
Cybersecurity is a subset of the Information Security realm. Before the advent of the internet data was was stored in the data centers and access to it was very controlled. Only people within an office premise could access the data from company issued devices (desktops, laptops, dumb terminals). Access to office premises and data centers was controlled via access cards, keys, security guards, etc. If there were communications between companies, it was done via private lines and the controls were similar across organizations.
Fast forward to the internet era. It can be thought of as moving your organization from a gated community to a non-gated community.
The physical boundaries of the data access layer have been pushed beyond the physical office premises using internet as the transport. Properties on the internet are accessible by anyone from anywhere. As a result the number of threat vectors have increased exponentially. In my opinion this is where cybersecurity comes in.
Although the security controls within the data center have not changed much but the security controls to protect the data access layer exposed to the internet is constantly changing and so is the the threat landscape.
The inherent risks can be placed in two buckets:
- Internet Property Environment:
- Web server configuration issues/vulnerabilities
- Web application programming issues/vulnerabilities
- Firewall configuration issues/vulnerabilities
- Router configuration issues/vulnerabilities
- IDS/IPS configuration issues/vulnerabilities
- Application firewall configuration issues/vulnerabilities
- Security Incident detection & response issues
- etc..
- End user environment, the environment the use uses to access the Internet property:
- Handheld device OS configuration issues/vulnerabilities
- Handheld device application configuration issues/vulneratilities
- Above two points can be extended to laptop, and desktop configuration issues/vulnerabilities
- Users own password management methodology, if this is weak, no state of the art technology can prevent the aftermath.
- Users awareness of how to navigate the internet, and ability to distinguish good from the bad.
In a nutshell every Information Security team should have a dedicated cybersecurity team to stay on top of the above two risks.
1. Most cybersecurity threats can be prevented.
There are numerous reports on companies, which have been attacked by hackers and lost significant revenue. While these threats look complex and sophisticated to an inexperienced eye, most of them can be prevented by establishing the right security measures.
2. Poor email security poses major threats.
One of the main causes of poor company security is email messages. Often, malicious people will send phishing emails, which attempt to obtain confidential company information by installing malware into the network or redirecting to compromised domains.
3. Mobile phones can cause security breaches.
More companies are relying on mobile devices such as smartphones and tablets to perform operations out of the office. While this is efficient, a device without the right protective measures can be easily compromised through theft or hacking.
4. IoT will present new cybersecurity challenges.
The future of the business world is in the Internet of Things (IoT), which seeks to interconnect all digital resources. This integration will improve efficiency, but great expertise will be required to handle the new threats.
5. Most companies avoid encryption.
Encryption is a well-known concept which is designed to prevent outsiders from reading confidential data if they do access it. Unfortunately, most companies favor this security measure but they have not implemented it into their organizations.
6. Attacks cause loss of customer trust.
When hackers attack a company, the customers tend to lose trust in them. This is particularly true for enterprises, which are entrusted with financial information. Therefore, even if the company recovers their information, recovering their customer’s trust will be more difficult.
7. Downtime can cripple businesses.
Cyber-attacks cause downtime in business. A normal company will take time away to regroup and restore the systems. The downtime can be crippling because the time taken will allow customers to shift their attention to competitors.
8. Employee negligence can compromise network security.
The most significant cyber threats come from hackers and their malicious software. However, employee negligence can contribute to the loss of data and security breaches. This aspect should be accounted for when setting up cyber security measures.
9. IT security intelligence is underutilized.
Intelligence on cyber security threats is available on numerous platforms with IT professionals. However, this information is not utilized in most companies because technicians are unaware. As a potential specialist, you should know the importance of being aware.
10.There is cybersecurity skills shortage.
While most businesses are using IT for daily tasks, numerous companies lack professionals to handle their security. This can be attributed to the shortage of cyber security experts.