What is Cyber Security?
Cyber Security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It is also known as information technology security or electronic information security. The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report compiled by the ITRC and U.S. Department of Health and Human Services states that more than 98.2 million individuals were impacted by the 10 largest data breaches in just the first half of 2021.
Here are some cyber security terms that we should be familiar with.
Malware is the collective name for a number of malicious software variants including viruses, ransomware and spyware. Malware typically consists of code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorised access to a network. Malware is delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
Malware has actually been a threat to individuals and organisations since the early 1970’s when the Creeper virus first appeared. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible!
A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. A firewall is basically the barrier that sits between a private internal network and the public Internet. It’s main purpose is to allow non-threatening traffic in and to keep dangerous traffic out.
Back in 1993, Checkpoint CEO, Gil Shwed introduced the first stateful inspection firewall, Firewall – 1. Now, 28 years later, a firewall is still an organization’s first line of defense against cyber attacks. Today’s firewalls including Next Generation Firewalls and Network Firewalls which support a wide variety of functions and capabilities with built-in features, including :
- Network Threat Prevention
- Application and Identity-based Control
- Hybrid Cloud Support
- Scalable Performance
Encryption in cyber security is the conversion of data from a readable format into an encoded format. Encrypted data can only be read or processed after it has been decrypted. Encryption is the basic building block of data security.
It is the simplest and most important way to ensure that a computer system’s information can’t be stolen and read by someone who wants to use it for malicious purposes. Data encryption software also known as an encryption algorithm or cipher is used to develop an encryption scheme that theoretically can only be broken with large amounts of computing work.
Encryption involves converting human-readable plain text into incomprehensible text, which is known as cipher text. Basically, this means taking readable data and changing it so that it appears random. Encryption involves using a cryptographic key, a set of mathematical values both the sender and recipient agree on. The recipient uses the key to decrypt the data turning it back into readable plaintext. The more complex the cryptographic key, the more secure the encryptions, because third parties are less likely to decrypt it via “brute force attacks”, i.e. trying random numbers until the correct combination is guessed!
Spear phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons. This is achieved by acquiring personal details of the victim such as their friends, hometown, employer, locations they frequent and what they have recently purchased online.
The attackers then disguise themselves as a trustworthy friend or person to procure sensitive information, typically through email or other online messaging platforms. This is the most successful form of gaining confidential information on the Internet, accounting for 91% of attacks. Victims are asked to open a malicious attachment or click on a link that takes them to a spoofed website where they are asked to provide passwords, account numbers, PINs and access codes.
Once the criminals have gathered enough personal information, they can access bank accounts or even create a new identity using their victim’s information.
Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It can cover cloud services, software and hardware.
The main area of concern today is the rapid adoption of cloud-based services. The growth of shadow IT has speeded with the consumerization of information technology. Users have become comfortable downloading and using apps and cloud services to assist them in their work.
Shadow IT includes all types of IT-related activities and purchases that the IT department is not involved in. These purchases can consist of:
- Hardware: servers, PC’s, laptops, tablets and smartphones.
- Off-the-shelf packaged software.
- Cloud services including software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS).