What is Cyber Security?
Cyber security, which can be defined as the protection of systems, networks and data in cyber space, is a critical issue for all businesses.
Rapid technological developments have provided vast areas of new opportunity and potential sources of efficiency for organisations of all sizes. These new technologies which we all rely upon have, however, also brought with them unprecedented threats.
This page will introduce you to some of these threats, including cyber crime, cyber war, and cyber terror, and explain the precautions you should take against them.
On this page:
Introduction to the cyber risks
Cyber risks can be divided into three distinct areas:
Cyber crime: Individuals working alone, or in organised groups, intent on extracting money, data or causing disruption. This can take many forms, including the acquisition of credit/debit card data and intellectual property, and impairing the operations of a web site or service.
Cyber war: A nation state conducting sabotage and espionage against another nation in order to cause disruption or to extract data. This could involve the use of Advanced Persistent Threats (APTs).
Cyber terror: An organisation, working independently of a nation state, conducting terrorist activities through the medium of cyber space.
For additional information on all of them, read our book 'Cyber War, Cyber Terror, Cyber Crime', which offers a no-nonsense discussion.
Complete our free online Cyber Security Self-Assessment Questionnaire
, which will provide you with a high-level cyber security report.
Cyber security for organisations
Cyber security should be proportional to the risks faced by each organisation, and cyber security measures should be based upon the outcomes of a risk assessment.
It is unlikely that most organisations would face the threat of cyber war and cyber terror. Organisations that would have to consider measures against cyber war or cyber terror will include governments, those within the critical national infrastructure and very high-profile institutions.
Cyber crime is a far greater risk to all organisations, of all sizes, in all sectors, than cyber was. The Critical Issues - Cyber Security guide looks at cyber security challenges facing business today and proposes a fully-structured approach to achieving both cyber security and cyber resilience.
All organisations face one of two types of cyber attack:
Either they will be deliberately attacked because they have a high profile and appear to have valuable data (or there is some other publicity benefit in a successful attack), or
It will be opportunistic, because an automated scan detects the existence of exploitable vulnerabilities. Virtually every Internet-facing entity, unless it has been specifically tested and secured, will have exploitable vulnerabilities.
Cyber criminals are indiscriminate. Where there is a weakness, they will try to exploit it. Therefore, all organisations need to understand the cyber threats they face, and safeguard against them.
Introduction to cyber criminals
The cost of committing cyber crime is surprisingly low. A report from Fortinet, published in 2012, claimed that an effective Botnet (a network of private computers infected with malicious software and controlled without the owners' knowledge) can be established for as little as $350, or can be rented for just $535 per week.
The world of cyber crime never stops innovating. Every month, Microsoft publishes the vulnerabilities of its systems, an ever-growing list of known threats, bugs and viruses. For a more complete overview of cyber security threats, mailing lists such as Bugtraq can provide up-to-date resources listing all new 'bugs'.
Cyber criminals can now even buy ‘off-the-shelf’ hacking software, complete with support services. Cyber crime is increasingly simple to commit, making it more difficult to police.
Types of malware
Cyber criminals operate remotely, in what is called ‘automation at a distance’. There are many types of attack available to cyber criminals, which broadly fall under the umbrella term of malware (malicious software). These include:
Aim: Gain access to, steal, modify and /or corrupt information and files from a targeted computer system.
How: A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
Aim: By exploiting weaknesses in operating systems, worms seek to damage networks and often deliver payloads, which allow remote control of the infected computer.
How: Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
Aim: To take control of your computer and / or to collect personal information without your knowledge.
How: By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.
Aim: To create a ‘backdoor’ on your computer where information can be stolen and damage caused.
How: A software program appears to perform one function (for example, virus removal) but actually acts as something else.
There are a number of attack vectors available to cyber criminals:
Phishing: An attempt to deceive users into acquiring their information by masquerading as a legitimate entity such as spoof emails or websites
Pharming: An attack to redirect a website’s traffic to a different, fake website, where the individual's information is then compromised.
Drive-by: Opportunistic attacks against specific weaknesses within a system.
MITM: ‘Man in the middle attack’ where a middleman impersonates each endpoint and is thus able to manipulate both victims.
Social engineering: Exploiting the weakness of the individual by making them click malicious links, or by physically gaining access to a computer through deception. Pharming and phishing are examples of social engineering.
Tackling cyber security
Cyber space is unregulated and cyber criminals have a range of ways in which to attack organisations. It is essential therefore that you have robust cyber security that protects your critical assets, customer details and your operating systems.
Effective cyber security can also help you win new business by providing assurances of your commitment to cyber security to your supply chain partners, stakeholders and customers.
In order to achieve real cyber security, today’s organisations have to recognise that expensive software alone is not enough to protect them from cyber threats. The three fundamental domains of effective cyber security are: people, process and technology.
ISO27001 is the internationally recognised best practice standard for information security management. It forms the backbone of every intelligent cyber security risk management strategy. Other standards, frameworks and methodologies need ISO27001 in order to deliver their specific added value. Read about key cyber security standards here »
It Governance is the single-source provider of expertise regarding ISO 27001, Information Security and Cyber Security. We offer training, expert consultancy, and publish a unique selection of books, toolkits and papers like the globally recognised implementation manual for ISO 27001 which enable you to adopt, implement and manage adherence to the standard effectively.
IT Governance is a specialist in helping organisations with cyber security, cyber governance and cyber compliance. Find out more about our products and services here >>