The US government spends $13 billion per year on cyber-security, but warns that cyber-attacks continue to evolve at a rapid pace. To combat the proliferation of malicious code and aid in early detection, the National Institute of Standards and Technology (NIST) recommends continuous, real-time monitoring of all electronic resources.
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.
Implementing effective National Institute of Standards and Technology is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.
The average user typically comes in contact with malicious code via an unsolicited email attachment or by downloading programs that look legitimate, but in fact carry a malware payload.
The threats countered by cyber-security are:
Cybercrime , which includes single actors or groups targeting systems for financial gain.
Cyberwar, often involves information gathering and is politically motivated.
Cyberterror is intended to undermine electronic systems and cause panic or fear.
Common methods used by attackers to control computers or networks include viruses, worms, spyware and Trojans.
Viruses and worms can self-replicate and damage files or systems, while spyware and Trojans are often used for surreptitious data collection.