Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

In a computing context, the term security implies cybersecurity. According to a December 2010 analysis of U.S. spending plans, the federal government has allotted over $13 billion annually to cybersecurity over the next five years.

Ensuring cybersecurity requires coordinated efforts throughout an information system. Elements of cybersecurity include:

Application Security

Information Security

Network Security

Disaster Recovery/Business Continuity Planning

End-user Education

Application Security

Information Security

Network Security

End-user Education

Disaster Recovery/Business Continuity Planning

One of the most problematic elements of cybersecurity is the rapid and continuous evolving nature of threats. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and lower level threats unprotected. Such an approach is insufficient in the current environment.

To deal with the current environment, advisory organizations are promoting a more proactive and adaptive approach. The National Institute of Standards and Technology (NIST), for example, recently issued updated guidelines in its risk assessment framework that recommended a shift toward continuous monitoring and real-time assessments.