Understanding the basics of cybersecurity
Information & Communications Technology and Media | 10 Nov 2020
Cybersecurity is a priority now more than ever. In a world currently preoccupied with the COVID-19 crisis, we forget that there is also a growing cybercrime pandemic. In the first of our series, we look at the basics of cybersecurity for some fundamental understanding.
We do not have to look far to see how important cybersecurity is. According to Hiscox, a Bermuda-based insurance provider, cyber losses rose about six times worldwide in the last 12 months. According to the “Cyber Readiness Report 2020“, cyber losses among affected firms totaled about $1.8 billion, up 50 percent from the previous year.
What is cybersecurity?
Cybersecurity is the practice/ process/ techniques involved in protecting sensitive data, computer systems, networks, software applications and any other digital infrastructure from malicious attacksor cyberattacks.
Cybersecurity can be understood in a variety of contexts, from business to mobile computing. Here are a few common cybersecurity categories:
- Application security: Keeping software and devices free from threats. Successful security begins during the design, even before deployment.
- Disaster recovery and business continuity: How the organisation responds to a cyber-threat and restores operations and information to the original operating capacity. The business continuity plan(BCP) is what the organisation falls back on, operating without certain resources. The importance of the BCP was perhaps made most apparent during the COVID-19 pandemic lockdown.
- Information security: The protection of the integrity and privacy of data.
- Network security: The securing of a computer network from intruders.
- Operational security: The processes and decisions for handling and protecting data assets. This includes the permissions that users have and where data may be stored or shared.
- User education: Addresses the most unpredictable cyber-security factor: People. This is arguably the weakest link in cybersecurity because anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices.
The CIA of cybersecurity – broad concept
Cybersecurity is a broad term but is based on three fundamental concepts known as “The CIA Triad“, which stands for Confidentiality, Integrity and Availability.
- Confidentiality: Defines the rules that limit the access of information and restrict sensitive information from being accessed by cyber attackers.
- Integrity: Assures that the data is consistent, accurate and trustworthy over time. Proper measures should be taken in an organization to ensure its safety.
- Availability: Maintaining and upgrading of all necessary components like hardware, software, networks, devices and security equipment. It also involves opting for extra security equipment like firewalls, disaster recovery plans, proxy servers and a proper backup solution.
The ABCs of cybersecurity
The ABCs of cybersecurity starts with knowing ourselves and the enemy. While easy to remember, these three essential steps help to deal with the risk and consequences of a cyberattack:
- Assessment phase:
i. Understand the system, what is valuable and what needs most protection
ii. Understand the known threats through threat modelling and risk assessment
- Best practices:
Address the risks and implement protection with the help of International Standards or industrial or global best practices
- Conformity assessment:
Assess the components of the system, the competencies of the people designing, operating, and maintaining it, and the processes and procedures running it. Various kinds of conformity assessments may be needed, for example corporate self-assessment, supplier’s declarations, independent or third-party assessment and testing, whichever are most appropriate according to the different levels of risk.
The aim of any cybersecurity strategy is to protect as many important assets as possible. While it may not be possible to protect everything in equal measure, it is vital to identify what needs the most protection. The strategy therefore is about understanding and mitigating risks to apply the right protection to the right points in the system.
Such a process must be closely aligned with the organisational goals because these decisions may have a serious impact on operations. Ideally, it should be based on a systems-approach that involves stakeholders from throughout the organisation.
A brief look at cyberattacks
With cyberattacks occurring every 14 seconds, firewalls, antivirus software, anti-spyware software and password management tools must all work in harmony to outwit increasingly creative cybercriminals.
Cybersecurity threats can be seen on 3 tiers:
- Cybercrime: Single actors or groups targeting systems for financial gain or to cause disruption.
- Cyber-attack: Often involves politically motivated information gathering.
- Cyberterrorism: Intended to undermine electronic systems to cause panic or fear.
Some of the common cyber-threats include:
- Tampering systems and the data stored within
- Unauthorized access to the targeted system and accessing sensitive information
- Disrupting normal functioning of the business and its processes
- Using ransomware attacks to encrypt data and extort money from victims
Damages from cybercrimes are projected to exceed $6 trillion by 2021. It is small wonder that just about every sector is investing in cybersecurity infrastructure to protect their businesses, and the millions of customers that trust them with their data.
Cyberattacks covers a swathe of topics, and we will take a deeper dive into some of cyber threats in the next article.
In an organization, to accomplish an effective cybersecurity approach, the peoples, processes, computers, networks, and technology of an organization, either big or small, should be equally responsible. If all components complement one another, it is very much possible to stand against tough cyber threats and attacks.