With an ever-growing realm of networks, computer systems and online services present, it is becoming more and more important to ensure that these systems and software are well protected but also regularly updated. As our dependence and reliance on them increases and with an increasing number of people able to access such systems, cyber security is a vital challenge that companies, developers and producers must overcome and regulate in order to ensure the protection of the users that use their products.
Although one would think that as the complexity and sophistication of technology increases, it becomes easier to protect these systems, but this is not necessarily the case. As computers and technology in general get more complex, they can also become susceptible to a greater number of vulnerabilities which can then get exploited and breached. As developments are made, some of these developments may leave the technology in potentially unknown territory, a place where a greater number of doors are opened for unauthorised users than that those of which are closed. Furthermore, as the complexity of technology increases, it can potentially allow for a greater number of tools and services to become available for those unauthorised users. And rather than them having to find open doors into the systems, they can open their own.
Despite all this, another key factor that can play into the vulnerability of a network or system are the users themselves. However secure and safe technology can be made, adequate amount of knowledge must be given to the users themselves so that they can protect themselves. If not, they can be viable to social engineering – the manipulation of users to reveal confidential information or perform certain actions. These social engineering techniques include phishing(Attempting to obtain sensitive and personal information by pretending to be a legitimate and reliable body), blagging(The act of obtaining information through the use of persuasion) and pharming (The manipulation of website traffic to redirect user’s onto fake sites) among others.
As mentioned above, cyber attacks can affect individuals, businesses, industries, governments and even whole nations. The growth in the number of computer systems and our increased reliance on them has allowed them to affect a greater number of groups and systems. A 2019 Year End Report by RiskBased Security showed that, in 2019, there were 7,098 breaches reported, exposing over 15.1 billion records. The number of records exposed in 2019 is 284% when compared to those of 2018. 2
The graphs above outline the changes in data breaches reported and records exposed every year. As can be seen, there has been a sustained, general increase in both. This comes to show, that with time, development and growth of the technology industry, the importance of cyber-security increases as do the causes for why we need cyber-security in the first place. Furthermore, security breaches and successful cyber attacks can cause serious financial damage and the loss of reputation and user confidence among other negative impacts.
Having now discussed the importance of cyber security, we can move on to looking at the ways in which organisations, businesses and individuals can address this level importance and ways in which they employ on cyber security to protect their data and prevent vulnerabilities in their systems. Elements of strong cybersecurity encompass the following: Application Security (Installation of security of features within applications during development to protect against cyber security threats which exploit vulnerabilities in the source code), Information Security (The employment of processes and strategies to prevent unauthorised access to the use, modification or destruction of information and data), Network Security (Configurations, policies and practices to prevent unauthorised access to a network and its services), Operational Security (An analytical process to identify and classify an organisation’s critcal information and developing mechanics to prevent that sensitive infomation), Disaster Recovery Planning / Business continuity planning (Plans and managed procedures to describe and detail how order can be resumed after a disasterto) and End-user education (The training of employees and users as well as increasing awareness about cyber attacks to reduce and prevent end user threats).
The utilisation of cybersecurity and having good cyber hygiene brings along with it some benefits including protection and prevention of cyber attacks, protection of data and networks, prevention of unauthorised users, improving recovery time and improving the confidence of users that use the services and products. However, these benefits can only be experienced when adequate amount of investment, effort and time is provided to this field – otherwise those benefits can quickly turn into the negative effects that are induced by cyber attacks.
- [Featured Image] https://images.idgesg.net/images/idge/imported/imageapi/2019/07/26/15/security_abstract_istock-100803344-large.jpg
- “2019 Year End Report”, RiskBased Security, Feb. 10, 2020, https://pages.riskbasedsecurity.com/hubfs/Reports/2019/2019%20Year%20End%20Data%20Breach%20QuickView%20Report.pdf