Blog
Cyber security or IT security is the protection of computer systems and networks from information disclosure, theft or damage of their hardware, software or electronic data, as well as the disruption or misdirection of the services they provide.
Cyber security aims to eliminate the risk of cyber-attacks and guard the system, networks, data and devices from unauthorized, unwarranted exploitation.
Table of Contents
Legal requirement for cyber security
Importance of cyber security
5 Types of Cyber-attacks
Automation and cyber security
Cyber security vendors, tools and services
Cyber security at Hurix – Best Practices
Legal requirement for cyber security
Yes, it is crucial for the organization to have cyber security measures in place. The GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 require organizations to implement fitting security measures to protect personal data.
Importance of cyber security
The rationale and benefits of cyber security are detailed as follows:
Increasingly sophisticated cyber-attacks are coming up. The tactics and the reach of cyber attackers are ever-increasing, including malware and ransomware, phishing, social engineering, insider threats, advanced persistent threats and others.
Unauthorized user access is prevented. Cyber security addresses vulnerabilities of the system and the network, thereby securing it from unauthorized access.
End users and devices are protected. Data privacy is maintained by the upkeep of cyber security. Data and network protection is also ensured.
Regulations are increasing the costs of cyber security breaches. Hefty fines are imposed by privacy laws like the GDPR and DPA on organizations that ignore the threat of cyber attacks.
Cyber security ensures the continuity of the business which is critical to the success of any organization.
Cyber security measures translate into a rise in the reputation of the company and consequently improved trust in the relationship with its clientele and all the stakeholders.
5 Types of Cyber-attacks
Cyber security risks can be even more challenging if the organization has resorted to remote working and hence has less control over employees’ activities and device security. A cyber attack can cost organizations billions and severely damage its reputation. Those organizations will likely lose sensitive data and face huge fines.
The different types of cyber-attacks include:
Malware: It is a kind of malicious software that can use any file or software to harm a computer user, such as worms, viruses, Trojans and spyware.
Social engineering: Users are tricked into breaking security procedures and the attackers gain sensitive, protected information.
Phishing: Fraudulent emails and text messages resembling those from reputable sources are sent at random to steal sensitive information such as credit cards.
Spear Phishing: It is a form of phishing attack but it has a particular (intended) target user or organization.
Ransomware: It is another type of malware in which the system is locked by an attacker through encryption that they would not decrypt and unlock until the ransom is paid.
Other common attacks include insider threats, distributed denial of service, advanced persistent threats, man-in-the-middle attacks, botnets, vishing, business email compromise, SQL injection attacks and zero-day exploits.
Effective training of the employees will enable them to understand the significance of cyber security. Regular cyber security risk assessment to evaluate risks and checking if the existing security controls are appropriate and if not, making mid-course corrections, will protect the company from cyber-attacks.
Automation and cyber security
The ever-increasing sophistication in cyber threats has led to automation becoming an integral component of cyber protection. Machine learning and Artificial Intelligence (AI) help in threat detection, threat response, attack classification, malware classification, traffic analysis, compliance analysis and more.
ITGovernance.co.uk presents a cyber security checklist.
Awareness training for the staff: Effective training of the employees and knowledge sharing of best practices with the employees about the threats they face is a necessary step in preventing cyber security breaches.
Added focus on web applications security: Web applications are particularly vulnerable to security breaches: hence it is crucial to increase focus on web application security.
Network security: It refers to the protection of the integrity and usability of the network and data. A network penetration test helps assess the network for security issues.
Leadership commitment: This is a very important factor for cyber security: the top management should be involved in and committed to cyber security and invest appropriately.
Strong passwords: The employees should be trained to create and maintain strong passwords.
Cyber security vendors, tools and services
TechTarget points out cyber security vendors who offer a variety of security tools and services.
Identity and access management (IAM)
Firewalls
Endpoint protection
Antimalware
Intrusion prevention/detection systems (IPS/IDS)
Data loss prevention (DLP)
Endpoint detection and response
Security information and event management (SIEM)
Encryption tools
Vulnerability scanners
Virtual private networks (VPNs)
Cloud workload protection platform (CWPP)
Cloud access security broker (CASB)
Some of the career opportunities in cyber security include Chief Information Security Officer, Chief security officer, security engineers, security analysts, security architects, penetration testers (ethical hackers), data protection officers, cryptographers and threat hunters.
Cyber security at Hurix – Best Practices
A recent study has shown that there are Cyber Attacks every 39 seconds, and most of them are targeted toward Web applications. So let’s talk about some of the best practices we follow at Hurix Digital for protecting your Web application against these common attacks.
1. Input validation means checking user-submitted variables for malicious or erroneous input that can cause strange behaviour. One approach is to implement a whitelist, which contains a set of patterns or criteria that match benign input. The whitelist approach allows conditions to be met and blocks everything.
2. Single Sign-on: It is common to see Web applications that utilize single sign on authentication, which pulls a user’s credential from a directory or identity database service. Though convenient, multi-factor authentication can make your application more secure by adding additional authentication steps for authorization. We believe that granularity lease, privilege, and separation of duty should be applied to users in order to prevent access to confidential or restricted data. Applications should run under non-privileged service accounts, and user access to system-level resources should be restricted. We have all seen information error messages that range from simple built-in notes to full-blown debugging information.
3. Application errors: should never reveal sensitive application implementation or even configuration settings, as this can be exploited by an attacker. So we keep those error messages generic. Storing secrets in a plain text password is also a big No. Information should never be stored in a publicly accessible location, such as a web directory or repository. We utilize the strongest encryption protocols and algorithms that meet compliance requirements.
