Here is the second post of the new 3Sixty blog series: A Simple Guide to Cybersecurity. In this blog post I intend to explain the basics of cybersecurity in a way that’s easy to understand. Of course, the people mainly responsible for cybersecurity are your IT department. But the reality is that, as employees, we all have a role to play in keeping information safe and secure.
Before we look deeper into the subject, it’s important that we understand the terminology; it’s really not that complicated when you break it down.
What is Cybersecurity?
The term ‘cyber’ is used as a prefix to describe anything relating to computer science and networks. So, pop that in front of the word security and what do you have? The definition of cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.
So, where has this new risk come from? Let me ask you to think about something for a minute. 10 years ago, how many devices did you use to access the internet? The answer is most probably a maximum of 2 – a desktop/laptop and a mobile phone, if you were willing to splash the cash on a Blackberry 8700c.
In 2015 we have laptops, mobile phones, tablets and even Smart TV’s that can access the internet. This applies to business too. In the past 10 years we’ve seen enormous advances in technology aiding business efficiency and productivity. Add to this the rise of the ‘Internet of Things’ (everything connected to the internet) and the opportunity for attackers to access and exploit our information becomes ever larger.
Why does Cybercrime happen?
There are different motives behind cyber-attacks. Some are carried out because the attacker doesn’t agree with the way an organisation is run, and the intention is to simply upset operations.
Another motive is financial/informational gain. In the two recent high profile attacks on Vodafone and TalkTalk, the hacker attempted to access the bank details of its customers.
Some attacks happen simply because they are showing off. Kudos/reputation is a significant motivator in the hacker community.
The danger is that people can access data a lot more easily through these various channels. All it takes is one person to click on a dubious link, and the entire enterprise is put at risk.
How does it happen?
So, what different techniques do these attackers use to access our information?
- Social engineering
Using lies and manipulation to trick people into sharing their personal information.
- Denial-of-service attacks
Flooding a network or server with traffic in order to make it unavailable to users
Devices that steal credit card information when the card is swiped through them.
Network of software robots that automatically spread malware and viruses.
Some of the above you may be familiar with, some you may not. We’ve all seen the spam e-mails in our inbox claiming that we’ve won a competition, trying to entice us to click on a link.
Social engineering and is the most common technique that, as end users, we are most likely to come across. Most legitimate companies will never ask for personal information through e-mail, so this is a tell-tale sign that someone is attempting to access your details.
I hope this short article has given you a clearer understanding of what cybersecurity is about and the different risks organisations and the public face.
In the next post we will delve into cloud and mobile security and will be published at the same time next week.
Any questions regarding cyber security or how our solutions guard against it? Call 0333 010 7999 and a member of our technical team will be happy to talk to you.