Cybersecurity is one of those topics that gets lost amongst company priorities. Nobody thinks about cybersecurity until something bad happens like a data breach or a ransomware attack. The problem is the explosion of apps, IoT (Internet of Things, like internet-connect appliances), and mobile devices opened the door to hundreds of ways your company is vulnerable to a cyber attack. We’ve never been so vulnerable to cyber attack and it’s up to everyone to learn how to protect themselves online.
With all the ways you could be attacked, it’s only a matter of “when” not “if” you will be attacked. What you need to do now are three things:
- Understand the basics of cybersecurity
- How to prevent attacks
- How to thwart an attack when it happens.
If you think, “oh it won’t happen to me” today I received an email from my CEO to email him back with my phone number because he needed to talk with me. Except it wasn’t from my CEO, it was from a scammer trying to get me to buy gift cards “for clients”. This phishing attempt was poorly executed and I—and several others of us who got the same email—saw through it, but imagine if I didn’t. I could be out hundreds of dollars from my own pocket. Phishing is the number one vector for ransomware attacks. Imagine if the email contained a Word document with a malicious script? Who wouldn’t open an attachment from the CEO asking you to read something?
This is why Cybersecurity 101 is essential for you and everyone at your company.
What is Cybersecurity?
Cybersecurity is how data, systems, devices, and networks are protected from hackers, viruses, malware, and data breaches. Just like a home alarm system is security protecting your house, cybersecurity is security protecting computers.
Cybersecurity focuses on the C-I-A Triad: Confidentiality, Integrity,
and Availability (of information/data). These broad concepts mean a lot of different things in practice, but all come down to simple definitions.
Confidentiality means only the people who should see data can see data. Personnel records should only be visible to HR, payroll, and line managers, if anyone can access payroll records or employee evaluations through a company file share (or worse on the internet)—then the data isn’t confidential.
Integrity means only the people who should be able to modify or delete data, can. In the example above, if I can go into the payroll system and give myself a 200% raise without payroll noticing, there is no
Finally availability is ensuring when people need the data, they can get to it. I shouldn’t be able to edit my payroll record, but I should be able to get my paystubs or check if my banking information is correct. If something is wrong, then payroll can make the changes—not me.
Why Is Cybersecurity Important?
With billions of devices connected to the Internet and all those device have sensitive data on them, cybersecurity is as essential as locking the office door when you leave at night. Cybersecurity needs to be top of mind for everyone in your company—not just IT.
Cybersecurity is all about managing and mitigating risks. Well-managed risks builds trust inside and outside the company—such as authorities, customers, shareholders, and management—by ensuring that data is protected. Well-protected data doesn’t wind up in the hands of hackers. Well-protected data doesn’t make headlines—it keeps businesses running.
Humans are the weakest link in the cybersecurity chain. No matter how locked down your servers are, if the admin credentials are leaked to the internet, it doesn’t matter. We make split-second decisions on our devices — both at home and at work — all the time. Is this spam? Is this phishing? Is this safe to download. And no one is immune.
When security mechanisms get in the way, people start breaking the chain. Too many requests to change passwords, we start forgetting and writing them down. Too many different apps to sign into, it’s just easier to use a single password for all of them.
Hundreds of companies have suffered serious damage due to a data breach. The the Marriott breach, where data belonging to 500 million customers was stolen—not once, but twice, the infamous Equifax hack—which was an inside job, hospitals and cities paralyzed with ransomware—the list grows daily. And often the underlying cause is a single person clicking a single link on a single email.
There has never been a greater need for a security-first mindset across your business. Our data, our information, and our assets are vulnerable and need to be protected with robust security controls, standards, and strategies. Promoting security awareness in your organization is essential to you staying in business. The average data breach costs roughly $8M and 60% of SMBs hit with a cyber attack are out of business in six months.
What Cybersecurity Protects
Cybersecurity is a broad topic and discipline, to simplify things, there are four essential elements of cybersecurity you need to be aware of.
Application security ensures software applications are protected at all stages of their lifecycle—design, development, deployment, maintenance, upgrade, and retirement.
- Adding functionality that prevent threats, attacks, and breaches
- Code audits of external libraries for security flaws
- Keeping operating systems patched and up to date
- Controlling who can access and change applications/data in production
Network security, covers who can access your network and once on the network controlling who has access to what.
- Limiting access to internal servers to computers connected to the network
- Disabling or strictly limiting remote access to servers
- Having a password on your Wi-Fi network
- Creating a guest Wi-Fi network so guests can get to the internet, but not internal resources like printers or file servers
- Creating password policies for low, medium, and high risk resources
- Controlling who has access to what. Like having file servers only for HR or IT or operations instead of one server for everyone with open access
- VPNs to protect remote workers and allow controlled, secure access to the internal network when they aren’t in the office
- Network firewalls and router protections to thwart and detect attacks.
Perhaps one of the most crucial defense mechanisms for network security is endpoint security—protecting connections between remote devices like laptops, tablets, and smartphones and your corporate network. Evolving technologies and remote work make endpoint security more important than ever before. Your endpoint security strategy addresses how comply with your company’s security standards.
Security protecting data and resources that reside on the Internet. Cloud providers continually create and implement new security tools to help enterprise users better secure their data.
Cloud security represents a shared responsibility between your company and the Cloud provider. Both sides have to do their part to protect data on shared, remote services.
IoT (Internet of Things) Security
Finally, there’s IoT security, possibly the most vulnerable element of cybersecurity. Internet-connected cameras, home appliances, and voice assistants are not only connected to your network but the Internet too. What makes these devices so vulnerable to attack is most users don’t change the default passwords and, worse, many devices lack security protections in at all.
Cybersecurity Threats: What You Have to Protect Against
Threats to our assets and data are skyrocketing. Almost everything that touches your business could be a potential cybersecurity headache, but there are several common threats you should know about and know how to protect yourself against.
DDoS (Distributed Denial of Service) Attack
A DDoS attack occurs when an attacker actively prevents your users or customers from accessing one or more of your resources. Usually, this attack is achieved by sending an overwhelming amount of data for your resource to process, bringing the service down. For example flooding your website with so much traffics the site crashes.
Malware, Viruses, and Ransomware
These attacks wreak havoc on your system. These threats come from a user clicking on a harmful link they thought was okay, embedded within software or file downloads, or malicious websites. We’re familiar with computer viruses, but malware is the catch-all term for applications that do something unexpected—usually bad—to a device.
Ransomeware is a kind of malware that encrypts data on computers and servers locking you out of your files and often the systems themselves. The ransom part is the hacker will demand money in exchange for the encryption key to decrypt the files. A robust backup strategy/program is one of the best defenses against ransomware.
Phishing is perhaps the easiest way for an attacker to obtain sensitive information like usernames, passwords or other sensitive information from people. In a typical phishing attack, an email is sent to trick the target into thinking it is coming from a legitimate business or person. The emails usually contain a link that, if clicked on, take the user to a fraudulent website made to look like a valid login or support page to capture their information.
For more detailed information on how a hacker hacks, read CYBERSECURITY THREATS PART 1: HOW A HACKER HACKS
Phishing is an example of social engineering—tactics used to trick people into doing something they probably shouldn’t. While phishing relies on technology, social engineering does not require any technical know-how. With the right data, an attacker can call someone at your company, say the right things to establish trust, and get them to reveal data that should be kept confidential.
Physical security breach
A physical security breach is when physical things—laptops, phones, USB sticks, or even people aren’t where they are supposed to be.
- Lost or stolen devices
- An unauthorized Wi-Fi access point is set up in the building that is controlled by a hacker
- A USB stick with malware is connected to a computer
- A person gets into the building by tricking someone into letting them in (the delivery person with an armful of packages is a common ploy).
A data breach occurs when there is a leak, compromise, or theft of a company’s data or information relating to its business or its customers.
It’s important to note that many data breaches (such as the recent healthcare breach of Unity Point Health, which potentially compromised the PHI of 1.4 million patients), began with a phishing campaign.
Equally important: Knowing what NOT to do after a data breach
Next Steps to Improve Your Cybersecurity
With so many threats to think about, it’s understandable to be overwhelmed. Keeping up with all the latest advancements in cybersecurity may be too much for the average company’s IT team.
Thankfully, there are countless resources available to help with best practices. NIST’s extensive Cybersecurity Framework and SANS Institute’s collection of information security resources are highly recommended.
Regardless of who is responsible for threat management in your organization, there are a few basic strategies you simply cannot ignore:
- Software, anti-virus, firewalls, and systems are patched and up to date
- An incident response plan is clearly defined and in place
- Users and management are well-educated about cybersecurity and how to recognize attacks like phishing
Global cybersecurity spend is up – way up. Yet, 77% of IT and security teams report having little-to-no confidence to prevent or mitigate cyber risks. Why is that? Unmask true risk in your device population, and discover actions toward real-world resilience with the help of our new research: 2019 The State of Endpoint Security Trends.