Description:
This subtopic is intended to cover the major aspects of security related to the internet (except for Internet of Things cybersecurity, which is covered under subtopic IT7).
Cybersecurity refers to security applied both to the internet (including servers and connected devices) and to data stored in or transmitted over the internet. Generally this refers to security against malicious attacks rather than security against (for example) inadvertent data leakage. Cybersecurity is growing in importance due to a confluence of factors, including (i) increased use of the internet to monitor and control critical infrastructure, (ii) increased incidence of cyber-attacks against government and major institutions, (iii) the growing reliance by the general public on internet-based services.
Personal authentication and privacy refer to the reliable authentication of persons using the internet, and the protection of personal data and user information against compromise.
Examples of relevant technical fields include (but are not limited to): detection of cyber vulnerabilities – for example, related to critical infrastructure or financial networks; detection and prevention of cyber-attacks; human factors analytics – to assess people risk; mobile device security; device-cloud security infrastructure; cloud computing security; security/privacy policy compliance; security for BYOD (bring-your-own device) and BYOC (bring-your-own-cloud); big data security; data loss prevention; information assurance; data integrity; encryption; key generation, key management and key distribution; access authorization; identity management; personal authentication – biometrics, multi-factor authentication.
