Cyber Security in a nutshell
We spend so much time online, almost every aspect of our being, what we do, who we know, where we shop and how we spend our time is stored digitally - this is extremely valuable to hackers, and cyber criminals.
Our data is currency - the more complete the picture is, the more the data is worth, and this has spawned a whole new trade in information - for sales, or for warfare. Computers, handheld devices and mobile phones, networks, servers, cloud computers, and your data are protected from malicious activities by ‘cyber security’.
It acts as that protective layer, that barrier that ensures that the data you store on your computers cannot be hacked or stolen by external threats, AKA cyber criminals.
There are many practices and procedures that make up the definition of cyber security, they all aim to protect your privacy, and the data you hold dear. The aim is to sidestep the threats, to mitigate attacks, reduce damage and restrict unwanted access to business networks, computers, applications and information. You may periodically get emails from your IT security team, they are your cyber security.
Companies all over the world have shown a desperate need for increasing the ‘strength’ of their cyber security - If you break down the man power effort for a cyber criminal, it really is a numbers game - 1 script can infect thousands of machines, and if only 1 person pays up the criminal has won. There has been a massive explosion of criminal activity over the past 2 years, and more and more of it is taking place online - there are no windows to break, no fingerprints to be wiped off surfaces and no dogs to worry about.
As businesses become more digital they open themselves up to cybercriminals. Not only in their own country but globally. Your company could be the victim of organised crime, which could lead to being locked out of your own systems, which in turn will result in a loss of income, followed by harm to your business reputation, disruption to your business, loss of production, and damage to assets.
Cyber Security Categories
We have been playing in the cyber security space for many years, and most of it falls into one of the following categories.
The term refers to a number of contexts which can be categorized as following:
Even though there is such a massive increase in the visibility of cyber security, digital threats are still amongst the most devastating to an organisation. As the catchphrase goes ‘you are the weakest link’ applies to cyber security more so than in any other aspect of business - Anyone that fails to comply with security practices will inadvertently introduce malware or a virus into an otherwise secure system. Teaching users to delete suspicious emails and attachments, not allowing users to plug in unauthorized USB drives into the network can act as both valuable lessons is crucial for any organization's safety - and ensure the safety of that same organisation.
What do you do once you realise you are the victim of a crime? Sometimes the ‘logical next step’ is the very thing that will erase the footprints of the very criminals you need to find.
Disaster recovery done right - this means that you have a platform in place to take over if anything goes wrong. Do you have backups that are not accessible by the hackers, and the means to update both logins and passwords at the drop of a hat.
How quickly can you pick up where you left off?
How quickly can you isolate the problem, and notify anyone that may have been affected?
It is important to remember that business continuity is the plan on which the company ensures in the event of a major event it can continue without needing to spend large amounts of money to survive.
People often think that “Most of the time cloud storage is more secure.”
Not always, but most of the time large cloud storage providers are already security minded - that and cloud storage offers additional privacy protections. What most people are unaware of is that cloud storage can be monitored by software that notifies you if anything strange is going on. Many of the security controls you would use on an internal network are needed for any cloud environments that your business may use.
One of the first steps you can take to stay safe is to keep your internal network out of the hands of strangers, and create processes that will keep you safe against external attacks. Common examples of network security are anti-virus or anti-malware, firewall, intrusion detection systems, Security Incident and Event Management, anti-spyware and internet access controls.
Most companies have some of these in place, but don’t monitor them, or control who can administer them.
If you want to maintain a safe, secure and stable network, then additional logins and secure credentials must be available, and will need to regularly reset them.
In order to prove to your customers you have a sufficient information security management system, it is important to follow the security requirements in standards such as ISO 27001, SOC 2 and NIST.
In an ever-changing global world small businesses have their own set of data security responsibilities to meet to do business. This is especially true of any small business that deals with the government, financial or system integrators
The management and protection of your digital data assets and systems fall under the blanket term ‘Operational Security’, this includes the decisions you make to stay secure. User permissions and the processes and decisions used to determine if and when data can be saved or exchanged come under the heading as they interact with the network - this can be used by a skilled hacker to gain entry and then steal or alter your data.
Everybody, particularly Small and Medium Sized businesses are at risk, and they need cyber security solutions and insurance irrespective of their scale.
A recent survey from Nationwide Mutual Insurance Company found that 58% of business owners with up to 299 employees had been victims of a cyber attack.
The belief that "we are too small to be a target” is a false belief that comes from our interpretation of effort vs reward, as criminals will go after bigger organizations for a bigger return" has been proven to be false with small businesses now more than half of all cyber attacks.
There is no discrimination by cyber-criminals. They like to attack smaller companies because their cybersecurity defense is likely to be poorer. The effort is the same, for big or small companies, but the security protocols in place for small businesses often do not exist.
What are the types of cyber attacks?
While cyber criminals have developed several methods of implementing a cyberattack against your business such as; phishing, ransomware and business email compromise (fraud) - these are the top 3 that routinely impact Australian companies. These attacks can create massive data loss usually through unauthorised information theft or encryption.
Types of cyber threats
Ransomware is a favourite method of extortion employed by cyber criminals. In short malware inserts itself into your system / network and selectively encrypts data, this may be your customer data, or sales data, or anything that can be held ransom. You are presented with a screen asking for payment, and usually a timer that once expired will delete the ‘decryption key’ it is extremely effective as once data is encrypted there is practically no way to retrieve it.
The Challenges of Cyber Security
In order for cyber security to be successful in a company, the company's data defense activities must be coordinated across the entire business information and network architecture. Methods for protecting the network from unwanted access, threats and intrusions should be at the top of the list. If you can keep the bad guys out you have already won, the problem is detecting them if it's too late for that.
In order to ensure that apps are safe from threats, they must be updated and reviewed on a regular basis - most sites are hacked when plugins are not up to date, as patches are often 'security patches'. Remote networking is a vital aspect of doing business, but it can also pose a danger to data security. The method to secure remote access to a company's network is known as endpoint protection. This covers remote machines needing secure logins and also rule sets around what they are allowed to access, or where they can access your secure network from.
Data exists within the framework of networks and applications. A special level of protection is dedicated to the protection of business and consumer information. In reality a comprehensive list of users and their access should be kept and maintained, often when staff leave their access remains, and once a hacker figures this out then they have a target that isn't being monitored.
Databases and physical equipment are used in every aspect of a network (they are essentially the components of a network). It's also critical to safeguard these devices. Many files are stored in digital environments, also known as "the cloud." Protecting data in a completely online environment poses a number of difficulties. In and of themselves, cell phones and tablets pose virtually every type of security risk.
In the event of a breach , natural disaster or other event data must be protected and business must go on. For this, you'll need a plan.End-user education: Users may be employees accessing the network or customers logging on to a company app. Educating good habits (password changes, 2-factor authentication, etc.) is an important part of cybersecurity.
The most difficult challenge in cyber security is the ever-evolving nature of security risks themselves. Traditionally, organizations and the government have focused most of their cyber security resources on perimeter security to protect only their most crucial system components and defend against known treats. Today, this approach is insufficient, as the threats advance and change more quickly than organizations can keep up with. As a result, advisory organizations promote more proactive and adaptive approaches to cyber security. Similarly, the National Institute of Standards and Technology ( NIST ) issued guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments, a data-focused approach to security as opposed to the traditional perimeter-based model.
Managing Cyber Security
The National Cyber Security Alliance, through SafeOnline.org , recommends a top-down approach to cyber security in which corporate management leads the charge in prioritizing cyber security management across all business practices. NCSA advises that companies must be prepared to “respond to the inevitable cyber incident, restore normal operations, and ensure that company assets and the company's reputation are protected.” NCSA's guidelines for conducting cyber risk assessments focus on three key areas: identifying your organization's “crown jewels,” or your most valuable information requiring protection; identifying the threats and risks facing that information; and outlining the damage your organization would incur should that data be lost or wrongfully exposed.
Cyber risk assessments should also consider any regulations that impact the way your company collects, stores, and secures data, such as PCI-DSS HIPAA SOX FISMA , and others. Following a cyber risk assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels” outlined in your assessment, and effectively detect and respond to security incidents . This plan should encompass both the processes and technologies required to build a mature cyber security program. An ever-evolving field, cyber security best practices must evolve to accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound cyber security measures with an educated and security-minded employee base provides the best defense against cyber criminals attempting to gain access to your company's sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling your efforts as your cyber program matures.
The scale of the cyber threat
The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report by RiskBased Security revealed that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of 2019 alone. This figure is more than double (112%) the number of records exposed in the same period in 2018.
Medical services, retailers and public entities experienced the most breaches, with malicious criminals responsible for most incidents. Some of these sectors are more appealing to cybercriminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.
With the scale of the cyber threat set to continue to rise, the International Data Corporation predicts that worldwide spending on cyber-security solutions will reach a massive $133.7 billion by 2022. Governments across the globe have responded to the rising cyber threat with guidance to help organizations implement effective cyber-security practices.
In the U.S., the National Institute of Standards and Technology (NIST) has created a cyber-security framework . To combat the proliferation of malicious code and aid in early detection, the framework recommends continuous, real-time monitoring of all electronic resources.
The importance of system monitoring is echoed in the “ 10 steps to cyber security ”, guidance provided by the U.K. government's National Cyber Security Centre. In Australia, The Australian Cyber Security Centre (ACSC) regularly publishes guidance on how organizations can counter the latest cyber-security threats.
Why is cybersecurity important?
In today's connected world, everyone benefits from advanced cyberdefense programs. At an individual level, a cybersecurity attack can result in everything from identity theft, to extortion attempts, to the loss of important data like family photos. Everyone relies on critical infrastructure like power plants, hospitals, and financial service companies. Securing these and other organizations is essential to keeping our society functioning.
Everyone also benefits from the work of cyberthreat researchers, like the team of 250 threat researchers at Talos, who investigate new and emerging threats and cyber attack strategies. They reveal new vulnerabilities, educate the public on the importance of cybersecurity, and strengthen open source tools. Their work makes the Internet safer for everyone.
Cyber safety tips - protect yourself against cyberattacks
How can businesses and individuals guard against cyber threats?
Here are our top cyber safety tips:
Cyber security vs. computer security vs. IT security
As mentioned above, cyber security is the practice of defending your electronic systems, networks, computers, mobile devices, programs and data from malicious digital attacks. Cybercriminals can deploy a variety of attacks against individual victims or businesses that can include accessing, changing or deleting sensitive data; extorting payment; or interfering with business processes.
How is cyber security achieved? Through an infrastructure that's divided into three key components: IT security, cyber security, and computer security.
Information technology (IT) security, also known as electronic information security, is the protection of data both where it is stored and while moving through a network. While cyber security only protects digital data, IT security protects both digital and physical data from intruders.
Cyber security is a subset of IT security. While IT security protects both physical and digital data, cyber security protects the digital data on your networks, computers and devices from unauthorized access, attack and destruction.
Network security, or computer security, is a subset of cyber security. This type of security uses hardware and software to protect any data that's sent through your computer and other devices to the network. Network security serves to protect the IT infrastructure and guard against information being intercepted and changed or stolen by cybercriminals.