NordVPN, a popular virtual private network provider, has launched CyberSec, a new security feature as part of the NordVPN client update.
CyberSec is a new security component of the official NordVPN client designed to block malware, intrusive advertisement, and other threats.
Customers of NordVPN who upgrade the client to the latest version will receive a popup when they run the client after update installation that informs them about the new CyberSec feature.

Introducing CyberSec!

From now on, NordVPN gives comprehensive protection from intrusive ads, malware, phishing attempts, DDoS attacks and other threats.
CyberSec can best be described as a mechanism to control traffic. It resembles a content blocker but with the difference that it runs on the system level, and not as a browser extension.
It is not the first feature of its kind; Private Internet Access’ client for instance ships with a similar feature called MACE for some time now.

So what does it do?

Blocks advertisement: This part of CyberSec blocks known advertisement sources from being loaded.
Defends against malware: It blocks known malware domains by using a blacklist approach.
Blocks botnet abuse: Promises to prevent that devices are used for DDoS attacks, even if they are already infected.
NordVPN users can toggle the status of the feature in the client interface under Settings > General. It is listed as the first option on the general settings page and highlighted with a new tag right now on top of that.
All you need to do to enable or disable it is to click on the slider next to it.  The feature works automatically when you enable it, and all applications that you run on your system benefit from its functionality.

Closing Words

CyberSec looks on first glance like a great feature; it blocks advertisement and malicious content after all automatically on a system wide level.
The feature suffers from the same usability issue however that Private Internet Access’ MACE feature suffers from: lack of control.
While you can enable and disable the feature, you have no say in what gets blocked and what does not get blocked. If there is a false positive, there is nothing you can do about it other than turn off CyberSec to access the resource.
There is no whitelisting for sites that you value and trust, so that advertisement is displayed, and no option to check the blocklists to verify what gets blocked and what does not get blocked.
Additionally, there is also no option to put resources on the blocklist to block them permanently when you are connected to NordVPN.
So, should you enable CyberSec then if you are a NordVPN customer? It depends. The hands-free approach has its advantages, as anyone may use it without knowing anything about blocking content on the Internet.
The downside is the lack of control, especially no option to verify what gets blocked, or add or remove resources from the blocklists.
A better approach would be in my opinion to separate the protective options, e.g. let users decide if they want to block malware, ads or DDoS abuse separately, and provide control and whitelisting / blacklisting functionality on top of that.