July 012019

Importance of Cyber Security

Cyber Security is a subset of Information security. It is a mesh of multi-layered processes, technologies, and practices that protects computer systems and their components including hardware, software, and data. It prohibits unauthorized digital access and damages on your IT infrastructures. This integrated technique relies on firewalls, antivirus programs, and virus encryption tools to save and secure sensitive information - intellectual properties, financial data, and personal data of customers and employees of your organization.

The growing importance of Cyber Security
Given below are some of the key points that has made organizations around the world to rethink on their security methods.
  • Cyber threats are becoming advanced – With a wider advancements, cyber threats estrange organizations by originating from well-organized groups, state sponsored networks, and criminal networking groups who target businesses' critical and confidential information.
  • Cyber security is an evolving board level issue – Cyber security issues continue to occupy the leading edge in company's onboard agendas. Today, board members seek assertions from management with regard to cyber risks prevention and responsive recovery from attacks of any kind.
Top Functioning Elements of Cyber Security
  • Network security – The process starts with protecting the usability and integrity of your network and data. Effective network security manages access to your network by targeting a variety of threats and stopping them from entering or spreading on your network.
  • Application security – By making your web applications more secure through integration of application security tools with your application development environment, the work flow gets simple and effective.
  • End user education – One of the most standard causes of data breaches is human error. Organization's employees should be aware of phishing attacks through emails and stop using an insecure network.
  • Information security – For a business organization, it's mostly primary to protect and conserve information that includes business records, personal data, and intellectual property.
  • Operational security – Operational security protects organizational functions. It tracks critical information and takes down vulnerabilities effectively.

Cyber security threats types
  • Phishing – Phishing is a method of trying to gather personal information using deceptive emails and websites. The objective is to trick the e-mail recipient into believing that the e-mail is something they want or need. This might look like a message from a bank, a note from a company, or a link to download an attachment.
  • Ddos – Ddos is a shortened term for Distributed Denial Of Service. It is a kind of DOS attack where multiple systems infected with trojan target a single system resulting in a Denial of Service (DoS) atack. A DoS attack uses a single computer and a single internet connection to exploit the target resource whereas a DDoS attack uses multiple computers and web connections to malign the target resource.
  • Virus – It destroys your data by altering the way your computer operates and spreads from one computer to another. It is a malicious code that attaches itself in a legitimate program or document that supports macros in order to execute its' code.
  • Malware – It's an umbrella term for malicious software variants including virus, ransomware, and spyware. This functions as a developed code that aims to gain unauthorized access to a network. It is delivered in the form of a link or file over email and redirects the user to click on the link or open the file so that the malware gets executed.
  • Ransomware – A newly surfaced form of malware that locks users out of their files or devices and then demands an undisclosed online payment to restore access.
  • Spyware – It is an undesired software that pervades into your computing device, gathers your personal information and passes it on to advertisers, data firms and external agencies.

Few cyber security tools and their key distinguishing functions

1. Firewall : A firewall is a network security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented both as a hardware and software or a combination of both. Network firewalls prevent unauthorized internet users to gain access into private networks connected to the internet, especially intranets.
Key take away -
  • The criteria on which Firewall work are defined to determine whether to block or allow incoming and outgoing network traffic
  • Network connection statuses are tracked, allowing only those packets that matches to an open connection
  • All untrusted network based traffic are to be blocked
  • With the help of dashboards and monitors, security intrusions are displayed and detected
  • Queries and reports facilitate in retrieving detailed information about Firewall
  • Blocked network traffic alerts are displayed based on the reputation of the network

2. Data Leak Prevention : Data loss prevention is a string of technologies, techniques, and practices that are designed to stop sensitive information from leaving an organization. DLP strategies must include processes that monitor, detect, and block unauthorized flow of information. While enterprise DLP prevents classified data from getting diverted and protects the critical information of an organization, integrated DLP solutions streamline administration and lower costs.
Key take away -
  • Rule based/ regular expressions (DLP) detects identified pieces of structured data like credit card numbers, social security numbers, and health care codes/ records.
  • Database finger printing technique either takes live data or a database dump from a database and checks for exact matches.