Cybersecurity Explained

Cybersecurity is becoming increasingly complex. Many organizations offer resources and information on the fundamental principles of cybersecurity, including endpoint protection, security services, and different types of cyberattacks. If you need information about these cybersecurity topics and many others, Sophos has you covered.

Filter by term


During a business email compromise (BEC) attack, a cybercriminal targets your employees through email. The criminal uses an email to request money or information about your business from your employees. If successful, the criminal can illegally get money or access information about your business that can be used for malicious activities.


A cybersecurity provider helps you keep pace with emerging cyberthreats and protect against cyberattacks and data breaches. With the right approach, you can select a cybersecurity provider that meets your expectations.

Cloud security protects modern enterprises from an ever-expanding digital attack surface. Cloud security involves keeping track of the data, workloads, and architecture changes in multiple cloud computing environments (such as AWS, GCP, Azure, and Kubernetes) and ensuring its safety from internal and external threats.

The outsourced model of cybersecurity-as-a-service means that, rather than handling it internally, organizations work with a third-party partner with the expertise and resources to continuously monitor their security posture.


Data breach prevention is a form of cybersecurity that is focused solely on stopping a data breach before it can take hold. A data breach is an incident resulting in the exposure of confidential, private, protected, or sensitive information. This includes corporate information, such as trade secrets or financial information, as well as personal data belonging to your partners, customers, and employees.


Today’s endpoint security must manage the chaos of a never-ending list of endpoint devices, all connecting to your organization’s infrastructure and accessing sensitive data. This is the challenge that the best cyber security companies are working to solve. How do you constantly monitor for any changes in the security posture of connected devices and keep everything secure?


Since it became law in 2018, the General Data Protection Regulation, commonly known as GDPR, has forced companies to rethink how they collect, store, share, and secure personal data belonging to private citizens.

Securing a multi-cloud environment is challenging due to the increased attack surface and lack of visibility across cloud hosts and services. This is where cloud governance enters the picture. Cloud governance is a framework of policies established by a business that will define and enforce how they create, store, and share data in the cloud and ensure regulatory compliance.


Incident response refers to the process your business uses to manage a cyberattack or data breach. The process allows you to resolve a security incident and generate insights from it that you can use to prevent similar problems from happening.


Managed detection and response (MDR) is a fully-managed, 24/7 service delivered by experts who specialize in detecting and responding to cyberattacks that technology solutions alone cannot prevent. By combining human expertise with protection technologies and advanced machine learning models, MDR analysts can detect, investigate, and neutralize advanced human-led attacks, preventing data breaches and ransomware.

Demand for MDR services is soaring and Gartner predicts that by 2025, half of organizations will be using MDR services.

Mobile device management (MDM) is security software that lets your business implement policies to secure, monitor, and manage your end-user mobile devices. The software also protects your network devices and allows your employees to work remotely without compromising their security.


Next-generation antivirus (NGAV) software protects your business against known and unknown cyberthreats. The software looks at your files, processes, applications, and network connections and the relationships between them. This helps you identify malicious intent, behaviors, and activities — and block them.


A phishing attack involves a cybercriminal masquerading as a reputable source with an enticing request or offer, usually delivered by email. The attacker lures the victim into handing over their personal information, often high-value identity credentials, through deception. Once the cybercriminal acquires these credentials, business email compromise and account takeovers are the next steps. This is where the cybercriminal can do the most damage to your business because once they take over an employee’s legitimate account, they’re difficult to identify and stop.


There is no stopping ransomware attacks. However, businesses can use tried-and-true ransomware mitigation technologies and techniques to address these attacks before they get out of hand.


A security operations center (SOC) is a team of security analysts, engineers, and others who monitor, detect, respond to, and remediate cyberthreats. The SOC team ensures security issues are instantly identified and addressed 24/7/365.

The server hardening process reduces your business' attack surface and helps you guard against ransomware, malware, and other cyberthreats. You can follow this process to protect all points of entry against cyberattacks, address cybersecurity weaknesses, and optimize your security posture.

Businesses use security information and event management (SIEM) technology to track cyberthreats, monitor and analyze security events in real time, and log security data.


Businesses use threat intelligence to understand cyberattacks and why they occur. From here, companies can find the best ways to stop advanced threats. They can also get the best security outcomes now and in the future.

Organization’s can’t risk being passive when it comes to cybersecurity. Today’s malicious actors are more cunning than ever, increasingly deploying evasive human-led techniques to conduct their attacks. 


Extended detection and response (XDR) is a cybersecurity tool that identifies cyberthreats by integrating multiple security services into one system. It extends the scope of your security beyond your endpoints.


Zero trust security solutions require end-users to be continuously authenticated, authorized, and validated. As such, they enable your business to secure access to its applications and data 24/7/365.