In fact, Cyber Security must guarantee:

• Network security: Defending computer networks from the actions of malicious people, whether it is targeted attacks or opportunistic malware.

• Application security: protect software and devices from potential threats. A compromised application can allow access to the data it is supposed to protect. Effective security begins at the design stage, long before a program or device is deployed.

• Information security: protect the integrity and privacy of data

• Operational Security: Includes processes and decisions for managing and protecting data assets. It includes all permissions used by users to access a network and the procedures that determine how and where data can be stored or shared.

But from what or from whom do we have to defend ourselves?

We must defend ourselves against both external and internal attacks.

As for external attacks, the attacker tries to break in through the vulnerability exploit or through cracks in the security perimeter.

While for internal attacks the attacker either uses an insider or is a person inside the organization. Internal attacks are the most difficult to counter and predict precisely because they start from within the perimeter to be protected.

Furthermore, attacks can be either targeted or opportunistic:

• in the first case the recipient is chosen a priori, usually persistent attacks tend to remain invisible as much as possible and aim to control the attacked system;

• in the second case they take place on a large scale, they do not have a single subject towards which to direct the attack but aim to hit as many recipients as possible.