In this article:
- What is cyber security?
- Types of cyber security threats
- Why is cyber security important?
- Cyber security law
- How is cyber security used?
What is cyber security?
Cyber security is the protection of internet-connected systems, including hardware, software and data, from cyberattacks.
In a computing context, security comprises cyber security and physical security -- both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of cybersecurity.
We can think of cyber security as a set of technologies, processes, and controls that are designed to protect digital systems from unauthorised access. According to Forbes, the global cyber security market will reach nearly $250 billion (£202.8 billion) in the next few years – this can be attributed to growing cyber-crime events and a near endless stream of new technological developments.
Elements of cybersecurity
Ensuring cybersecurity requires the coordination of efforts throughout an information system, which includes:
- Application security
- Information security
- Network security
- Disaster recovery/business continuity planning
- Operational security
- End-user education
Types of cybersecurity threats
The process of keeping up with new technologies, security trends and threat intelligence is a challenging task. However, it's necessary in order to protect information and other assets from cyberthreats, which take many forms.
- Ransomware is a type of malware that involves an attacker locking the victim's computer system files -- typically through encryption -- and demanding a payment to decrypt and unlock them.
- Malware is any file or program used to harm a computer user, such as worms, computer viruses, Trojan horses and spyware.
- Social engineering is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.
- Phishing is a form of fraud where fraudulent emails are sent that resemble emails from reputable sources; however, the intention of these emails is to steal sensitive data, such as credit card or login information.
Why is cyber security important?
Having strong cyber security should be a priority for all types of businesses, whatever the sector or size. By maintaining a stable level of protection, organisations can not only keep themselves safe from hackers, but also keep their customers safe too; a quality that means their reputation is strengthened through being known as trustworthy and safe.
The repercussions of cyber security breaches can be devastating; heavy financial loss (in the form of non-compliance fines or migrating customers) and reputational damage can be hard to recover from, and – considering our reliance on technology in the 21st century – no organisation can afford to stick their head in the sand when it comes to keeping this information secure.
The GDPR brought in new fines for data protection in 2018, aiming to bring about change for security teams in business. Good cyber security can reduce the likelihood of hackers getting into systems and networks, and in doing so, ensures that the business in question never becomes known for being careless or irresponsible, maintaining a positive relationship with its customers.
Cyber security law
Cyber security laws determine standards, rules, and regulations organisations should follow when using digital systems to store, retrieve, and send information in order to protect it from unauthorised access and data breaches.
The EU's GDPR and the UK's third generation Data Protection Act 2018 (DPA 2018) both aim to modernise data protection laws, taking into account the increased need for cyber security regulation in the digital age. The GDPR impacts all EU countries, and any countries wishing to offer goods and services to the EU, but it does allow EU countries to make provisions (on a strictly limited basis) for how it will apply in their country. To that end, the UK DPA 2018 applies GDPR standards (since Britain will continue to trade with the EU even after Brexit), but has been adjusted to afford the UK certain data processing rights for domestic issues, e.g., national security and the ICO's duties, that are not the concern of the international community.
Under GDPR, the requirement for organisations to process digital data with appropriate technical and organisational security measures is made clear, and the legislation extends data protection principles to include key definitions for 'data controllers' (the organisation that owns data and decides where it will go and what it will be used for) and the 'data processor' (the organisation that processes data on the controller's behalf).
GDPR stipulates that data processors, as well as data controllers, must take all necessary measures to ensure against unlawful and unauthorised data processing practices, including accidental loss, unlawful alteration, destruction, or damage of data. Organisations that process digital data must undertake risk assessments to evaluate and, as much as possible, mitigate the risk of a security breach. Adequate measures might take the form of encryption, cyber security training, up-to-date antivirus software, and so on.
How is cyber security used?
Using software to protect your systems and networks acts as a deterrent for hackers who prefer easy targets that require less effort and carry less risk of being caught. Although no software can promise 100% impenetrability, security software makes it that much harder for cyber criminals to create access points, and we can think of it as an extra layer of protection from hackers.
Antivirus software works by detecting and removing malware, as well as preventing it from getting into the system in the first place. Malware (or malicious software) is any piece of software that can be considered harmful. When we hear about Trojan horses, spyware, ransomware, viruses, and so on, what you're really hearing about is types of malware. Antivirus software works by regularly scanning your device and systematically removing items of malware already installed. It will also hunt for potentially harmful files included in emails or direct messages and notify recipients / remove the files before they can cause harm. Due to constant developments in malware, it is important to frequently update antivirus software in order to remain protected.
Firewalls are the first line of defence, they block some types of network traffic offering protection against untrusted networks. Firewalls work by monitoring your device's network traffic in real time, and denying connection requests from any source it regards as malicious. It acts as a filter, deciding what gets in and out of your network and giving you another source of security that is complementary to antivirus software. Some types of firewalls are:
- Packet filtering firewalls have a list of rules dictating what they will and will not allow through. However, this form of firewall allows through all web traffic, so is ineffective against web-based attacks.
- Stateful firewalls are similar to packet filtering firewalls but are a bit more sophisticated in keeping track of active connections.
- Deep packet inspection firewalls examine the contents of the data packet and can therefore differentiate attacks from normal access, in theory.
- Application-aware firewalls are similar to deep packet inspection firewalls, but more intelligent and able to understand some processes and whether they are harmful or benign.
- Application proxy firewalls intercept traffic (e.g. emails, web traffic, etc.) and validate them before allowing them to proceed.
Just like antivirus software, firewalls also require regular updates – users should never deny or ignore attempts by security software to update themselves.
Encryption utilises algorithms to convert data into complex codes. Users require a key (decryption algorithm) in order to quickly access any meaningful information. Encrypting data mitigates the risk of it being accessed and exploited by unauthorised users, as they will not be in possession of the necessary key. This form of protection is often used when sending information over the internet or storing it on portable devices.
Cyber security awareness is critical in protecting your systems. One lapse of knowledge in a single employee could result in your whole network being affected. For this reason, every single staff member must be thoroughly trained and engage in regular refreshers. Human error often opens the door to attackers. Whilst the risk of human error can never be eliminated, an in-depth knowledge of good security practices and the importance of compliance can reduce slips. Cyber security threats are constantly evolving, therefore it is vitally important to stay up-to-data on current protection and undergo regular cyber security training refreshers.