As our personal and professional data is increasingly kept digitally, cybersecurity needs to evolve as well. From basic viruses and worms to the sophisticated threats of today, cyber security tools and strategies need to keep pace with hackers’ tactics.
With vulnerabilities being published regularly and attacks rapidly weaponising these flaws, cybersecurity has evolved to a board-level concern.
The 1990s
As computers became more reliant on networking and data, cybersecurity began to be taken more seriously. As a result, large companies made public pushes to improve the security of their products.
In the 1990s, viruses began to be a serious threat. This era also saw the creation of the first antivirus software. The Morris worm was one of the most damaging and widespread of these early nuisance attacks.
Toward the end of the decade, email started to explode in popularity and this provided new entry points for hackers. It was around this time that the Melissa virus exploded – it entered users’ computers via a Word document and then mailed itself to the first 50 people in their contacts list in Microsoft Outlook.
This era also marked the rise of the SOC (security operations center). These were all-hands-on control centers that allowed a team to monitor and stop security events at scale. Heuristic detection systems were also created as a way to handle the proliferation of attack variants.
The 2000s
Cyber security is a broad field that protects computer systems, software, data, and information from attacks. This includes worms, viruses, spyware, malware, unauthorized access, denial-of-service attacks, and many more. Cybersecurity professionals use tools such as firewalls, encryption, and authentication to identify malicious activity and prevent data breaches and hacking attacks.
The 1980s saw the emergence of home computers, which were affordable and accessible to the general public. This gave hackers the ability to explore computer systems on their own terms, and it also opened up new opportunities for criminal activity. Some of the earliest malware and computer viruses were created in this era, including the Morris worm and the Melissa virus.
Today, cybersecurity threats are more severe and frequent than ever. From ransomware to state-sponsored cyber attacks, the landscape is changing and businesses need to adapt in order to stay safe.
The 2010s
The 2010s saw the development of new cybersecurity approaches including endpoint detection and response (EDR) and extended detection and response (XDR). These technologies allow businesses to detect and respond to threats across their entire digital ecosystem.
Cyber attacks increased in both sophistication and volume. This era saw state-sponsored hacking, such as the Stuxnet worm that helped sabotage Iran’s nuclear program, along with attacks designed to steal personal information, cripple companies’ infrastructure or disrupt operations.
The Edward Snowden leaks in 2013 also raised awareness of the importance of cybersecurity, Snyder said. However, many state and local agencies continue to struggle with under-funding and legacy technology that leaves them vulnerable to attack. They need to adopt emerging best practices like zero trust authentication and technologies with security incorporated in their design, he added. They must also incorporate cybersecurity recovery into their emergency response planning, alongside terrorism and natural disaster plans, Gilligan says. This includes leveraging managed services providers that can help them detect, deflect and mitigate attacks.
The Future
As cyber threats evolve, so too must cybersecurity. No longer the domain of the IT geek in the backroom, security impacts everyone at an enterprise and has a broader view of every department as data moves to the cloud, mobile devices, and the internet-accessible “edge” (where it is in transit). It also intersects with other emerging technologies, such as artificial intelligence, machine learning and quantum computing, elevating the capabilities of attackers and defenders in a game of cat-and-mouse.
Large-scale attacks have become commonplace, from the crippling WannaCry and NotPetya ransomware outbreaks to massive breaches like Equifax and Yahoo that affected millions of people. Moreover, attackers are becoming increasingly organized with sophisticated capabilities, including the use of advanced tools to accelerate their attack life cycle from reconnaissance through exploitation. Security solutions that are based in the cloud and can be deployed quickly can help address this challenge.