What is Cybersecurity?

What is cybersecurity? this is one of the most important thing to be aware of if you are connected to the internet.
Share and Support Us

Part I

Ever since the introduction of the internet the term cyber security has become very prominent and one of the most searched terms on the internet. And more importantly, the accelerated growth of the internet has also paved the way for cyber criminals using different techniques to launch an attack against a targeted victim connected to the internet.

Difference between Cybersecurity and Information security:

There is a lot of confusion  between the terms information security and cybersecurity. Some people say that cybersecurity is a subset of information security and some say the opposite. 

Cybersecurity is the process of securing things that are exposed through the internet and communication technology(ICT) or it can also be defined as the ability to protect cyberspace from hackers.  

On the other hand information security can be defined as the protection of information and information systems from theft, unauthorised access, disclosure and providing Confidentiality, Integrity and Availability (CIA). Not all data is information. 

For example: 02061997 is data, but when we know this is a date of birth of a person, it becomes information and needs to be secured.

Why is it important?

Cybersecurity is an important part of the organisation because every device we use or any data that is used is stored in the cloud which is basically a part of the internet and the usage of internet is increased to a great extent. Cybersecurity plays a vital role in protecting these devices and data from being stolen or accessed by unauthorised users.

From online banking to social media and sending emails everything is through the internet and it needs to be secured so that we do not use valuable data.

According to IBM and Ponemon’s Cost of a Data Breach study conducted in the year 2020, a single data breach cost UK enterprises an average of $3.88 million per attack/breach. The losses in cybersecurity to the UK customer’s totals to £8 billion as of 2016 and is projected to rise £25 billion by the year 2030.

Basic Definitions:

Bugs :

A bug is an error, flaw or a fault in a computer program or system that makes it to produce an incorrect or unexpected result, or to behave in unintended ways. For example, a bug can be an error in the code that can lead to unexpected results.

Vulnerabilities:

Vulnerability is a flaw or a weakness in the design or implementation of a computer system that could lead to a security incident.

Threat:

A set of circumstances that has the potential to cause loss or harm. Threats can be classified into intentional and accidental threats.

Exploit:

Exploit is a piece of data, code or a software which when executed takes advantage of the Vulnerability.

For an attacker to exploit a vulnerability, he must be aware of the vulnerability and be able to take advantage of it.

Attackers:

Attackers is one of the most commonly used terms in cyberspace because they are the opponents of the systems from whom we secure ourselves.

The attackers are usually outsiders but can also be from inside the organisation.

There are different types of attackers;

  • Script Kiddie
  • Hacktivists
  • Insiders
  • Nation states
  • Organized crime

Cybersecurity Attack Vectors:

As mentioned above, threat is a set of circumstances that has the potential to cause loss or harm. Cyber threats are not just hacking a system. It is a lot more than just hacking. There are different types of attack vectors the cyber criminals make use of to attack our systems.

Social Engineering:

Social engineering is a technique used by attackers to persuade people into performing actions and revealing private information that may be useful for fraudulent purposes.

Malware:

Malware is a script, code or a software that is designed to interrupt computer operations, gather confidential information, gain unauthorised access to computer systems without permission of the owner. Its primary function is to replicate and deliver its payload.

Ransomware:

A ransomware attack encrypts all the data in a system and demands a ransom from the owner to provide them with the decryption key. If confidential data is lost it causes heavy loss to the organisation and also damages the reputation.

Network Attack:

Network attacks happen when an attacker tries to gain unauthorised access to the network with an aim to steal data, infect the system with malware and to perform other malicious actions.

Types of Cyber Security:

Below are the types of cybersecurity that everyone should be aware of in order to understand the working of security and the measures to be in place based on their establishment.

Network Security:

Network security can be defined as the set of procedures followed to secure the network from internal and external attacks such as unauthorised access, Misuse, modification etc. Network security includes implementing a firewall, 2-factor authentication and strong passwords.

Information security:

On the other hand information security can be defined as the protection of information and information systems from theft, unauthorised access, disclosure and providing Confidentiality, Integrity and Availability (CIA).

The Security Goals:

There are three established security goals in Information security. They are called the CIA triad.

  • Confidentiality: Preventing unauthorised information release
  • Integrity: Prevention of unauthorised information modifications
  • Availability: Prevention of unauthorised DOS.

Computer Security:

Computer security is defined as the protection of the assets of the computer system. Examples of assets can be anything that is valuable to the organization. Eg: Hardware, software, people, data, information, process.

Cloud Security:

Cloud security is one of the most important types of security nowadays since every piece of information is stored in the cloud and it is necessary to secure all those data from attacks or theft. Cloud security is basically a set of policies, procedures, technical rules to secure data and the cloud computing infrastructure.

How to protect yourself from cyber attacks?

Cyber attacks are becoming inevitable nowadays and it is important for us to take precautionary measures to safeguard our network and systems from cyber attacks.

Below are a few techniques that can be used to protect our systems from being attacked and taken advantage of.

User Awareness/User Training:

User awareness and training which is one of the most important measures to mitigate this attack. The users should be given training about the different types of attacks. The people are the weakest link in the system and with proper training, such attacks can be mitigated and sensitive data can be secured.

Backup:

Backup is one of the most efficient ways of preventing data loss by malware. By having a regular backup of all the valuable data we do not have to worry about losing them. Taking a backup of sensitive data is always a best option.

Use Trusted Sites:

Only use trusted sites when giving personal information. Always use the URL which has the “https” in your browser and the one with the http url is not secure.

Do not open Unknown Links:

It is always advisable to not open links from unknown sources. These links might contain malicious softwares which when downloaded will take control of the system and will lead to loss of information.

Regular Updates:

There are thousands of new viruses. So it is important to update the signature list of the antivirus software so that none of the new viruses are left out and the operating system has to be updated regularly and patches have to be applied before the vulnerability is exploited.

Firewall:

The types of security related attacks are increasing on a daily basis and it is important fro us to safeguard our network from such attacks. In order to do that, a firewall must be implemented to secure the network and monitor incoming and outgoing traffic that comes through and drop unknown or suspicious traffic.

With a large number of people using the internet and the number of devices connected to the internet, security measures have to be in place and people have to be aware of the attacks and organisations need to have a strong security posture so that they can prevent the damage these attacks can cause to the organization and their data.

What is Cybersecurity? Part II” will be updated shortly. Subscribe to our newsletters to get regular updates on our new blogs. And also kindly share it with your friends and colleagues.

If your system is compromised or if you would like to be prepared you can contact us at info@rootfloe.com for a free consultation.

Related posts

Leave a Comment