What is

Simply put, cybersecurity is the work of defending computer systems and the data they process from harm. This includes harm from physical damage, to malware infection, to accidental deletion by a user, and many more threats.

The key distinction between a cybersecurity expert and any other technology expert is a strict adherence to ethics, familiarity with regulations, and continuous exposure to emerging trends in the industry.

More immediately, cybersecurity is the word that fills offices of regulators like the SEC and FCC. Federal regulators are beginning to acknowledge that organizations of any size can leverage computers to collect, share, store, or use their customers' and business partners' information with data points in the millions or billions. Financial, health, proprietary, and personally identifiable information are in the eye of consumers, businesses, and regulators alike for the sheer likelihood that they will be exposed to the public one day by either misconfiguration or cyberattack. Cybersecurity is the only solution, in the effort to prevent such potential disasters before they happen.

In light of the sensitivity of the data in their purview, the single most important quality in a cybersecurity expert is ethics. Without it, no other capability or talent can meet the standard for effectiveness and trustworthiness necessary to make a positive impact for an organization. Technical know-how is only one component of this broad field, which also encompasses conventionally non-technical concepts, such as human behavior, social norms, and to some degree, cognitive bias.

Cybersecurity is an applied science that is still emerging as a very new member of the STEM (Science, Technology, Engineering, and Mathematics) community. The principles of cybersecurity are simple in theory but complex in practice, as not only must one consider the properties of the machine those principles are applied to, but also the user of that machine’s behavior through it, and the means by which that machine is accessed, and much more.

Cybersecurity is not the classical image of the "moat around the castle". For one, that the idea of a "moat", such as a network boundary doesn't really exist in a modern computing environment that features Software as a Service (SaaS) and web applications; but more importantly that effective cybersecurity must persist in all uses of all devices, otherwise security is more illusion than reality.