Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


What, exactly, is cybersecurity? And why does it matter?

Cyberattacks steal data and cause millions in economic costs. Learn what cybersecurity professionals do and how to protect your data with our guide.
Written by Nate Delesline III, Staff Writer and  Genevieve Carlton, Contributor
A bearded professional types on a tablet. Programming and cybersecurity-related symbols float in the foreground.
By everything possible -- Shutterstock

Cybersecurity focuses on protecting electronic information on websites, networks, or devices from hackers. Through advanced technology and sophisticated processes, cybersecurity professionals help keep data safe and accessible.

Individuals and businesses alike face cybersecurity threats. In addition, businesses need protection from unauthorized data access — both from inside and outside the organization. Strong cybersecurity reduces the chances that a cyberattack will affect business operations.

Cybersecurity also has political implications. The US Department of Homeland Security designated election infrastructure as "critical" in 2017. This infrastructure includes voter registration databases and the digital technologies used to count, display, and confirm voting results — some of America's most sensitive data. 

And cybersecurity can also affect public safety and health. In one case, hackers attempted to poison the municipal water supplies of cities in Florida and California. The hackers gained access to the technology platforms controlling the water systems. Luckily, officials caught the hacks before anyone got sick. 

Individuals can take simple steps to maintain their cybersecurity, like using a password manager app. But businesses typically require more sophisticated, proactive cybersecurity strategies. 

As a result, the number of people responsible for handling a company's cybersecurity depends on an organization's resources and operational needs. A company might have a large cybersecurity team or just one person with multiple digital duties.

Is cybersecurity considered an IT job?

People who work in cybersecurity often work closely with other IT professionals, like network administrators or in various roles. For this reason, experts and those within the industry often group cybersecurity jobs within the broader sector of IT. 

Despite the need to work together with other technology professionals, cybersecurity employees tend to focus on different issues than IT workers. These issues include preventing and analyzing data security incidents and developing and enforcing security standards to protect digital information.

In most cases, cybersecurity is considered an IT job. However, cybersecurity jobs usually focus on protecting digital information. 

More on the next big challenges in tech security

Some organizations may title these individuals "cybersecurity specialist" or "cybersecurity manager." Related cybersecurity job titles include cybersecurity engineer or cybersecurity administrator. 

5 reasons why cybersecurity is important

Millions of Americans share personal information on the internet every day -- whether while working remotely, making online purchases, or completing financial transactions. That makes cybersecurity more important than ever. 

1. Cybercrimes are rising

In an increasingly digitized and connected world, cybercrime can cause major disruptions. As more workplaces moved to remote work in 2020, the number of cyberattacks skyrocketed. One study found a 400% increase in cybercrime in 2019-2020. 

In addition to a growing number of cybercrimes, the types of attacks have grown. Malware, phishing, and DDoS attacks can take down major corporations and risk the private data of millions of people. 

2. Your data is valuable

Cyberattacks target both individuals and systems. These cybercriminals seek out private data, including financial information. That data is valuable. Stealing someone's Social Security number, for example, makes it easy to take out credit cards in their name and run up debt. So does targeting dates of birth, credit card information, and addresses.

3. Cybercrimes result in economic costs

The economic cost of cybercrimes is staggering. According to one estimate, cyberattacks cost the global economy $1 trillion every year. 

Ransomware attacks can bankrupt companies, disrupt financial markets, and tank people's personal finances. The cost of cybercrimes makes it even more important to implement security systems and increase internet safety.

4. Your devices could be exploited

Every day, hackers come up with new ways to break into systems and exploit devices. Take cryptojacking, for example. Hackers use a target's devices to mine cryptocurrency for the hacker. Add that to a long list of cybercrimes like proxy phishing, password attacks, and malware.

5. Cyberattacks pose real-life threats

Cybercrime might seem like a distant problem that only affects a small number of people. But cyberattacks don't only target information security. They can also compromise infrastructure, which threatens health and safety. 

In late 2020, for example, ransomware attacks targeted U.S. hospitals. These attacks tried to steal data to force hospitals to pay a ransom. And hospitals aren't the only target. Schools, law enforcement agencies, and governments have all been the victims of cyberattacks.

How to protect yourself against hackers and cyberattacks

You can take several simple steps right now to protect your data from hackers and prevent cyberattacks. Here are the best ways to make your data safer. 

Follow password best practices

A strong password keeps hackers from breaching your accounts. Instead of reusing the same password on multiple platforms, create unique, complex passwords, particularly for sites that store private data or credit card information. 

Worried about keeping all those passwords straight? Consider getting a password manager so you'll never forget your password again.

Change your password after a breach

Take a look at current events and there's a good chance you'll hear about a data breach. 

After a breach, you should change your password — but recent research shows that few people actually update their passwords. That leaves your data vulnerable to a cyberattack. The site Have I Been Pwned lets users check whether their accounts may have been compromised.

Learn to spot phishing attempts

Every email inbox receives spam emails. Most of us know not to open emails from Nigerian princes. But every day, people click on phishing emails claiming to offer prizes or asking customers to "verify" details. These phishing attempts trick people into giving up their own personal info. 

Make sure you understand common phishing red flags to dodge cyberattacks. 

Install antivirus software

Installing antivirus software on your devices — including cell phones — helps protect your data against malware, viruses, and other cyberattacks.

These software programs secure your passwords, block malware, and protect financial data during online transactions. 

Major providers include Norton Antivirus, McAfee Total Protection, and Kaspersky Total Security. 

Before installing or downloading antivirus software, consider your needs and find the right provider to protect your internet safety. 

In conclusion

Cybersecurity matters for everyone, even people who don't think they use technology directly. Nearly every aspect of modern life involves sharing digital information. 

That's why, no matter the industry, cybersecurity is essential. Cybersecurity professionals work to keep personal and business information safe from current — and future — threats.

What cyber threats should we look out for?

The most common cyber attacks to look out for are:





A common cyberattack to steal sensitive data like credit card information or passwords. Think of it as fishing for information. The attacker impersonates a trustworthy source via email and asks the recipient to reveal private information.

Phishing preys on ignorance. The best way to prevent it is to educate your employees. Familiarize them with what genuine corporate communications look like compared to fake external sources impersonating them. If something seems off, it's because it likely is.


As the name suggests, malware is a malicious program that harms your computer and often steals data. 

Always keep your computer and software updated, but even that's not enough to prevent malware

Be careful where you click. Links and downloads can be dangerous. Don't blindly trust pop-ups or external sources. Lastly, learn about common types of malware. 

For more detailed information, here are some helpful tips and definitions from Google.


A harmful software that locks down your computer or blocks certain files. The attacker demands a ransom fee to remove these blockages, but paying them won't always fix the damages.

Prevention is key, as ransomware attacks can be vicious. Getting reputable security software and becoming savvier about cyber threats can save your data from being held hostage. 

Stay away from fraudulent sites, suspicious downloads, and junk emails.

Social engineering

A cyberattack using psychological manipulation to convince users to give away private data. 

Perpetrators use tactics including spamming false alarms with harmful solutions (eg., "Your computer has a virus; download this to fix it!") and baiting the user with appealing ads leading to malicious sites.

Most social engineering attacks can be prevented by common sense. If it's too good to be true, it's likely dangerous. It's unlikely that you've won a large prize out of the blue.

Always check your sources and avoid downloading suspicious files, particularly .exes.

Lastly, customizing your spam filter is a great way of stopping dangerous emails from ever reaching your inbox. 

Less-common but still dangerous attacks include:




DDoS attacks

Distributed denial-of-service (DDoS) attacks the normal flow of web traffic. Hacked computer systems can send a surge in traffic to particular websites to slow them significantly or prevent legitimate users from accessing them.

AWS recommends reducing attack surface area, planning for scale, knowing your traffic, and deploying firewalls. 

If you have an unexplained surge of traffic on a rarely-visited page, there's a good chance that it is abnormal traffic. 

For more detailed information, check out our extensive guide on DDoS attacks


An advanced persistent threat steals data over time rather than causing noticeable harm. 

This threat involves an attacker sneaking into your server and gleaning information over time. The longer they go undetected, the more destructive they can be 

As with most cyberattacks, the best way to treat an APT is to prevent it. Using firewalls and up-to-date antivirus programs are great ways to stop APTs. 

If you're unsure if a program is trustworthy, you can create a sandbox environment to run it risk-free. 

We also suggest using resources such as email protection, VPNs, or intrusion prevention systems.

Insider threats

A misuse of user credentials, whether intentional or not, that jeopardizes a company's data or functionality.

Authorization to use sensitive data and important company systems gives employees a lot of responsibility. 

An insider threat has the potential to cause significant damages, because many cybersecurity practices focus only on external threats.

Companies need to vet potential new hires with adequate background checks. The consequences of data breaches must be made clear to employees, and violations of security policies should not be tolerated. 

Lastly, closely monitor employees who plan to leave the company. Research suggests that these employees are 60% of insider threats.

What is cybersecurity?

Cybersecurity is the profession of protecting digital information, devices, and networks from unauthorized users. People in this profession also ensure the integrity, security, and accessibility of information for authorized users.

How does cybersecurity protect us?

Cybersecurity protects digital information -- and the people who use networks, computers, and devices -- from unauthorized access or data loss.

How can we prevent cybercrimes?

Information security specialists help prevent cybercrimes by protecting personal data, implementing security systems, and investigating cybercrimes. People can also spot scams and use antivirus software to prevent cybercrimes.

Why is cybersecurity important for students?

Like everyone else, students need to protect their private data. Students can also study cybersecurity to launch careers in a growing tech specialty. 

Editorial standards