May 03, 2019 11:31
5 min read621 views so far!
Cyber Security is a collection of technologies, processes and controls designed to protect systems, networks and data from cyber attacks. Since the advent of the internet, there has been great importance placed on the need to protect information.
Having up to date technology is paramount in cybersecurity. When your company knows what risks it has to face, then the right technology can be installed to make sure that breaches in the security are reduced as much as possible. What is an acceptable amount of risk obviously differs from company to company, but they should be reduced as much as they can be.
Pillar two - Processes
How security measures are used is highly important to the safe running of a company. The processes are critical to how a company deals with breaches, and what is done to mitigate such instances. They also need to be under almost constant review, threats change very quickly, and companies need to know how to respond. An organisation needs to be able to adapt and change their processes to keep up. But then again, the processes that are set out mean nothing if people don’t follow them.
Specialised technical staff are some of the most important aspects of a businesses’ cybersecurity. They need to be fully aware of the latest threats. They also need to be qualified with the most up to date training that is available to them. These staff members can become a liability to the business if they are not fully trained and can fail to respond to attacks appropriately.
But it’s not just the specialised staff that are responsible. Every member of staff needs to follow the protocols and processes to keep themselves and the company safe while they are at work. This can be made more difficult by having BYOD (bring your own device) in the workplace. But also through the ability to spot phishing emails and other threats that might target people in the workplace. An effective security awareness programme can make a big difference in how people can help mitigate threats before they become a problem.
Types of Threats
There are many different types of cyber threats. Most people will have heard of Malware, Ransomware and Phishing. Some threats most people won’t come into contact with at all, and some might only be heard of in the news, in the event of a large scale attack.
Malware is the term given to any software designed to do damage to a computer or server. It covers things like computer viruses, Trojan horses and spyware. Most people might think that Malware is a specific thing, like scareware, but is, in fact, the term for all malicious software.
One of the biggest holes for cybercriminals to gain access is outdated software. If the operating software on your phone is not up to date, then hackers are able to exploit holes in software that, in newer versions have been patched and updated. If someone has not downloaded the patches, then the device they are using will be at risk.
Ransomware is pretty much what it says on the tin. It is a piece of software, that once has infiltrated your system, holds information to ransom. It usually locks the information through encryption, and then demands payment for the key to unlocking it.
The answer is incredibly simple, keep your software up to date. Make sure that your passwords are complex, and change them every few months or so. If it is helpful, use a password manager. Then you can keep all your passwords safe, without having to remember every single one. Some password managers are free, with obviously a premium service for those who want to pay for it.
Don't open emails from addresses you don't recognise. This is an easy way for phishing scammers to be able to get to you, and by clicking on a link in an email might even lead to your device being attacked.
Keep software as up to date as possible, download new patches and updates to programmes as they are released by the manufacturer. This way, it is more difficult for criminals to gain access to your personal and sensitive information.
Install antivirus software where you can. It is the most reliable way to keep your computer safe whilst on the internet.
Doing what we can to keep ourselves safe while using computers is very important. The use of cybersecurity will continue to be more and more pertinent in the future.