In today’s developing technology, the internet has become beyond to a technical necessity and has become an indispensable part of our social life. People spend an average of half their day by researching / reading / writing / sharing photos or videos on the internet. However, almost all technological devices somehow connect to the internet and exchange data, which forms the basis of the “Internet of Things” concept. While this concept makes our lives easier, it also leaves us much more vulnerable to malicious people.
Cyber security means using network architecture, software and other technologies to protect organizations and individuals from cyber attacks. Cyber security protects the data and integrity of computing assets that belong to or connect to an organization’s network. Its purpose is to prevent or reduce damage to computer networks, applications, devices and data, or their misuse. Cyber security is in high demand by large companies today.
Types Of Cyber Security Threats
- Malware is the name given to any software that can be used to harm any file or program, such as worms, computer viruses, trojans, and spyware.
- Ransomware attacks are a type of malware that involves an attacker locking the victim’s computer system files (usually via encryption) and demanding a payment to decrypt and unlock them.
- Social engineering is the psychological manipulation of the victim in order to perform actions or disclose confidential information using personal information obtained from the victim.
- Phishing, bait is a type of fraud in which fake emails that look like emails from official sources are sent, the purpose of which is to steal sensitive data such as credit card or login information.
Recommendations to Protect Against Cyber Threats
Companies, Institutions
Through SafeOnline.org, the not-for-profit National Cyber Security Alliance established in 2001, proposes a top-down approach to cyber security, in which the responsibility to prioritize cyber security management in all business practices is managed by corporate management. The Alliance recommends that companies should be prepared to “respond to inevitable cyber incidents, restore normal operations and protect corporate assets and reputation.” The Alliance’s guidelines for conducting cyber risk assessments focus on three key areas: identifying your organization’s most valuable information that needs protection; identifying the threats and risks faced by this information and outlining the damage your organization will incur in the event that this data is lost or improperly disclosed. Cyber risk assessments should also consider all regulations that affect the way your company collects, stores, and protects data such as PCI-DSS, HIPAA, SOX, FISMA, and others.
After Cyber Risk Assessment, develop and implement a plan to reduce cyber risks, as outlined in your assessment “most important elements” to protect and effectively identify and respond to security events. This plan should cover both the processes and technologies needed to create a mature cyber security program. As an ever-evolving field, cyber security best practices must evolve to adapt to the increasingly complex attacks carried out by attackers. Combining robust cyber security measures with an educated and security-conscious employee base provides the best defense against cyber criminals trying to access your company’s sensitive data. While it may seem like a daunting task, start small and focus on your most sensitive data, scaling back your efforts as your cyber program matures.
Individuals
- Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information.
- Before sending or entering sensitive information online, check the security of the website.
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email.
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
