Cloud security
Cloud security addresses external and internal cyberthreats to an organization’s cloud-based infrastructure, applications and data. Cloud security operates on the shared responsibility model: Generally speaking, the cloud service provider (CSP) is responsible for securing the infrastructure with which it delivers cloud services, and the customer is responsible for securing whatever it runs on that infrastructure. However, details of that shared responsibility vary depending on the cloud service.
Endpoint security
Endpoint security protects end-users and endpoint devices, like desktops, laptops, cellphones and servers, against cyberattacks. Endpoint security also protects networks against cybercriminals who try to use endpoint devices to launch cyberattacks on their sensitive data and other assets.
Network security
Network security has three chief objectives: The first objective is to prevent unauthorized access to network resources. Second, it aims to detect and stop cyberattacks and security breaches in real-time. Third, it ensures that authorized users have secure access to the network resources they need when needed.
Application security
Application security refers to measures developers take while building an app. These steps address potential vulnerabilities, and protect customer data and their own code from being stolen, leaked or compromised.
Internet security
Internet security protects data and sensitive information transmitted, stored or processed by browsers or apps. Internet security involves a range of security practices and technologies that monitor incoming internet traffic for malware and other malicious content. Technologies in this area include authentication mechanisms, web gateways, encryption protocols and, most notably, firewalls.
IoT and OT security
Internet of Things (IoT) security focuses on preventing Internet-connected sensors and devices, for example doorbell cameras, smart appliances, modern automobiles. IoT aims to stop hackers from taking control of these devices. It also prevents hackers from using these devices to infiltrate an organization’s network. Operational technology (OT) security focuses more specifically on connected devices that monitor or control processes within a company—for example, sensors on an automated assembly line.