Jump to content

Cybersecurity engineering

From Wikipedia, the free encyclopedia

Cybersecurity engineering is the practice of protecting information systems, networks, devices, and data from unauthorized access, disruption, modification, or destruction. It involves implementing measures to identify, protect against, detect, respond to, and recover from cyber threats in order to ensure the confidentiality, integrity, and availability of information (NIST, 2024).[1]

History

[edit]

In the 1970s, the introduction of the first public-key cryptosystems, such as the RSA algorithm, was a significant milestone, enabling secure communications between parties that did not share a previously established secret. During the 1980s, the expansion of local area networks (LANs) and the emergence of multi-user operating systems, such as UNIX, highlighted the need for more sophisticated access controls and system audits.[2]

In the 21st century, the field of cybersecurity engineering expanded to tackle sophisticated threats, including state-sponsored attacks, ransomware, and phishing. The integration of frameworks such as the NIST Cybersecurity Framework allowed for a more comprehensive approach that has included technical defense, prevention, response, and incident recovery.[3]

Principles

[edit]

Cybersecurity engineering principles support creating resilient systems capable of withstanding and responding to cyber threats, including:

  • Risk management: involves identifying, assessing, and prioritizing potential risks to inform security decisions. By understanding the likelihood and impact of various threats, organizations can allocate resources effectively, focusing on the most critical vulnerabilities.[4][5]
  • Defense in depth: advocates for a layered security approach, where multiple security measures are implemented at different levels of an organization. By using overlapping controls—such as firewalls, intrusion detection systems, and access controls—an organization can better protect itself against diverse threats.[6]
  • Secure by design: prioritizes building product features that reduce risk, such as requiring multi-factor authentication by default, eliminating default passwords, and providing security-related logging at no additional charge to customers.[7]
  • Secure coding: emphasizes the importance of removing potential vulnerabilities during the development phase.[8] Techniques such as input validation, proper error handling, and the use of secure libraries help minimize vulnerabilities, thereby reducing the risk of exploitation in production environments.[9]

Areas of focus

[edit]

Cybersecurity engineering works on several key areas. They start with secure architecture, designing systems and networks that integrate robust security features from the ground up. This proactive approach helps mitigate risks associated with cyber threats. During the design phase, engineers engage in threat modeling to identify potential vulnerabilities and threats, allowing them to develop effective countermeasures tailored to the specific environment. This forward-thinking strategy ensures that security is embedded within the infrastructure rather than bolted on as an afterthought.[10][11]

Moreover, cybersecurity engineers ensure that systems comply with regulatory and industry standards, such as ISO 27001 and NIST guidelines. Compliance is vital not only for legal adherence but also for establishing a framework of best practices that enhance the overall security posture.[12][13]

References

[edit]
  1. "Cybersecurity Framework". NIST. 2013-11-12.
  2. "The history of cybersecurity pt. 2: 1960s". Percepticon. 2023-12-20. Retrieved 2024-10-14.
  3. "The 21st-century evolution of cyber security". ICAEW. Retrieved 2024-10-14.
  4. "Risk Management". Cybersecurity and Infrastructure Security Agency CISA. Retrieved 2024-10-14.
  5. "What is Cyber Risk Management?". IBM. 2023-05-25. Retrieved 2024-10-14.
  6. "defense-in-depth - Glossary". NIST CSRC. Retrieved 2024-10-14.
  7. "Secure-by-Design - Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software". U.S. CISA. 2023-10-25. Retrieved 2026-05-04.
  8. Nidiffer, Kenneth; Woody, Carol; Chick, Timothy A. (2018-12-14). "Program Manager's Guidebook for Software Assurance". Carnegie Mellon University Software Engineering Institute. p. 34. Retrieved 2026-05-04.
  9. "OWASP Secure Coding Practices - Quick Reference Guide". OWASP Foundation. Retrieved 2026-05-04.
  10. "security architecture - Glossary". CSRC NIST. Retrieved 2024-10-14.
  11. "What Is Security Architecture?". Palo Alto Networks. Retrieved 2024-10-14.
  12. Kosutic, Dejan. "What is ISO 27001? An easy-to-understand explanation". Retrieved 2024-10-14.
  13. "Understanding the NIST cybersecurity framework". Federal Trade Commission. 2018-10-05. Retrieved 2024-10-14.