Article: Cyber Security, what is it, and how do we keep safe?

by Josanri Gey Van Pittius 010 592 2321 ad***@sc****************.za
 
Definition of Cyber Security:
 
Cyber Security is often referred to as Information Security; it is seen as the practise of ensuring the integrity, confidentiality and availability (ICA) of information stored by businesses, the government, schools and persons. Cyber Security is the use of an evolving set of tools, to protect the above mentioned data.
 
Why is Cyber Security important?
 
In our day-today lives we rely heavily on technology to do business, connect with people and learn, this leads to us storing digital data on our devices. Businesses, schools and the government store a great deal of data on computers and transmit it across networks to other computers. Devices and their underlying systems have security risks that, when exploited, can have negative effects on the health and objectives of an organization or person.
 
Cyber Threats to be Aware of:
 
As with everything else knowledge is key, if you are aware of the threats that your technology has to face it is easier to know how to prevent these threats. Common threats include:
 
• Malware is defined as malicious software such as computer viruses, spyware, Trojan horses, and key-loggers.
 
• Ransomware is defined as malware (malicious software) that locks or encrypts data until a ransom is paid.
 
• Phishing Attacks is seen as the practice of obtaining sensitive information (for example passwords, credit card information, etc.) through a disguised e-mail, phone calls, or text messages.
 
• Social engineering is the psychological manipulation of a person to obtain confidential information; often it overlaps with Phishing Attacks.
 
• Advanced Persistent Threat is seen as an attack in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected.
 
• Denial of Service Attack (DoS) – is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
• Hacking is the gaining of unauthorized access to data in a system or computer.
 
Motives for Cyber Crimes:
 
There are three basic motives to commit cyber-crimes:
 
• Monetary Benefit – These criminals often try to hack into a user’s personal or corporate bank details so they can gain monetary benefits from it.
 
• Information – Some cyber-criminals attempt to steal confidential information that can be sold at online marketing sites, or even to other competitor companies, or they will use it for personal benefits.
 
• Acknowledgment – Many cyber-criminals also may not want to benefit out of their crime, but rather want to showcase their name to the world.
 
Challenges that Cyber Security Faces:
 
The first challenge Cyber Security faces is the fact that, to ensure effective cyber security, business, schools and the government needs to co-ordinate their cyber security efforts throughout their entire information system; this includes all of the Elements of the Cyber System:
 
• Network security – is seen as the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware.
 
• Application security – Is the focus of keeping software and devices free of threats. A compromised application could provide access to the data it’s designed to protect. Successful security begins in the design stage, well before a program or device is deployed.
 
• Endpoint security – is referred to as a method of protecting the network when accessed, this is done usually through the use of a Virtual Private Network (VPN)
 
• Data security – is the protection of personal or confidential data, stored by companies, schools and the government.
 
• Identity management – is the process of identifying, authenticating and authorizing individuals or groups of people to have access to the system or network of an organization.
 
• Database and infrastructure security – the measures organizations take to ensure their databases are protected from internal and external threats.
 
• Cloud security – is the protection of data stored online from theft, leakage, and deletion. • Mobile security – is the protection of smartphones, tablets, laptops etc. and the networks they connect to, mobile security is also known as wireless security.
 
• Disaster recovery/business continuity planning – how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. A disaster recovery policy explains how businesses, schools and the government restore its operations and information. Business continuity is the plan these organizations use to fall back on while trying to operate without certain resources.
 
• End-user education – how schools, businesses and the government educate users/ staff members to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons that is vital for the security of any organization.
 
• Operational security – Includes the processes and decisions for handling and protecting data assets.
 
Another problem Cyber Security faces is the constant evolving of cyber-attacks and risks. This causes different approaches and recommendations to arrive, examples of these new approaches: the National Institute of Standards and Technology (NIST) to issue new guidelines in its risk assessment framework, these guidelines recommend a shift toward continuous monitoring and real-time assessments, a data-focused approach to security instead of to the traditional perimeter-based model.
 
Types of Cyber Security There are a multitude of Cyber Security Tools that can be used for Cyber Security, Cyber Security can be split into seven different types.
 
These are as follows:
 
• Network Security – helps to protect network traffic by controlling incoming and outgoing connections to prevent threats from entering or spreading on the network.
 
• Data Loss Prevention (DLP) – protects data by focusing on the location, classification and monitoring of information at rest, in use and in motion.
 
• Cloud Security – provides protection for data used in cloud-based services and applications, for example Apple Products.
 
• Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS) – works to identify potentially hostile cyber activity.
 
• Identity and Access Management (IAM) – is the use of authentication services to limit and track employee access to protect internal systems from malicious entities.
 
• Encryption – is the process of encoding data to render it unintelligible, and is often used during data transfer to prevent theft in transit.
 
• Antivirus/anti-malware solutions – are used to scan computer systems for known threats. Modern solutions are even able to detect previously unknown threats based on their behaviour. An example of this is Avast Security.
 
Types of Cyber Security Tools:
 
As mentioned above there are many Cyber Security Tools. These are some of the best Cyber Security Tools available:
 
• IBM QRadar Advisor and Watson – is a self-learning and self-evolving system that tracks a section, then formulates a strategy to encompass it when a security risk is found.
 
• Wireshark – Assesses vulnerable sections in a network and tracks all incoming and outgoing data.
 
• Cryptostopper – stops ransomware and malware attacks on a system by detecting “bots” that are encrypting files and deleting them.
 
• N MAP – recognizes hosts and receivers on a network, it runs on all operating systems and can scan on larger networks.
 
• Burp Suite – is a web scanning security tool, which scans web-based applications.
 
• OpenVAS – is a web security tool that works with two components, namely Scanner, this component scans for vulnerabilities and sends a compiled report to the user and Manager, this component compiles all the requests from the scanner and then makes a report.
 
• Nessus – checks for malicious hackers. It scans the computers on the network for unauthorized hackers who try to access the data from the internet.
 
• Metasploit Framework – is an open-source framework which is used for checking vulnerabilities. Users can run it manually or schedule automatic scans to check and run scripts, it can also exploit affected areas.
 
• SolarWinds Mail Assure – is a multi-functional tool that addresses e-mail security concerns.
 
Conclusion: With technology evolving on a daily basis, the security risks also evolve, thus it is important for users to ensure that their private and confidential information is kept safe. The best way of doing this is to ensure your Cyber Security is also evolving on a regular basis.

Disclaimer : this article does not constitute, nor should be construed as, the giving of legal advice and it is recommended that one of our attorneys is contacted 010 592 2321