Cyber threats are becoming more dangerous and frequent, especially in a world of improving technology. You have probably heard of the terms “data breaches”, “malicious software”, “viruses”, etc often, but do you really know what they are? What they can do and how to prevent yourself from encountering these horrible outcomes? First let’s start with the basics:
What is Cybersecurity?
Just as the name suggests, it is your protection in the cyberworld in terms of computers, networks, programs and even data from malicious activity such as: data damage, stolen data, etc. In order to achieve this, endpoint devices, networks and the cloud need to be protected.
What are the risks if Cybersecurity is not implemented?
So, what exactly are you preventing from happening by investing in cybersecurity? This can range from simple computer viruses to more serious, life threatening issues such as electrical blackouts, breaches of national security, identity theft, etc.
Types of Cybersecurity threats
- Phishing- A type of online scam whereby criminals appear to be professionals from a legitimate company and requests for your sensitive information. They can contact you via emails or even phone calls.
- Data breaches- Occurs when there is an unauthorised entry point into a company’s database. This allows cyber hackers to access customer data such as passwords, credit card numbers, Social Security numbers, banking information, driver’s license numbers, medical records, etc.
- DDOS attack (Distributed denial of service)- Attacks attempt to disrupt normal web traffic and take certain websites offline by flooding the systems, servers or networks with more requests than they can handle, causing them to crash.
- Malware- Software that is designed to disrupt, damage or gain unauthorised access to a computer system.
- Ransomware- A type of malicious software that blocks access to a computer or device until money is paid.
- MitM attack- The attacker secretly relays and alters communication between two parties who believe that they are communicating directly with each other.
- Social engineering- The art of manipulating people into giving confidential information or gaining access to their computer. This can be achieved by deceiving the user into clicking malicious links.
- Attacks on IOT (internet of things) devices- Basically anything that connects to the internet is at risk of being cyber attacked. These attacks can be physical, side channel, environmental, cryptanalysis, software and network attacks.
- SQL (Structured query language) injection- This occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections only become successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data
What are the minimum cybersecurity requirements for your business?
- Endpoint protection – protects points of entry in PCs, laptops or mobile devices from a malicious attack. Once a company ensures endpoint compliance with data security standards, they tend to have more control over the type as well as number of access points to the network
- Radius server- A RADIUS server is a network server implementing RADIUS and RADIUS-based authentication protocols, such as PAP, CHAP, MS-CHAP, PEAP, EAP-TTLS, EAP-TTLS, SIP Digest.
- Web filtering software- This software is designed to restrict the user from visiting certain websites. There are functions that allow the user to filter out and restrict access to undesirable websites. This is obtained by the identifying the URL of the website and sifting through undesirable keywords. If these undesirable keywords are found, then the software will block access to the website.
- Firewall- A firewall is a network security device that may monitor incoming and outgoing network traffic or blocks data packets in accordance to a set of security rules mostly decided by the user. The purpose of this is to establish a barrier between your internal network and incoming traffic from an external source (the internet) so that it can block malicious traffic like viruses and hackers.
- Intrusion detection system- An intrusion detection system can either be a software application of hardware application. It searches for suspicious activity on systems and moving networks by monitoring them. When a threat is detected, it sends out an alert. The alert sent out will information about the original source address of the intrusion, the target address and type of attack that is suspected.
- Identity Access management– Identity and access management (IAM) deals with defining and managing the roles and access privileges each network users. Based on their circumstances or role to the company, the users may be granted or denied certain privileges or access. These users might even be customers (customer identity management) or employees (employee identity management). The aim of IAM systems is one digital identity for each individual user. Once that digital identity has been established, it must be maintained, modified and monitored throughout each user’s access lifecycle. For example, in a company, there are joiners (users that just start working at that company), movers (users that may either get promoted or demoted in the company) and leavers (users that move out of the company). Each of these types of users need different access to the company which is dependent on what type of user they are. Within these three types of users, there are also different departments and hierarchy of positions which also need specific access management based on their role. The IAM software aims to identify the specifics of these users and automatically grant the appropriate access to them based on the access specifications of the company.