Cybersecurity is the protection of computer systems from outside threats such as people stealing information and harassing people. There are many jobs and roles involved in cybersecurity such as engineers who design security programs, there are people who run test trying to find vulnerabilities in cyber systems, people who work with businesses to help them create cybersecurity plans based on what they need and their goals for their company, and many other careers. The primary function of cybersecurity is to ensure that the security triad is met. The security triad includes confidentiality, integrity, and availability. Confidentiality means making so that only the people who need to see the information can see it, and everybody who does not cannot see it. Integrity is making sure that the information says what it is meant to say. Availability means that anybody who is authorized to can access the information and work with it. Making sure that these three main components are met is the primary role of cybersecurity. There are also other factors such as authentication which is making sure that the person accessing the information is the person, they say they are and can access that information. To help with authorization, one of the smartest and best ways to secure logins is with a multi factor authentication. A multi factor authentication is having the person signing in use two forms of information about them to log in, making it harder for somebody not authorized to log into somebody’s account. This can be something you know, something you have, and something you are, so knowing a password, having something sent to an email or phone, or finger or face scan to login. Another aspect that can help is role-based access control is where users in a system are only allowed to access what they have been assigned to access. Another major technique that is used to help secure information, especially when transferring it to another person is encryption. Encryption is giving information that you send to somebody a code so that nobody who is not authorized to see it can read it. Encryption works by both the sender and the receiver of the information agree on the encryption, the sender uses a computer program to encrypt it and then the receiver uses a decoder to be able to read the information. There are also various forms of cybersecurity threats such as pretexting is when somebody who is not authorized to see information calls the company pretending to be somebody who has forgotten their login information. It is a serious threat to cyber security because the company may not make sure that the person is they say they are, give them the login information, and allow them to access everything. Facing threats such as this, there are things that can be done to help protect the information such a backup plans and firewalls. A backup plan is just making sure that the information is somewhere where it can be accessed even if something goes wrong, the keys to a successful access plan are to have regular backups, test the system to make sure the backup is successful, and to fully understand all the information. A firewall is a program that protects the system by stopping packets from outside the company coming in. There are A hardware firewall is connected to the network, and a software firewall runs on the operating system. Physical security is also a smart thing to have if it can be afforded, and it is people physically protecting the software, and it applies to cyber security because it is a good idea to have actual people guarding the equipment that had the classified information on it. Now that I have discussed the primary functions a role of cybersecurity and what it is trying to do, I will now discuss the best way to set up a cybersecurity program which is by using a framework. A framework is something used in cybersecurity by companies to analyze pretty much every aspect about their current cyber security system. It lets company’s assess different aspects of their security protocols and allows them to create a new system if desired. The framework is divided into three parts which are the core, the tiers, and the profile. The core contains functions that companies use to get the desired outcomes of the system. The tiers just state different ways that companies view different kinds of risks. A profile just sets the goals that the company wants the system to achieve and helps reduce security threats. It can be useful because it lets companies assess their current system, see its strengths and weaknesses, and it can help you create a new security system that lets the company get whatever outcomes they desire. The five core activities of a framework are identify, protect, detect, respond, and recover. Identifying is creating and understanding of the resources and systems that are in the framework. Protecting the framework is just making sure that all the information is secure. Detecting is setting up a system that can tell if there is any sort of cyber security threat to the system. Responding to the threat is making sure that there are protocols set in place that respond to and can fix the threat. Recovering in the framework is to be able to completely defeat the possible threat and then return to normal operations with all the information still safe. Finally, I will discuss the cost of cybersecurity and the different options that are available, and the benefits of planning out and buying a decent plan. The cost of cybersecurity can be expensive, especially for small businesses that are just starting and probably do not have much money, but it is an especially important thing to have. Business and companies that do purchase various forms of cybersecurity are much safer than those who do not. To determine where and how to spend money for cybersecurity, small business need to first look at what information they are going to have and what they need to keep secure and need to understand threats and vulnerabilities in their information. The biggest thing that the mall businesses need to do is follow the five core principles of cybersecurity which again are: identify, protect, detect, respond, and recover. The first thing they need to do is set up identification protocols, which can include such things as dictating who gets to work with certain information and giving everybody a personal username and password. Next, they need to be able to protect the information which includes training the employees and setting up firewalls on all the computers. They need to be able to detect if there is any form of threat, and they need to have protocols to follow to respond to the threat and destroy it. Finally, they need to be able to recover from a threat by having secure backups of everything and improving the vulnerabilities in their system. It can be expensive but following those five principles and just figuring out what your small business needs can lead to a successful and safe business. With technology becoming more and more advanced, and the lines between crime and cybercrime crossing, cybersecurity Is becoming a more and more needed function in society. People now can steal information, hurt people, stalk people, pretend to be somebody that they are not without even needing to interact with anybody else because they can do everything on the computer and on social media. With all the good that comes with advancements in technology, cybersecurity is needed to help protect everybody who uses it.