Cyber Security 101
Cyber Security 101: What it is and why is it important?
For many organisations, cyber security can be one of those important topics that unfortunately gets lost in other company priorities. As the explosion of apps, IoT and mobile users bring about countless possibilities for a cyber-attack, today’s savvy organisations understand that a breach is more of a ‘when’ than an ‘if’. So in this post, we unravel your critical cyber security questions.
What is Cyber Security?
Look online and you’ll find many different ways to describe cyber security. It’s relatively all-encompassing, but the main objective is the protection of data. At the heart of the matter is people, process and technology.
The most important thing to know is what security professionals learn on the road to professional certification: cyber security is all about protecting the confidentiality, integrity, and availability of information. These three core elements represent the C-I-A triad (not to be confused with the other CIA). Cyber security ensures that data is only seen by who it’s meant for (confidentiality), that it is not modified or deleted by an unauthorised third party (integrity), and it is accessible to anyone who needs it (availability).
As most of our data is connected to the Internet in some way, the definition of cyber security has evolved from the information security designation to include defending data and other devices against hackers, or what professionals call bad actors (not to be confused with an unconvincing thespian).
Why is Cyber Security Important?
With more data and devices connected to the Internet than ever before, the importance of cyber security for any business is escalating. Whether we like it or not, security needs to be top of mind for everyone in your company from the top down. All employees, especially at the executive level, must be aware of what threats exist and how to properly mitigate risk.
Cyber security is all about managing risks such as regulatory risks, reputation risks, and financial risks. By managing risks properly, we can build and maintain trust with stakeholders — such as authorities, customers, shareholders, and management — by ensuring that data is protected.
Perhaps the most powerful reason why cyber security is important boils down to the human element. After learning about the CIA triad, security professionals quickly learn that humans are the weakest link in the cyber security chain.
Especially in today’s constantly connected world, we are making split-second decisions on our devices — both at home and at work — all the time. Hackers and bad actors know this and rely on us to make decisions to either click on something we shouldn’t or divulge privileged information.
We have so much to do in our workday and multi-task by carrying out tasks on countless apps, websites, services, and devices. Unfortunately, cyber security is the last thing on our minds as we make our day-to-day and minute-to-minute decisions. When security mechanisms get in the way, too many of us neglect it.
Far too many companies have suffered serious damage due to a data breach; for example the Marriott Hotel chain attack, in which data belonging to 500 million customers was stolen.
There has never been a greater need for a security-first mindset across your business or enterprise. Our data, our information and our assets are vulnerable and need to be protected with robust security controls, standards, and strategies. However possible, promoting security awareness in your organisation is essential.
Types of Cyber Security
To help break things down, there are five essential elements of cyber security you need to be aware of.
This is probably the most specific type of cyber security and primarily covers software. Application security is the control activity used to ensure software applications are protected at all stages of their lifecycle – design, development, deployment, maintenance, upgrade, and retirement.
An example of this would be when you add functionality to your software that would prevent threats, attacks, and breaches.
Mobile application security is also included in this definition.
Branching out a little further, we have network security, which covers access and rights to your network and its resources. Network security is there to protect any internal network infrastructure.
Logins, passwords, access rights, VPNs, and firewalls are all examples of what is used to protect the network.
Perhaps one of the most crucial defense mechanisms for network security is endpoint security, a strategy to protect the connection between remote devices like laptops, tablets, smartphones and wireless devices and your corporate network. Evolving technologies and remote work make endpoint security more important than ever before. Your endpoint security strategy addresses how these devices meet your company’s security standards.
Once we’ve expanded into the cloud, we’re now covering security that protects data and resources that reside on the Internet (hopefully protected in some way). Cloud providers are continually creating and implementing new security tools to help enterprise users better secure their data.
However, it must be noted that Cloud security represents a shared responsibility between your company and the Cloud provider. In other words, the relationship needs to be managed.
IOT (Internet of Things) Security
Finally, there’s IoT security, possibly the most vulnerable element of cybersecurity. Internet-connected cameras, home appliances, voice assistants and more — by design they are not only connected to our private networks but also connected to the Internet. What often makes these devices so vulnerable is that most users don’t change the default passwords and this makes them an easy targets for hackers.
Main Cyber Security Threats
In today’s business landscape, the threats to our assets and data are skyrocketing. Almost everything that touches your business could be a potential cyber security headache, but there are several prominent threats you should know about.
DOS (Denial of Service) Attack
A DOS attack occurs when an attacker actively prevents your users or customers from accessing one or more of your resources. Usually, this attack is achieved by sending an overwhelming amount of data for your resource to process, bringing the service down.
Malware / Viruses / Ransomware
These attacks contain malicious code that can wreak havoc on your systems, and are typically brought about by a user clicking on a harmful link he or she is not aware of, or can also be embedded within software and file downloads.
Both viruses and ransomware are types of malware. Ransomware is malware that, once invoked, forces the victim to pay a ransom to the hacker to prevent the malware from creating disaster (usually locking and encrypting data to render it inaccessible).
Phishing is perhaps the easiest way for an attacker to obtain sensitive information like usernames, passwords or juicy financial details. In a typical phishing attack, an email is sent to trick the target into thinking it is coming from a legitimate business or person. The emails usually contain a link that, if clicked on, take the user to a fraudulent website made to look like a valid login or support page to capture their confidential information.
Phishing is a form of social engineering, in which tactics are used to trick people into divulging sensitive information. While phishing relies on technology, social engineering does not require any technical know-how. With the right data, an attacker can call someone at your company, say the right things to establish trust, and get them to reveal data that should be kept confidential.
Physical Security Breach
A physical security breach is when a laptop, mobile device, USB stick or other resource is lost or stolen. Another example of a physical security breach would be an unauthorised individual entering your place of business with the intent of stealing data, assets, or resources.
A data breach occurs when there is a leak, compromise or theft of a company’s data or information relating to its business or its customers.
It’s important to note that many data breaches (such as the recent healthcare breach of Unity Point Health, which potentially compromised the PHI of 1.4 million patients), began with a phishing campaign.
Where To Go From Here?
With so many threats to think about, it’s understandable to be overwhelmed. Keeping up with all the latest advancements in cybersecurity may be too much for the average company’s IT team.
Thankfully, there are countless resources available to help with best practices. NIST’s extensive Cybersecurity Framework and SANS Institute’s collection of information security resources are highly recommended. You may also want to outsource cybersecurity functions to a managed security service provider.
Regardless of who is responsible for threat management in your organisation, there are a few basic strategies you simply cannot ignore:
- Software, anti-virus, firewalls, and systems are patched and up to date
- An incident response plan is clearly defined and in place
- Users and management are well-educated about cybersecurity and how to recognize attacks like phishing
Global cyber security spend is up – way up. Yet, 77% of IT and security teams report having little-to-no confidence to prevent or mitigate cyber risks. Why is that? Find out in this new research from Absolute Software: 2019 The State of Endpoint Security Trends.
Header image source: jijomathaidesigners/shutterstock.com