Cyber security is the practice of protecting essential systems and sensitive data from digital attacks. Additionally referred to as data technology (IT) security, cyber security measures are designed to combat threats against networked systems and applications, whether or not those threats originate from within or outside of a corporation.
Cybercriminals target customers’ personally identifiable information (PII) - names, addresses, national identification numbers (e.g., Social Security numbers within the U.S., fiscal codes in Italy), and credit card data – and then sell these records in underground digital marketplaces. Compromised PII usually results in a loss of client trust, regulative fines, and even legal
Why is cyber security important?
- Cyber-attacks are increasingly sophisticated - Cyber-attacks still grow in sophistication, with attackers using an ever-expanding variety of techniques. These include social engineering, malware and ransomware).
- The costs of cyber security breaches are rising - Privacy laws like the GDPR and DPA 2018 can mean important fines for organizations that suffer cyber security breaches. There are also non-financial costs to be thought-about, like reputational damage.
- Cyber security is a critical, board-level issue - New laws and reporting requirements create cyber security risk oversight a challenge. The board will need to continue to seek assurances from management that its cyber risk strategies can scale back the chance of attacks and limit monetary and operational impacts.
- Cyber-crime is a big business - In 2018, the cyber-crime economy was estimated to be worth $1.5 trillion, according to a study commissioned by Bromium. Political, moral and social incentives can even drive attackers.
What are some of the Common cyber threats?
Although cyber security professionals work hard to shut security gaps, attackers are perpetually searching for new ways to flee IT notice, evade defense measures, and exploit rising weaknesses.
The latest cyber security threats are putting a new spin on “known” threats, taking advantage of work-from-home environments, remote access tools, and new cloud services. These evolving threats include:
Malware – The term “malware” refers to malicious software variants—such as worms, viruses, Trojans and spyware—that give unauthorized access or cause harm to a computer. Malware attacks are increasingly “fileless” and designed to induce around familiar detection ways, like antivirus tools, that scan for malicious file attachments.
Ransomware – Ransomware is a kind of malware that locks down files, data or systems, and threatens to erase or destroy the data – or build private or sensitive data to the general public – unless a ransom is paid to the cybercriminals who launched the attack. Recent ransomware attacks have targeted state and native governments, that are easier to breach than organizations and under pressure to pay ransoms so as to revive applications and internet sites on which citizens rely.
Phishing / social engineering – Phishing is a kind of social engineering that tricks users into providing their own PII or sensitive info. In phishing scams, emails or text messages seem to be from a legitimate company asking for sensitive info, such as credit card information or login info. The FBI has noted a surge in pandemic-related phishing, tied to the growth of remote work.
Insider threats – Current or former staff, business partners, contractors, or anyone who has had access to systems or networks within the past will be thought of an business executive threat if they abuse their access permissions. Insider threats can be invisible to traditional security solutions like firewalls and intrusion detection systems, which focus on external threats.
Distributed denial-of-service (DDoS) attacks – A DDoS attack attempts to crash a server, website or network by overloading it with traffic, usually from multiple coordinated systems. DDoS attacks overwhelm enterprise networks via the simple network management protocol (SNMP), used for modems, printers, switches, routers, and servers.
Advanced persistent threats (APTs) – In an APT, an intruder or group of intruders infiltrate a system and remain undetected for an extended period. The intruder leaves networks and systems intact so that the intruder can spy on business activity and steal sensitive data while avoiding the activation of defensive countermeasures. The recent Solar Winds breach of United States government systems is an example of an APT.
Man-in-the-middle attacks – Man-in-the-middle is an eavesdropping attack, where a cybercriminal intercepts and relays messages between two parties in order to steal data. For example, on an unsecure Wi-Fi network, an attacker can intercept data being passed between a guest’s device and the network.