For many organizations, cybersecurity can be one of those important topics that unfortunately gets lost in other company priorities. As the explosion of apps, IoT and mobile users bring about countless possibilities for a cyber-attack, today’s savvy organizations understand that a breach is more of a ‘when’ than an ‘if’.
So we’re here to unravel your critical cybersecurity questions.
What is Cybersecurity?
Look online and you’ll find many different ways to describe cybersecurity. It’s relatively all-encompassing, but the main objective is the protection of data. At the heart of the matter is people, process and technology.
The most important thing to know is what security professionals learn on the road to professional certification: cybersecurity is all about protecting the confidentiality, integrity, and availability of information. These three core elements represent the C-I-A triad (not to be confused with the other CIA).
Cybersecurity ensures that data is only seen by who it’s meant for (confidentiality), that it is not modified or deleted by an unauthorized third party (integrity), and it is accessible to anyone who needs it (availability).
As most of our data is connected to the Internet in some way, the definition of cybersecurity has evolved from the information security designation to include defending data and other devices against hackers, or what professionals call bad actors (not to be confused with an unconvincing thespian).
Why Is Cybersecurity Important?
With more data and devices connected to the Internet than ever before, the importance of cybersecurity for any business is escalating. Whether we like it or not, security needs to be top of mind for everyone in your company from the top down. All employees, especially at the executive level, must be aware of what threats exist and how to properly mitigate risk.
Cybersecurity is all about managing risks such as regulatory risks, reputation risks, and financial risks. By managing risks properly, we can build and maintain trust with stakeholders — such as authorities, customers, shareholders, and management — by ensuring that data is protected.
Perhaps the most powerful reason why cybersecurity is important boils down to the human element. After learning about the CIA triad, security professionals quickly learn that humans are the weakest link in the cybersecurity chain.
Especially in today’s constantly connected world, we are making split-second decisions on our devices — both at home and at work — all the time. Hackers and bad actors know this and rely on us to make decisions to either click on something we shouldn’t or divulge privileged information.
We have so much to do in our workday and multi-task by carrying out tasks on countless apps, websites, services, and devices. Unfortunately, cybersecurity is the last thing on our minds as we make our day-to-day and minute-to-minute decisions. When security mechanisms get in the way, too many of us neglect it.
Far too many companies have suffered serious damage due to a data breach; the most recent example being the Marriott attack, in which data belonging to 500 million customers was stolen.
There has never been a greater need for a security-first mindset across your business or enterprise. Our data, our information and our assets are vulnerable and need to be protected with robust security controls, standards, and strategies. However possible, promoting security awareness in your organization is essential.
Types of Cybersecurity
As we touched on earlier, cybersecurity is wide-ranging in scope. To help break things down, there are four essential elements of cybersecurity you need to be aware of.
This is probably the most specific type of cybersecurity and primarily covers software. Application security is the control activity used to ensure software applications are protected at all stages of their lifecycle – design, development, deployment, maintenance, upgrade, and retirement.
An example of this would be when you add functionality to your software that would prevent threats, attacks, and breaches.
Mobile application security is also included in this definition.
Branching out a little further, we have network security, which covers access and rights to your network and its resources. Network security is there to protect any internal network infrastructure.
Logins, passwords, access rights, VPNs, and firewalls are all examples of what is used to protect the network.
Perhaps one of the most crucial defense mechanisms for network security is endpoint security, a strategy to protect the connection between remote devices like laptops, tablets, smartphones and wireless devices and your corporate network. Endpoint security is there to ensure these devices meet your company’s security standards.
Once we’ve expanded into the cloud, we’re now covering security that protects data and resources that reside on the Internet (hopefully protected in some way). Cloud providers are continually creating and implementing new security tools to help enterprise users better secure their data.
However, it must be noted that Cloud security represents a shared responsibility between your company and the Cloud provider. In other words, the relationship needs to be managed.
IoT (Internet of Things) Security
Finally, there’s IoT security, possibly the most vulnerable element of cybersecurity. Internet-connected cameras, home appliances, voice assistants and more — by design they are not only connected to our private networks but also connected to the Internet.
What makes these devices so vulnerable is that most users don’t change the default passwords, turning them into easy targets for hackers.
In today’s business landscape, the threats to our assets and data are skyrocketing. Almost everything that touches your business could be a potential cybersecurity headache, but there are several prominent threats you should know about.
DOS (Denial of Service) Attack
A DOS attack occurs when an attacker actively prevents your users or customers from accessing one or more of your resources. Usually, this attack is achieved by sending an overwhelming amount of data for your resource to process, bringing the service down.
These attacks contain malicious code that can wreak havoc on your systems, and are typically brought about by a user clicking on a harmful link he or she is not aware of, or can also be embedded within software and file downloads.
Both viruses and ransomware are types of malware.
Ransomware is malware that, once invoked, forces the victim to pay a ransom to the hacker to prevent the malware from creating disaster (usually locking and encrypting data to render it inaccessible).
Phishing is perhaps the easiest way for an attacker to obtain sensitive information like usernames, passwords or juicy financial details. In a typical phishing attack, an email is sent to trick the target into thinking it is coming from a legitimate business or person. The emails usually contain a link that, if clicked on, take the user to a fraudulent website made to look like a valid login or support page to capture their confidential information.
For more detailed information on how a hacker hacks, check out the recent blog, CYBERSECURITY THREATS PART 1: HOW A HACKER HACKS, from Kim Ellery, Absolute’s Senior Director of Product Marketing.
Phishing is a form of social engineering, in which tactics are used to trick people into divulging sensitive information. While phishing relies on technology, social engineering does not require any technical know-how. With the right data, an attacker can call someone at your company, say the right things to establish trust, and get them to reveal data that should be kept confidential.
Physical security breach
A physical security breach is when a laptop, mobile device, USB stick or other resource is lost or stolen. Another example of a physical security breach would be an unauthorized individual entering your place of business with the intent of stealing data, assets, or resources.
A data breach occurs when there is a leak, compromise or theft of a company’s data or information relating to its business or its customers.
It’s important to note that many data breaches (such as the recent healthcare breach of Unity Point Health, which potentially compromised the PHI of 1.4 million patients), began with a phishing campaign.
Equally important: knowing what NOT to do after a data breach.
Where to Go From Here
With so many threats to think about, it’s understandable to be overwhelmed. Keeping up with all the latest advancements in cybersecurity may be too much for the average company’s IT team.
Thankfully, there are countless resources available to help with best practices. NIST’s extensive Cybersecurity Framework and SANS Institute’s collection of information security resources are highly recommended.
You may also want to outsource cybersecurity functions to a managed security service provider.
Regardless of who is responsible for threat management in your organization, there are a few basic strategies you simply cannot ignore:
- Software, anti-virus, firewalls, and systems are patched and up to date
- An incident response plan is clearly defined and in place
- Users and management are well-educated about cybersecurity and how to recognize attacks like phishing
Still not sure how to start? We’ve teamed up with SANS Institute to bring you “Cyber Threat Checklist: Are you Prepared?” a special webinar to help plan your strategy for assembling the key components you need to include.