As more organisations adapt to become more digital, cybersecurity has never been more crucial and significant. Cybersecurity protects not just an organisation’s digital assets and technology; it also protects the organisation’s reputation. In 2020, the world became even more reliant on technology due to the COVID-19 pandemic, leading to a distinct shift in the type of cybersecurity threats occurring, with ransomware being the most significant one faced by organisations.
According to Cybersecurity Ventures, the damage related to cybercrimes were projected to hit $6 trillion annually by this year, showing how damaging a single breach could be for an organisation, and how cybersecurity could help prevent that. In this article, we will discuss the core principles of cybersecurity, the different types of cyber threats and their impact.
What is Cyber Security
Cybersecurity is commonly defined as protecting networks, devices and information from unauthorised access or cyber-attacks. These attacks may include tampering with organisation systems, and their data, unauthorised access to private and sensitive information, disruption of business processes, or ransomware, the act of encrypting data and blackmailing victims for money.
Protecting these networks, devices and data assets require a lot of planning and the proper use of technology. Hence it is not always as straightforward as just making a ‘strong password.’ Like an unlocked door or a lock that got picked, technology is a vulnerability for organisations as it gives cyber attackers something to attack.
Core Principles of Cyber Security
The principles of cybersecurity, revolve around protecting the confidentiality, integrity and availability of systems. Any cybersecurity plan or program should at least achieve one or more of these principles.
Confidentiality ensures that sensitive information is kept under restricted access only to authorised personnel
Integrity ensures that information and its credibility is maintained. Data is only valuable if it is accurate and its integrity is still intact, meaning no tampering was done to the data.
Availability ensures that measures are put into place to ensure that only authorised users can access the information. Unwanted personnel must be blocked.
Of course, cybersecurity does not only encompass these three principles, there are many other aspects unique to each and every organisation. However, these three are guiding principles when it comes to creating a secure way of protecting information in organisations.
Cyber Threats
Cyber threat is a malicious act to damage data, steal data or disrupt digital services.
There are three types of cyber threats:
Cybercrime - Involves an actor or groups that target a system for financial gain or cause disruption
Cyber attack - Involves politically motivated information gathering
Cyberterrorism - Involves undermining systems to cause panic or fear
Malware
Malware, also known as malicious software, is one of the most common cyber threats. It is software used by hackers to disrupt or even damage the end user’s computer or system. There are different types of malware such as:
Virus - A program, when executed, will replicate itself by modifying other computer programs and inserting its code into those programs. Think of it as a biological virus.
Trojans - A program disguised as legitimate software usually used to gain access to systems or computers. Once executed, the program is able to do many things such as spying on the user, stealing sensitive data and gain backdoor access to the system.
Ransomware - A program that locks down a user’s file and data, blackmailing the user for ransom by threatening to erase everything
Phishing
Phishing is another way to cause cyber threats by targeting victims through malicious e-mails that appear to be from a legitimate company. These e-mails would ask for sensitive information such as login details, credit card information and other personal information.
Man-in-the-middle attack
A man-in-the-middle attack is a cyber threat where the cybercriminal will intercept any communication between 2 parties to obtain the data. The attack is usually executed through unsecured Wi-Fi networks or the lack of a secure network.
Denial-of-service attack
A denial-of-service attack is a cyber threat whereby the system’s network and servers are overloaded with traffic, preventing the system from carrying out its functions and is therefore unusable. The downtime affects organisations that are reliant on such networks to provide service to their customers.
Cybercrime
The impact of these cyber threats can be very severe. The first being economic cost which includes theft of intellectual property of the organisation, sensitive corporate information, and the cost of repairing the hacked or damaged systems. Secondly, reputational cost which is a huge impact on any organisation as consumers lose trust in the organisation and potential future customers as well. Lastly, regulatory costs as data breaches could cost organisations to suffer from regulatory fines.
Conclusion
With more and more data and services going online, we are becoming more vulnerable to cyber threats. Cybersecurity is definitely a domain that needs to be made aware of and most certainly needs to be implemented across organisations and basically anyone who is on the web. This article gives you a very broad overview of the principles of cybersecurity as well as an understanding of the different cyber crimes. We will be covering how to start a successful career in cybersecurity in the upcoming article. To understand more about cybersecurity and perhaps if you are thinking of venturing into cybersecurity, do follow us at TheTechNative and we will guide you along.
Comments