For businesses that employ cloud service providers like Amazon Web Services, Google, Azure, Rackspace, etc., cloud security is concerned with developing safe cloud systems and applications.
Data security and identity management
This subdomain covers the procedures, protocols, and mechanisms that let the authorisation and authentication of authorised users to access the information systems of an organisation. These procedures entail putting in place strong information storage systems that protect the data while it is in transit or stored on a server or computer. Additionally, this sub-domain employs two-factor or multi-factor authentication techniques more frequently.
Mobile Protection
As more people rely on mobile devices, mobile security is becoming increasingly important. This subdomain guards against dangers including unauthorised access, device loss or theft, malware, viruses, and more for both organisational and individual data kept on portable devices like tablets, smartphones, and laptops. Mobile security also makes use of authentication and training to strengthen security.
Network Protection
Hardware and software defences against disruptions, unauthorised access, and other abuses are referred to as network security. Effective network security guards against a variety of dangers coming from both inside and outside the company.
Planning for business continuity and disaster recovery
Threats do not always come from people. The processes, alerts, monitoring, and plans covered by the DR BC subdomain are meant to assist organisations in getting ready to keep their business-critical systems operational throughout and after any incident (massive power outages, fires, natural disasters), as well as to resume and recover lost operations and systems in the aftermath of the incident.
User Instruction
Staff awareness of cyber dangers is an important piece of the cyber security puzzle since knowledge is power. It is essential to provide corporate workers with training in the principles of computer security in order to increase understanding of organisational procedures and policies, best practises for the industry, and methods for monitoring and reporting hostile activity. Classes, programmes, and certifications relating to cyber security are covered in this subdomain.