Cyber Sec Introduction

Cybersecurity is all about protecting IT systems from theft or damage to their hardware, software or information, this also includes the disruption of information and the misdirection of services provided. To combat cyber-attacks there are countermeasures in action. A countermeasure is a device, procedure, or technique which will reduce the impact a threat, a vulnerability, or an attack by eliminating or preventing it. Countermeasures also work by discovering and reporting it so that appropriate action can be taken.  A multitude of attacks are possible within Cybersecurity and here are a few examples:

  • Malicious Software (Ransomware, Spyware, Key-loggers)
  • Social Engineering
  • DoS (denial-of-service)
  • Phishing

Impact of Security Breaches

The magnitude of damage in which a security breach can cause to a business is monumental, in previous years there has been serious financial damage because of cyber security breaches. It is not however all about finances, sensitive data is well sought out for by attackers, mainly as it can give them a basis to conduct further Cybersecurity attacks.

In the past 12 months alone, 46% of UK businesses overall identified cyber security breaches or attacks. 45% among micro/small businesses, 66% among medium/large businesses and 41% among businesses who say online services are not at all core to their business. From these attacks businesses, have reported:

  • Temporary loss of files
  • Software or systems corrupted
  • Permanent loss or change of files or personal data
  • Lost access to third-party systems they rely on
  • Had their website slowed down or taken down altogether
  • Had money, assets or intellectual property stolen

The most problematic aspect of cybersecurity is how rapidly and constant the evolving nature of security risks. The main focus has generally been to focus most resources on the most crucial system components and protect against the most damaging, known threats, leaving lesser system components open and unguarded, an approach such as this is not sufficient in todays environment.

Adam Vincent, CTO-public sector at Layer 7 Technologies (a security services provider to federal agencies including Defence Department organisations), describes the problem:

“The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk. It’s no longer possible to write a large white paper about the risk to a particular system. You would be rewriting the white paper constantly…”

 

References

Cyber Security Breaches, Public Main Report 2017 – www.gov.uk/government/statistics/cyber-security-breaches-survey-2017

Author: Luke Holmes

Date: 12/08/2017