Security Operations Dashboard

What is Cyber Security?

Cyber security describes the policies, tools, and roles associated with defending computer systems and data from unauthorized access or disruption.

Throughout history, specific commodities have dominated economics. From salt and spices to silks and silver, each came to define the economies of their eras. Today, the world operates on a global system of currency exchanges. But behind those dollars and yen is another commodity that is currently changing how the world perceives value. That commodity is data.

In the digital era, the financial worth of data cannot be understated. Used properly, data empowers companies to better understand their customers and create personalized buyer experiences. Data analysis helps organizations and individuals predict coming trends, optimize their marketing strategies, and gain an advantage over competitors through the timely introduction of new products or services designed to address customer needs.

But with this value comes a downside. Cyber criminals seek to exploit vulnerabilities in digital systems to gain access to sensitive data for malicious purposes—and every organization and individual is a potential target. This is why protecting data through effective cyber security measures is critical.

Cyber threats are becoming ever-more sophisticated. And as our reliance on digital technologies grows, the potential risk associated with the loss or disruption of vital data expands as well.

At an individual level, a successful cyber attack can result in devastating consequences, ranging from identity theft to extortion attempts. Businesses are likewise extremely vulnerable, both in terms of experiencing a breach of valuable company and customer data, and from attacks designed to disrupt their operations. And as if that were not enough, many of the organizations the world depends most heavily on (such as power plants, hospitals, and financial service companies) rely on critical digital infrastructures—infrastructures that are under constant threat of cyber attack.

When used effectively, cyber security has the power to defend individuals and organizations against unauthorized data and system access that could lead to compromised identities, loss of intellectual property, disruption of essential services, and more. Companies that store customer data have an even greater responsibility to safeguard it against threat vectors of all kinds, and data-protection laws help ensure that organizations that fail to do so can be held accountable. As such, cyber security should be a priority for everyone.

Security Operations Analyst Report: Costs and Consequences of Gaps in Vulnerability Response

Costs and Consequences of Gaps in Vulnerability Response

Learn how organizations leverage automation to reduce response time to vulnerabilities, prioritize critical incidents, and increase IT effectiveness.

As cyber threats evolve, they also diversify. Today there are thousands of distinct kinds of threats targeting digital systems and users. Malware, ransomware, brute force attacks, SQL injections, advanced persistent threats (APTs), zero-day exploits, and various forms of social engineering attacks—each attempts to exploit a distinct set of vulnerabilities and open the way for threat actors to gain access. With such a range of possible dangers, cyber security must likewise branch out.

Today’s cyber security solutions can take many different forms, including:

Types of Cyber Security

Business continuity planning

Business continuity planning (BCP) is the process of creating a comprehensive strategy to ensure that an organization can maintain its critical business functions during and after a disruptive event, such as a cyber attack. By incorporating cyber security into BCP, organizations can identify potential cyber risks and develop plans to mitigate those risks to ensure business continuity. This includes implementing measures such as data backups, disaster recovery plans, incident response strategies, and ongoing employee training and awareness to ensure that the organization is prepared to respond to and recover from a cyber attack.

Cloud security

Although most cloud environments are more secure than on-premises systems, cloud security is still a necessity. Cyber security in the cloud includes encrypting cloud data at rest, in motion, and in use. Organizations can use a combination of encryption, access controls, data backup, and recovery measures to enhance cloud security and protect data and services based in the cloud.

Critical infrastructure security

For the critical services that help keep the world running, critical infrastructure security focuses on identifying and mitigating risks to power plants, water treatment facilities, transportation systems, etc. A cyber security breach in these areas can have severe consequences, which is why the National Institute of Standards and Technology (NIST) and the U.S. Department of Homeland Security (DHS) provides these organizations with frameworks and other resources designed to help them improve their security posture.

End-user education

In many cases, education is the best defense against a potential data breach. End-user education prioritizes teaching users to identify cyber threats and avoid performing those actions that put the organizations digital systems at risk. For example, this can include training users to delete suspicious email attachments, avoid using unknown or unauthorized devices on company networks, and use best practices when password-protecting their authorized devices. End-user education is critical in creating a culture of cyber security within an organization.

Information security

An extremely broad aspect of security, information security is actually an umbrella term that includes cyber security, but also extends to non-digital information. This can include personal data, financial data, intellectual property, and other confidential information. To help ensure that data controllers understand and adhere to their obligations in protecting sensitive data in all its forms, the EU created the General Data Protection Regulation (GDPR) as an important part of EU privacy and human rights law.

Network security

Network security focuses on protecting computer networks and network infrastructure from all forms of unauthorized access. Network security solutions constantly monitor traffic within the network, quickly identifying possible signs of intrusion and allowing security teams to respond to potential threats in real-time. Network security measures can include intrusion detection systems, firewalls, and antivirus software, as well as security policies and procedures that ensure that only authorized users can access the network.

Application security

Today's applications are connected and centralized; a compromised app can give a threat actor direct access to data and systems across multiple networks. Application security must be built into software during the design phase, and can consist of code reviews, penetration testing, and strong encryption.

Unfortunately, there is no shortage of threat actors ready to put even the most advanced cyber security posture to the test. These criminals often come from diverse backgrounds and motivations, including everything from common criminals interested in stealing and selling data, to hacktivists trying to effect social or political change through illegal data access, to unfriendly nation states attempting to further their country’s interests. And each of these actors may deploy multiple variations of cyber attacks. That said, most known cyber threats fall into one or more of the following categories:

Social engineering

One of the most common cyber threat categories is social engineering. This approach is essentially a digital con and involves manipulating authorized individuals into divulging sensitive information or performing other actions that benefit the attacker. Tactics include phishing, pretexting, and baiting.


Malware is another broad category of cyber threat that includes any form of malicious software, such as computer viruses, keyloggers, spyware, worms, and ransomware. The goal of the threat actor when using malware is to get the software installed and active in the target’s digital systems, often through phishing emails or malicious links. Once deployed these programs can then steal sensitive information, hijack systems, or hold data for ransom.

Zero-day exploits

Although a significant amount of testing and QC work goes into most software before it ever reaches the user, many applications still ship with unknown vulnerabilities. These zero-day exploits may be discovered and exploited by attackers to gain illegal access to systems and data.


A widely used form of social engineering, phishing involves tricking an individual within an organization into revealing their credentials or installing malware onto their system. As antivirus software evolves to address the threat or malware more effectively, phishing is becoming a greater threat to digital security.


A subset of malware, ransomware is designed to encrypt an organization's files and systems so that authorized users cannot gain access. The attacker then contacts the organization and demands payment in exchange for the decryption key. Refusal to pay the ransom can result in the attacker deleting data or sharing the company’s sensitive information online.

DDoS attack

A distributed denial-of-service (DDoS) attack floods an organization's central server with simultaneous data requests. Because servers can only handle a finite amount of traffic, these requests cause it to slow to a crawl, reduce its performance, or crash altogether. The motivation behind these attacks may be to hold the organization’s systems hostage, create disruption, or even to cause a distraction in preparation for other attacks.

Brute force attack

Sometimes it’s not about the quality of the attack; it’s about the quantity. A brute force attack uses automated software to repeatedly guess passwords until—through trial-and-error—the threat actor is successful in gaining access to sensitive data and systems.

SQL Injection

Even online forms and application queries may be compromised to give criminals backend privileges in the system. In an SQL injection, a hacker will input malicious code in response to a database query. This can result in access to sensitive data and the execution of unwanted commands within the operating system


Advanced persistent threats (APTs) are long-term, targeted attacks that are designed to remain undetected within a network for as long as possible. These attacks may deploy a range of approaches including malware, zero-day exploits, and social engineering. Once the attacker is inside the system, they may use various techniques (such as lateral movement, privilege escalation, and data exfiltration) to access sensitive information and maintain persistence while evading traditional security measures. Unchecked, APTs can cause sustained, long-term damage to an organization.
Man reading pricing on mobile device

Pricing for ServiceNow Security Operations

Get pricing for ServiceNow SecOps. Connect existing security tools to prioritize and remediate vulnerabilities and security incidents faster.

Few things are more valuable than data, and that means cybercriminals are constantly developing new and innovative ways to illegally access company and customer information resources. But that does not mean that today’s businesses need to be victims. ServiceNow, the leader in IT management, provides a comprehensive Security Operations (SecOps) solution that helps organizations create an effective, connected cyber security posture. With Security Operations, organizations can automate the process of detecting and responding to cyber security threats, reducing response times and minimizing the impact of incidents. And that’s only the beginning

Automate incident response and respond to threats immediately. Create and orchestrate response workflows, giving teams clear guidance on what steps to take in a suspected data breach. Identify, prioritize, and eliminate existing vulnerabilities within the network. Apply advanced analytics and reporting capabilities to create a completely transparent view. And through it all, provide a single source of truth for compliance management, so that everyone involved is up to speed on how to protect sensitive data while remaining in line with established regulations.

Create an effective and efficient cyber security posture for your business. Demo ServiceNow SecOps today, and take the “threat” out of today's most dangerous cyber threats.


Get started with SecOps

Loading spinner