Introduction to Cyber Security

Person staying cyber secure

Cyber security refers to the body of technologies, processes and practices designed to protect networks, devices, programs and information from unauthorized access.

Cyber security is important because government and organizations collect, process, store and send information. Much of this information is sensitive, and unauthorized access or exposure could have negative consequences.

The most difficult challenge in cyber security is the rapidly evolving nature of security risks.

What is cyber security?

Cyber security describes the discipline dedicated to protecting information and the systems used to process or store it.

Cyber security encompasses the following elements:

What to do if you're a victim?

If you think that you may have been the victim of a cybercrime, you should take the following steps:

Best practices

Here are common cyber security best practices that you can adopt. Use them on all your devices – laptops, desktop computers, mobile phones, and smart devices. These best practices are easy to adopt and significantly reduce risk.

Best practices for managers

People managers have a critical role to play in cyber security. As a leader, you help ensure your team has the resources it needs to protect your organization’s information and assets.

Manager overlooking employees

Help your team prepare by:

  • Learning the indicators and signs of compromise and ensuring that your team is aware of them as well
  • Providing team members with training such as regular simulations so they can recognize social engineering attacks
  • Building rapport with the security personnel in your organization to ensure that you have open lines of communication and established trust
  • Empowering team members to question any communication that seems suspicious (even from senior leaders) and to hold off taking any requested action until the communication is confirmed as authentic
  • Identifying processes for reporting suspicious communication and determining the authenticity of suspicious communication
  • Listening to people who have concerns about suspicious communications and directing them to the appropriate authority
  • Supporting people should they mistakenly identify a legitimate email as a threat

You need to understand your information environment and any possible threats to this information.

You should regularly conduct a team security audit with a focus on:

  • Compliance with local security policies
  • Proper information handling
  • Team member security responsibilities
  • Adherence to policies and best practices
  • Regular security awareness activities

People manager checklist

  • Are all the information assets within your team appropriately identified with the correct sensitivity classification label?
  • Are your employees fully aware of their security responsibilities for the information they handle?
  • Do they know what needs to be protected and what doesn’t?
  • If you’re not sure, consult with your security official to better understand the team’s information environment, and provide your team with adequate guidance