3 Mins read

 ‌Cyber‌ ‌security‌ ‌is‌ ‌the‌ ‌practice‌ ‌of‌ ‌protecting‌ ‌essential‌ ‌systems‌ ‌and‌ ‌sensitive‌ ‌data‌ ‌from‌ ‌digital‌ ‌attacks.‌ ‌Additionally‌ ‌referred‌ ‌to‌ ‌as‌ ‌data‌ ‌technology‌ ‌(IT)‌ ‌security,‌ ‌cyber‌ ‌security‌ ‌measures‌ ‌are‌ ‌designed‌ ‌to‌ ‌combat‌ ‌threats‌ ‌against‌ ‌networked‌ ‌systems‌ ‌and‌ ‌applications,‌ ‌whether‌ ‌or‌ ‌not‌ ‌those‌ ‌threats‌ ‌originate‌ ‌from‌ ‌within‌ ‌or‌ ‌outside‌ ‌of‌ ‌a‌ ‌corporation.‌ ‌

Cybercriminals‌ ‌target‌ ‌customers’‌ ‌personally‌ ‌identifiable‌ ‌information‌ ‌(PII)‌ ‌-‌ ‌names,‌ ‌addresses,‌ ‌national‌ ‌identification‌ ‌numbers‌ ‌(e.g.,‌ ‌Social‌ ‌Security‌ ‌numbers‌ ‌within‌ ‌the‌ ‌U.S.,‌ ‌fiscal‌ ‌codes‌ ‌in‌ ‌Italy),‌ ‌and‌ ‌credit‌ ‌card‌ ‌data‌ ‌–‌ ‌and‌ ‌then‌ ‌sell‌ ‌these‌ ‌records‌ ‌in‌ ‌underground‌ ‌digital‌ ‌marketplaces.‌ ‌Compromised‌ ‌PII‌ ‌usually‌ ‌results‌ ‌in‌ ‌a‌ ‌loss‌ ‌of‌ ‌client‌ ‌trust,‌ ‌regulative‌ ‌fines,‌ ‌and‌ ‌even‌ ‌legal‌ ‌

proceedings.‌ ‌

Why‌ ‌is‌ ‌cyber‌ ‌security‌ ‌important?‌ ‌

  • Cyber-attacks‌ ‌are‌ ‌increasingly‌ ‌sophisticated‌ ‌-‌ ‌‌Cyber-attacks‌ ‌still‌ ‌grow‌ ‌in‌ ‌sophistication,‌ ‌with‌ ‌attackers‌ ‌using‌ ‌an‌ ‌ever-expanding‌ ‌variety‌ ‌of‌ ‌techniques.‌ ‌These‌ ‌include‌ ‌social‌ ‌engineering,‌ ‌malware‌ ‌and‌ ‌ransomware).‌ ‌
  • The‌ ‌costs‌ ‌of‌ ‌cyber‌ ‌security‌ ‌breaches‌ ‌are‌ ‌rising‌‌ ‌‌-‌‌ ‌Privacy‌ ‌laws‌ ‌like‌ ‌the‌ ‌GDPR‌ ‌and‌ ‌DPA‌ ‌2018‌ ‌can‌ ‌mean‌ ‌important‌ ‌fines‌ ‌for‌ ‌organizations‌ ‌that‌ ‌suffer‌ ‌cyber‌ ‌security‌ ‌breaches.‌ ‌There‌ ‌are‌ ‌also‌ ‌non-financial‌ ‌costs‌ ‌to‌ ‌be‌ ‌thought-about,‌ ‌like‌ ‌reputational‌ ‌damage.‌ ‌
  • Cyber‌ ‌security‌ ‌is‌ ‌a‌ ‌critical,‌ ‌board-level‌ ‌issue‌ ‌-‌ ‌‌New‌ ‌laws‌ ‌and‌ ‌reporting‌ ‌requirements‌ ‌create‌ ‌cyber‌ ‌security‌ ‌risk‌ ‌oversight‌ ‌a‌ ‌challenge.‌ ‌The‌ ‌board‌ ‌will‌ ‌need‌ ‌to‌ ‌continue‌ ‌to‌ ‌seek‌ ‌assurances‌ ‌from‌ ‌management‌ ‌that‌ ‌its‌ ‌cyber‌ ‌risk‌ ‌strategies‌ ‌can‌ ‌scale‌ ‌back‌ ‌the‌ ‌chance‌ ‌of‌ ‌attacks‌ ‌and‌ ‌limit‌ ‌ monetary‌ ‌and‌ ‌operational‌ ‌impacts.‌ ‌
  • Cyber-crime‌ ‌is‌ ‌a‌ ‌big‌ ‌business‌ ‌-‌ ‌‌In‌ ‌2018,‌ ‌the‌ ‌cyber-crime‌ ‌economy‌ ‌was‌ ‌estimated‌ ‌to‌ ‌be‌ ‌worth‌ ‌$1.5‌ ‌trillion,‌ ‌according‌ ‌to‌ ‌a‌ ‌study‌ ‌commissioned‌ ‌by‌ ‌Bromium.‌ ‌Political,‌ ‌moral‌ ‌and‌ ‌social‌ ‌incentives‌ ‌can‌ ‌even‌ ‌drive‌ ‌attackers.‌ 

What are some of the Common cyber threats?

Although cyber security professionals work hard to shut security gaps, attackers are perpetually searching for new ways to flee IT notice, evade defense measures, and exploit rising weaknesses.

The latest cyber security threats are putting a new spin on “known” threats, taking advantage of work-from-home environments, remote access tools, and new cloud services. These evolving threats include:

Malware – The term “malware” refers to malicious software variants—such as worms, viruses, Trojans and spyware—that give unauthorized access or cause harm to a computer. Malware attacks are increasingly “fileless” and designed to induce around familiar detection ways, like antivirus tools, that scan for malicious file attachments.

Ransomware – Ransomware is a kind of malware that locks down files, data or systems, and threatens to erase or destroy the data – or build private or sensitive data to the general public – unless a ransom is paid to the cybercriminals who launched the attack. Recent ransomware attacks have targeted state and native governments, that are easier to breach than organizations and under pressure to pay ransoms so as to revive applications and internet sites on which citizens rely.

Phishing / social engineering – Phishing is a kind of social engineering that tricks users into providing their own PII or sensitive info. In phishing scams, emails or text messages seem to be from a legitimate company asking for sensitive info, such as credit card information or login info. The FBI has noted a surge in pandemic-related phishing, tied to the growth of remote work.

Insider threats – Current or former staff, business partners, contractors, or anyone who has had access to systems or networks within the past will be thought of an business executive threat if they abuse their access permissions. Insider threats can be invisible to traditional security solutions like firewalls and intrusion detection systems, which focus on external threats.

Distributed denial-of-service (DDoS) attacks – A DDoS attack attempts to crash a server, website or network by overloading it with traffic, usually from multiple coordinated systems. DDoS attacks overwhelm enterprise networks via the simple network management protocol (SNMP), used for modems, printers, switches, routers, and servers.

Advanced persistent threats (APTs) – In an APT, an intruder or group of intruders infiltrate a system and remain undetected for an extended period. The intruder leaves networks and systems intact so that the intruder can spy on business activity and steal sensitive data while avoiding the activation of defensive countermeasures. The recent Solar Winds breach of United States government systems is an example of an APT.

Man-in-the-middle attacks – Man-in-the-middle is an eavesdropping attack, where a cybercriminal intercepts and relays messages between two parties in order to steal data. For example, on an unsecure Wi-Fi network, an attacker can intercept data being passed between a guest’s device and the network.