What is Cyber Security?
You have most likely heard about the concept of cyber security previously, but you might not be aware of what it actually entails.
Cyber security is the process of protecting computers, mobile phones, servers, networks and technology systems from attacks that might compromise their security, expose, corrupt or steal data, cause systems failure, create fraudulent activity, intentionally cause reputational damage, or other types of damage to your systems and data.
Cyber Security is the technology, processes and expertise coming together to defeat this activity, and keep systems and data secure.
Specific threats can be defeated by specific security measures and controls and so having expert guidance in this can lead to considerable savings in time, effort and resources, in making sure that the defences are effective, well configured and managed appropriately and within budget and compliance expectations.
This is why Canda exists, and is here to help both large and small enterprises navigate this minefield in an effective manner, taking a robust but also pragmatic approach to ensuring the security of your systems and data.
Cyber Security Domains
Cyber security can be divided into several categories that work to protect your systems and data from cyber attacks. The people, processes and technology all need to complement each other for an organisation’s protection to be effective.
Here are a few of the common cyber security domains which each require a unique approach, toolset, skills, policy and management approach.
- Network security: Security of the network, devices and gateways which protect and provide access to your systems and organisation networks.
- Application security: Ensuring that code development, application interfaces and processing is hardened against all known exploits and attack techniques.
- Infrastructure & Platform security: Ensuring the hardening and configuration of systems is robust and ongoing.
- Cloud security: The supporting Cloud infrastructure and vendor systems providing the platforms and applications supporting your business systems.
- Information security: The data management and storage systems and controls which provide access to organisational data.
- EndPoint security: Devices used by system users within your business to access applications and resources.
- Operational security: The ongoing operational capability supporting the security service which governs and controls access to IT systems and data.
- Governance Risk Compliance (GRC): The supporting management, policy, risk and compliance frameworks which govern how systems are secured and managed in an organisation.
What does cyber security protect against?
Overall cyber security works to protect different types of digital information and assets from cyberattacks. The number of threats has significantly increased in recent years due to the digitalisation of many documents, processes and services. Attackers have differing motives for the attacks. Some may want to expose data and cause reputational damage, while others may want to encrypt your data and conduct a ‘ransomware’ attack, or to just destroy sensitive information. Some attacks are not targeted but rather opportunistic and automated seeking poorly configured and secured systems.
Large scale businesses, medical services and public entities are the main industries that experience the most hacks and threats from attackers due to the amount of personal and financial information they hold and process. These industries need to be especially mindful and prepared with multiple layers of protection across networks and systems.
There are several different ways individuals might attack your organisational or personal systems. Hackers are very smart in disguising their dangerous software and even experienced users might run into a threat once in a while. We highlight some of the main types of cyber attacks that you could experience:
Malware involves malicious software and is one of the most common cyber attacks that you can experience. It often enters your system via an email attachment or a download from the web. They come in the forms of viruses, ransomware or adware, and are very good at hiding their real nature.
Phishing involves hackers pretending they are a legitimate company, and sending emails to victims asking for sensitive information. These attacks often include asking for credit card details and other personal information that they can later use in a fradulent attack.
Ransomware involves software designed to encrypt data with a secret key, thus preventing you from accessing your own data. Hackers ask for a ransom to grant you access to the encrypted data and often threaten to delete your information if payment is not made in time.
Canda are Cyber Security experts
If you want to protect your organisation or business against cyber attack, get in touch with Canda. Canda offers a range of services which can help to protect against cyber attack and raise the security profile of your organisation . Contact us today if you would like to take this precaution and reduce your risk of being the victim of an attack.