Cybersecurity 101: What is Cybersecurity?
What is cybersecurity?
Cybersecurity is the practice of protecting the organisation’s network, internet-facing assets or systems such as hardware, software/applications and data from cyberthreats. The purpose of cybersecurity is to defend those assets critical to business operations against all possible threat actors, ideally known and unknown, throughout the entire life cycle of a cyber-attack. Understanding the basics of cybersecurity will allow you to better manage your business cyber risks and prioritise your cybersecurity program.
What is the difference between Cybersecurity vs Information Security?
Generally, Cybersecurity is often confused with information security. Cybersecurity focuses on protecting an organisation’s network and systems from unauthorised access or attempts to damage or made inaccessible to data. Information security is a broader category that looks to protect all information assets, whether in hard copy such as printouts of contracts or other sensitive documents or in digital form such as transfer of sensitive documents via different channels.
Why is cybersecurity important?
With an increasing number of devices, applications and data, in which much of it will be sensitive and confidential in nature, in the modern workforce, the importance of cybersecurity continues to grow upwards. The growing volume and sophistication of cyber threat actors and attack techniques complicates the problem even further.
- Costs of cybersecurity breaches are on the rise
With the introduction of GDPR and amendments to PDPA law, it can mean businesses are susceptible to significant fines incurred by cybersecurity or data breaches. It is also important to note that there are other non-financial costs to be considered, such as reputational / brand damage.
- Cyber-attacks are increasingly getting more sophisticated
Cyber-attacks continue to grow in sophistication, with cyber actors leveraging on an ever-expanding variety of tactics such as social engineering, malware and ransomware. One of the biggest threats, and the most simplest is in the form of email phishing. As cost of setting up the attack infrastructure becomes cheaper, and the introduction of automation, it’s no brainer that such attacks are popular. Not to forget, the weakest link is always the human factor.
- Cybercrime is big and lucrative business
In 2018, the cybercrime economy was estimated to be worth $1.5 trillion, according to a study commissioned by Bromium. Political, ethical and social incentives can also drive cyber attackers to act. Furthermore, there was a publication on how cyber insurance are fuelling the rise in ransomware attacks.
What are the elements of good cybersecurity program?
A good cybersecurity program can be categorised into a few segments and the coordination of everyone involved, both the management and all the employees, is crucial to the success of a cybersecurity program. These sections include the following:
- External Network Security
- Internal Network & Perimeter Security
- Endpoint Protection & Security
- Application Security
- Data Backup & Security
- Cloud Security
- Disaster recovery or business continuity planning (BCP)
- Physical security
- End-user education & Training
Looking for a simplified cloud-based cybersecurity platform that covers Attack Prevention, Threat Detection and Security Assessment?
Introducing eSentinel™, a simplified all-in-one (360°) cybersecurity protection platform for business, an additional cyber defense layer at the ISP level.
Maintaining cybersecurity posture in a constantly evolving threat landscape, especially after the COVID-19 pandemic, is a challenge for all businesses. Traditionally, IT department managers or decision makers are known to use reactive approaches, in which resources such as budgets and skillsets were invested in protecting systems against the top known cyber threats, while lesser known cyber threats were prioritised lesser and probably undefended, is no longer a sufficient and advisable cybersecurity tactic.
For businesses to keep up with ever-changing cybersecurity risks, a more proactive and adaptive approach is definitely necessary. Several key cybersecurity advisory organisations offer guidance such as the National Institute of Standards and Technology (NIST), where recommendations are on adopting continuous monitoring and real-time assessments as part of a risk assessment framework to defend against both known and unknown threats.
What are the benefits of cybersecurity?
There are many benefits to implementing and maintaining a good cybersecurity program. They include the following:
- Protection against cyberattacks and data breaches.
- Securing your business data and critical networks.
- Unauthorised user access prevention.
- Recovery time from a cyber-attack.
- Protection of end users and endpoint devices.
- Regulatory compliance such as MAS TRM or PDPA.
- Business continuity in the event of disaster, for example, COVID-19 remote work.
- Confidence and trust in business reputation & brand image.
What are the different types of cybersecurity threats in 2021?
To implement and maintain an appropriate level of cyber security that makes business and financial sense for your company, you need to understand the cyber threats your organisation might possibly encounter.The process of keeping abreast with new technologies, security trends and threat intelligence is a challenging and time-demanding task.
If you are in the financial industry in Singapore, Monetary Authority of Singapore (MAS) published the Technology Risk Management (TRM) 2021 guidelines and the new chapter 12, referring to Cybersecurity Operations, stated that organisations should participate or subscribed to cyber intelligence sharing platforms. Examples of such platforms can be FS-ISAC, ITSAC, SingCert or CVE. Such activities help to improve the resilience of businesses to cyberattacks and we can take this guidelines from MAS TRM guideline as a reference.
It is absolutely necessary to protect information and other assets such as networks and systems from cyber threats, and these cyberthreats can include:
Backdoors allow remote access to computers or systems without users’ knowledge.
Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.
- DDoS attacks
DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.
- Advanced persistent threats
Advanced persistent threats (APTs) are prolonged targeted attacks in which an attacker infiltrates a network and remains undetected for long periods of time with the aim to steal data.
- DNS poisoning attacks
DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.
Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS attacks.
Malware is a broad term used to describe any file or program that is intended to harm or disrupt a computer. This includes Botnet software, ransomware attack, Remote-Access Trojans (RATs), rootkits and bootkits, spyware, trojan, viruses and worms.
- Drive-by downloads
Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.
- Man-in-the-middle (MITM) attacks
A MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered. MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers can insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.
- Phishing attacks
Phishing is a method of social engineering used to trick people into divulging sensitive or confidential information, often via email. Not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations.
As employees are the weakest link for all cybersecurity, end user training and education is key to the resilience of any program, Download a copy of our end user phishing guide to share with your colleagues to increase cybersecurity awareness.
- Social engineering
Social engineering is used to deceive and manipulate victims in order to obtain information or gain access to their computer. This is achieved by tricking users into clicking malicious links or by physically gaining access to a computer through deception.
- SQL Injection
A SQL (Structured Query Language) injection occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.
Other common attacks include malvertising, exploit kits, vishing, credential stuffing attacks, cross-site scripting (XSS) attacks, business email compromise (BEC) and zero-day exploits.
Not sure where to start with your cybersecurity program after reading all these?
We recommend to start with something simple such as email protection to protect against email-based attacks. Protecting your critical business data start with protecting your employees from the most common attack. Trial for FREE 30 days with eSentinel™ - Email Protection.
What are the top cybersecurity challenges?
Digital transformation or digitalisation will increasingly impacts how a business or organisation secures it’s critical infrastructure and digital assets. With rapid adoption of new technologies, cybersecurity team and program will continually be challenged by hackers, data loss, privacy, risk management and changing cybersecurity strategies.
Facing these heightened risks, Information technology (IT) decision-makers and even board members to management team need to acknowledge that cybersecurity is and have to be the top priority.
The number of cyberattacks is not expected to decrease anytime in the near future. In fact, reports and statistics have indicated that cyber-attacks will grow exponentially. Moreover, increased and new entry points for attacks, such as the increased adoption of internet of things (IoT), increase the need of organisations to look into further securing new networks and devices.
Lack of cybersecurity expertise is another known challenge. As the amount of data collected and used by businesses grows, the need for cybersecurity staff to analyse, manage and respond to incidents also increases. Organisations may have the resources to hire a cybersecurity talent, but the supply of such talents in the market is limited. With cybersecurity expertise becoming so difficult to source and retain, organisations should consider cultivating this talent organically within. There are numerous government grants available to train your employees to acquire new skills, especially in the area of cybersecurity.
Netpluz Asia Managed Cybersecurity Offerings
- DDos Attack Mitigation Solutions
- Web Defacement Monitoring & Detection
- Email Protection
- Endpoint Protection
- Managed Security Operations Centre (SOC) / Managed Security Service
- Vulnerability Assessment & Penetration Testing
- Cyber Insurance