltrate enterprise networks, accounting for up to 90% of successful attacks and 70% of successful data breaches. There are many tools and technologies organizations use to fight these threats, including:

  • Antivirus software
  • Endpoint protection platforms
  • Endpoint detection and response systems

Cloud Security

As CompTIA states, cloud security involves cybersecurity measures that help protect against attacks on cloud applications and infrastructure. The term cloud refers to the process of gaining access to computing resources over the internet, outside of the protective barriers of local hardware.

This approach allows organizations to scale operations and hand over the responsibility of managing some of these resources to a third-party provider. However, businesses are still responsible for protecting the sensitive data and applications they entrust to the cloud.

Application Security

Application security involves identifying and addressing potential vulnerabilities in software applications at all stages of their lifecycle. From development to deployment and beyond, engineers and cybersecurity professionals look for bugs that could give rise to unauthorized access, misuse, or modification.

Of the many application security measures, a few notable examples include:

  • Application firewalls
  • Code reviews
  • Strong authentication mechanisms
  • Encryption techniques
  • Penetration testing

Information Security

Information security is “the protection of important information against unauthorized access, disclosure, use, alteration, or disruption.” It ensures sensitive data is accessible and kept confidential.

Notably, data security is a related but different term. As a subset of information security, it specifically refers to protecting digital information, whereas the umbrella term encompasses an organization’s holistic efforts to protect all types of information.

Mobile Security

This type of cybersecurity focuses on protecting mobile devices, such as laptops, tablets, and smartphones. Mobile security has become especially relevant now that such devices are more affordable, portable, and preferable to businesses and consumers.

As internet-enabled endpoints, they give users access to network resources at any time and place. In turn, organizations may implement several cybersecurity measures, including:

  • Enterprise mobility management: A collection of tools that help manage how mobile devices are used within the business.
  • Email security: Platforms that monitor email traffic to protect mobile devices from malicious software, phishing attacks, and more.
  • Virtual private networks: Encrypted intranets that extend security over a public network, allowing businesses to establish a secure connection with mobile devices.

Internet of Things (IoT) Security

The Internet of Things (IoT) is “a network of physical devices, vehicles, appliances, and other physical objects that are embedded with sensors, software, and network connectivity.” These modifications enable them to collect and share data. Such smart objects can include thermostats, wearables, industrial machinery, and more.

IoT security is about protecting these devices from unauthorized access and manipulation. Many are vulnerable to hacking and other threat vectors, which can compromise the privacy of sensitive data. Moreover, IoT devices generate enormous amounts of data, potentially overwhelming businesses if they’re unprepared to handle it.

Critical Infrastructure Security

In this context, critical infrastructure refers to the essential components an organization needs to remain operational. It focuses on protecting these important systems from cybersecurity threats to ensure business continuity and cyber resilience.

Zero Trust Security

Zero trust is a modern cybersecurity approach for multi-cloud environments. It differs from the traditional network perimeter approach by prioritizing cybersecurity measures for every connection between users, devices, applications, and more.

It advocates a “never trust, always verify” principle. That means it requires strong authentication for all users inside a network rather than granting implicit trust. As IBM explains, this model is important because traditional strategies are no longer sufficient for the complex and distributed networks most organizations use today.

In the past, users and devices inside the network were considered trustworthy and granted free access to internal resources. Now that cloud computing pushes them off premises, organizations are more vulnerable to attack. Thus, every connection request must be considered a potential threat and verified continuously.

Why Is Cybersecurity Important?

Cyberattacks can significantly impact national security, business performance, and personal well-being.

National Security and Critical Infrastructure

According to the Department of Homeland Security (DHS), increased internet connectivity has created an “ever-expanding attack surface” worldwide. As a result, cybersecurity is the “most active threat domain” and the most dynamic risk to national security.

The DHS explains that nation-states and their proxies often use cyber warfare to target critical infrastructure sectors. In this context, Cybersecurity and Infrastructure Security Agency (CISA) says critical infrastructure refers to the “assets, systems, and networks that provide functions necessary for our way of life.”

For example, here are three industries where Togashi says cybersecurity is indispensable:

  • Health care: This remains the most expensive industry for responding to and recovering from data breaches, a rank the sector has held since 2011. Even worse, successful attacks can put people in harm’s way, says Togashi. Not only does cybersecurity protect data privacy, it also ensures patient safety.
  • Financial services: The financial sector is particularly exposed to cyber risk given the amount of sensitive data it handles. A cyber incident could threaten economic stability by eroding confidence in the financial system and disrupting services. For example, “a severe incident at a financial institution could undermine trust and, in extreme cases, lead to market selloffs or runs on banks.”
  • Water: “The water and wastewater systems sector is increasingly vulnerable to cybersecurity threats, as evidenced by attacks on facilities such as the Arkansas City water treatment facility and the American Water cyberattack,” Togashi explains. “These incidents highlight the urgent need for robust cybersecurity measures to protect sensitive information and ensure the ongoing provision of critical services.”

Overall, Gartner reports that attacks on organizations in critical infrastructure sectors have risen from just 10 in 2013 to almost 400 in 2020 — a 3,900% increase. Togashi says that “a breach can have cascading effects” on the economy and national security because most critical sectors are interconnected, so an incident impacting one can quickly impact another.

>>Learn more about the 10 largest data breaches across all sectors.

Business and Legal Consequences

The Allianz Risk Barometer, a survey of more than 3,000 risk management experts, listed "cyber incidents" as the top global business risk in 2024 because of their ability to disrupt an organization. According to Togashi, insufficient cybersecurity can expose businesses to several negative impacts, including:

  • Financial loss: Togashi says the costs associated with rectifying a cyberattack’s damage can be significant. In fact, the average data breach costs $4.88 million, the highest total in the history of IBM’s annual report.
  • Reputational damage: A security breach can affect business credibility and brand value. Losing customer trust can lead to “decreased sales, customer churn, and difficulty in attracting new clients.” It may also negatively impact employee recruitment and retention.
  • Noncompliance: Failing to protect sensitive data can put organizations in legal jeopardy. In addition to penalties and fines, they may face lawsuits from affected customers, employees, or partners.
  • Loss of business continuity: “Cyberattacks have the power to disrupt business operations,” Togashi says. “With an inadequate incident response plan, the recovery process may be prolonged, resulting in further damage and downtime.”
  • Identity theft: On an individual level, a security breach can compromise people’s personal information, such as their Social Security number. This can put them at risk of fraud and identity theft.

Prioritizing cybersecurity can help individuals and businesses mitigate the risk of these potential consequences. In fact, advanced tactics — such as artificial intelligence (AI) and automation — can help organizations save $2.22 million on average.

Types of Cyber Threats

The world faces an ever-growing list of potential cybersecurity threats, each with a unique way of stealing information and causing damage. Below is a list of some of the more common threat vectors and how they operate:

Malware

Malware is short for “malicious software.” Malware includes any software code or program written to harm a computer system or its users. Today, with more than a billion different malware strains in existence, most cyberattacks involve some form of malicious software, such as:

  • Computer viruses: Malicious code that hijacks legitimate software to spread copies of itself
  • Botnets: A network of connected malware-infected devices under a hacker’s control
  • Worms: Self-replicating programs that spread between apps and devices without human interaction
  • Trojan horses: Programs that disguise themselves or hide in legitimate software to trick users into installing them
  • Spyware: Malicious software that hides on a computer to secretly gather sensitive data

Most malware infections try to conceal their actions to steal data and cause more damage. However, some — such as ransomware — make their presence known.

Ransomware

Ransomware is a form of malware that holds a victim’s data or computer system hostage until they pay a ransom to the attacker. If they don’t, the hacker often leaks the information to the public. Not only is it one of the most common types of malicious software, but it’s also one of the more expensive. On average, a ransomware attack causes $4.91 million in damage.

Togashi says ransomware is at the top of his list of cybersecurity threats. Recent ransomware trends have seen an increase in attacks, with many involving double and triple extortion. He’s also seen a rise in ransomware-as-a-service (RaaS), which IBM defines as when cybercriminals buy someone else’s malicious code to carry out an attack, splitting profits with the developer.

Phishing

A phishing attack is a form of social engineering that manipulates victims into specific actions. For example, phishing uses fraudulent emails, text messages, and other communications to trick potential victims into sharing personal data or login credentials, downloading malware, sending money, and more.

This tactic often involves a hacker pretending to be someone the victim trusts, such as a colleague or a well-known business. Because they believe the communication is legitimate, they do as the hacker says, falling into their trap.

There are also several types of phishing attacks:

  • Spear phishing attacks target a specific individual.
  • Whale phishing targets corporate executives and wealthy individuals.
  • SMS phishing uses fake text messages to trick targets into revealing sensitive information.

Man-in-the-Middle (MITM)

MITM attacks occur when cybercriminals steal “sensitive information by eavesdropping on communications between two online targets.” They place themselves between two parties, such as a user and a web application, to intercept credit card numbers, login credentials, and other data.

Typically, hackers exploit vulnerabilities in networks, web browsers, email accounts, user behaviors, and security protocols. These weaknesses allow them to insert themselves between users and trusted applications.

Denial-of-Service (DoS)

A DoS attack is when a hacker overwhelms the target with traffic or requests that consume resources. The goal is to disrupt target systems and take them offline, preventing users from accessing their services.

Similarly, a distributed denial-of-service (DDoS) attack occurs when a network of compromised devices is coordinated to carry out the threat. Each device sends illegitimate traffic to overwhelm the target system and render it unavailable. The main difference between a DoS and a DDoS attack is that the latter involves a higher volume of traffic.

Zero-Day Exploits

A zero-day attack is when a cybersecurity threat exploits an unknown or unaddressed security flaw in a computer software, hardware, or firmware. Hackers might take advantage of a vulnerability to inject malware, steal data, or carry out another form of attack.

Cybersecurity Challenges

According to Togashi, today’s organizations face several significant cybersecurity obstacles.

“Cyber threats keep changing, making it hard to keep up,” he explains. “Remote work introduces new security risks, and there aren’t enough skilled cybersecurity professionals.”

As the World Economic Forum (WEF) confirms, there’s an increasingly dire need for cybersecurity expertise. The WEF’s research indicates that the global talent shortage may reach 85 million workers by 2030.

Togashi also says that cloud computing and IoT devices add to the problem. “Despite these challenges, staying informed and vigilant can help organizations protect their data and systems,” he says.

>>Learn more about issues in cloud computing.

Your Professional Future in Cybersecurity

Are you interested in becoming a cybersecurity professional? If so, Togashi says the field is filled with potential.

“Cybersecurity is an incredible career because it offers many job opportunities,” he explains. “This field is essential for keeping information safe, and it constantly evolves, which means you’ll always be learning new things.”

To get started, he recommends studying cybersecurity and gaining experience — which you can do at Purdue Global.

Learn more about Purdue Global’s online IT and cybersecurity programs. Reach out today to request more information.

See Notes and Conditions below for important information.

About the Author

Purdue Global

Earn a degree you're proud of and employers respect at Purdue Global, Purdue's online university for working adults. Accredited and online, Purdue Global gives you the flexibility and support you need to come back and move your career forward. Choose from 175+ programs, all backed by the power of Purdue.

Filed in:

Information Technology Cybersecurity

Your Path to Success Begins Here

Learn more about online programs at Purdue Global and download our program guide.

Request Information
Most Popular Posts
History of Women in IT: 6 Female Pioneers in Computer Science
Cybersecurity by the Numbers [Infographic]
Top 10 Worst Data Breaches of All Time [Infographic]
What Can You Do with a Master of Science in Information Technology?

Your Path to Success Begins Here

Connect with an Advisor to explore program requirements, curriculum, credit for prior learning process, and financial aid options.

Connect with an AdvisorApply Online Today
NOTES AND CONDITIONS

Employment and Career Advancement: Purdue Global does not guarantee employment placement or career advancement. Actual outcomes vary by geographic area, previous work experience, and opportunities for employment. Additional training or certification may be required.

Views Expressed: The views expressed in this article are solely those of the faculty member/individual and do not represent the view of Purdue Global.