What is Cyber Security?
What is Cyber Security?
Cyber security is the practice of securing the digital enterprise from threats and attacks using tools and technology designed to protect networks, servers, applications, and data. While cyber security is generally concerned with external threats, it extends to the potential of internal attack as well. Cloud-based cyber security is focused on securing applications in the cloud, as well as the endpoint security needed to protect cloud data centres from attack.
Cyber Security vs Information Security
Cyber security is not the same thing as information security. Information security is a governance practice that sets the standards for data protection, regardless of its medium: communication, paper, as well as digital. Information security governance sets standards based on confidentiality, integrity, and availability of data, and the confidentiality of data will generally identify data as public, private and sensitive, establishing controls for all three.
While information security sets the standards, cyber security protects digital environments and data based on the governance standards set forth by the information security practice. Cyber security controls are established for all types of environments: networks, servers, storage, applications, mobile devices, IoT, etc., any digital technology, and is critical to protecting every layer against threats.
Another key difference between cyber security and information security is that information security sets standards for access to data, defining who can access an application and its data as well as the level of access each role within the organization should have. This is based on the concept of least privileged access or providing the least amount of access required to perform the work of the role. In contrast, cyber security will ensure the safety of the application’s operational environment, ensuring that no unauthorized access occurred. Here too, information security sets the rules, cyber security policies the environment.
While information security is policy-driven, cyber security defines practices that must be managed every minute of every day through a rigorous cyber security program that protects all aspects of the digital environment.
Examples of cyber security:
- Network endpoint protection
- Intrusion detection (pattern-based)
- Network endpoint protection
- Intrusion detection (pattern-based)
- Password security
- Vulnerability patching
Servers / Storage
- Access management
- OS vulnerability management
- Virus/mal protection
- Intrusion prevention/detection
Cloud based security is a practice that combines these cyber security practices to protect cloud services from cyber-attack.
Importance of Cyber Security
Corporate and government data theft is extremely prevalent as cyber attacks continue to grow. From ransomware to data breaches, cybersecurity is the defence mechanism available to protect computing environments. As organizations move to cloud data centres (public or private), the threat grows due to the scale of damage that can be done.
Cloud based security helps protect against this threat, and public cloud providers take it seriously due to the potential for large revenue and reputation loss that goes along with a cyber-attack, but as more organizations move to cloud services, they also become more attractive to hackers. There are many reasons for this:
- Getting inside a cloud provider’s data centre makes many companies available to the hacker for the same effort as breaching a private data centre.
- Breaching a public cloud provider’s data centre provides an opportunity to move into the corporate networks via services hosted there.
- Vulnerabilities in customer applications make it easy for hackers to gain entry and sometimes expose the entire data centre to attack. Yet, it’s difficult for the provider to ensure clients take the situation as seriously as they do.
These reasons aside, ransom rates also continue to grow, making it harder to absorb the loss. Due to this, providers like CG Technologies take cloud based cybersecurity extremely seriously, investing in data centre network protection and monitoring, ensuring their vulnerability management practice is maintaining systems appropriately and offering turn-key services to clients to help them shore up their application environment.
To summarize it is important because it protects data:
- Personal identifying information (PII), which can be sold and used for identity theft
- Intellectual property, often the target of corporate espionage
- Medical systems and health data enable extreme disruption of hospital operations
- Government system data, a target for government espionage (worth noting this has replaced older ways of spying on other governments)
Cyber security also protects infrastructure and IoT systems from attack, which can impact an entire region or individual IoT devices.
Get the Small Business Guide to Ransomeware Protection
Challenges in Cyber Security
Much of the reason corporations haven’t done enough to prevent cyber attacks is that there are many cyber security challenges to overcome to build a robust prevention program:
- Endpoint protection systems, enterprise vulnerability management and scanning software, and other solutions are expensive and take highly skilled individuals to configure and maintain them effectively.
- Skills and staff bandwidth are a problem. Effective protection is more than a full-time job; identifying and patching systems is an ongoing, time-consuming effort.
- Threats keep maturing, and it’s difficult for companies to keep up to date.
- Corporate leadership may not be convinced they need to budget for the expense and effort to build an effective cyber security program… until they are hacked.
More recently, several of the biggest cyber security challenges are the skills gap, lack of automation, artificial intelligence, and the scale of cloud computing.
In an industry that is constantly changing, maintain staff skill levels can be difficult. The organization needs to provide enough time for training and continuing education while the staff is stretched thin trying to keep up. The combination of tools, training, and staff becomes expensive, and when organizations are forced to cut budgets, cyber security budgets may be reduced. Maintaining the skill level also requires the organization to work harder to obtain certain skill sets and retain them once hired.
More automation can be an answer, but that is also a challenge, especially in organizations that haven’t fully implemented configuration and asset management programs. Good configuration management can reduce the need for human intervention when integrated with monitoring and vulnerability management automation. When combined, these tools can automate several processes: identifying new vulnerabilities, scanning the environment to see if any of the affected systems or applications are in use, and then determining the priority of the applications they support to prioritize the work that teams must perform.
Artificial intelligence has become a cyber security challenge as well. Using software with predictive capabilities, hackers can automate their processes of gaining access, making it less labour-intensive and enabling them to run multiple attempts across several data centres and networks without needing an army of humans to do it. Thus, the corporate security teams are fighting an army of robots while they are understaffed and stressed.
One last cyber security challenge worth considering is that of computing scale. Digital technologies have become pervasive, leading to a much larger technical footprint than ever before. Organizations that rely on cloud technologies and spread them across several data centres, providers, or SaaS providers need to ensure all those layers are secure, making it challenging to secure the environment for the scale at which they operate, particularly if understaffed under-skilled, and under-budgeted.
Let us Solve your IAM Challenges
Let our team of IT professionals implement robust IAM policies and procedures for your organization.
Security challenges become even clearer as the list of potential threats continues to grow. Generally, cyber security threats include:
- Malware, including
- Social engineering, which includes
- Gaining physical access to data centres
- Phishing and spearfishing attacks via email
- Denial of service attacks
- SQL injection
With the challenges of cyber security in mind, many companies starting out will find themselves asking how to get into cyber security. The answer lies in a multi-layer approach that includes ensuring both local cyber security programs and cloud based cyber security programs for their hosted systems. Additionally, the data itself must be secured.
Cloud based cyber security programs will include protection at the level of the equipment:
- Network security, including securing endpoints like firewalls and circuits and also ensuring the environment can detect and fight off denial of service attacks
- Server and application security, seeking to identify, mitigate and detect attempts to gain access to data via weaknesses in operating systems and application code
- Infrastructure security, which also combines threat identification and vulnerability management to secure critical infrastructure, especially in cloud-based environments.
Additionally, security programs must consider data and data privacy. While many look at GDPR (Global Data Protection Regulation) as a hindrance to the way they do business, requiring them to make changes to commercial software and marketing practices, from a cyber security perspective, it’s more about data privacy and protection than marketing. With GDPR, companies are investigating how to get into cybersecurity programs where they might not have considered taking such steps otherwise.
Cloud based cyber security programs need to manage data privacy more completely since GDPR was enacted. When building a cloud-based security program to meet the data privacy and protection requirements of GDPR, companies must consider some of the following areas:
- Ensuring data is kept local to the customer or employee’s country: this may result in a bit of cloud sprawl, where public cloud providers are leveraged to deliver applications locally within the customer’s country. This means their security program will need to include securing a larger number of data centres by selecting providers with good internal practices and using their own program to secure applications and data, then monitoring the environments.
- Ensuring internal access to data is well secured and managed. Identity access management programs are key to ensuring data access is managed for customers as well as employee’s access.
- GDPR also contains provisions concerning rights to data: the “right to be forgotten” means organizations need practices to remove data, but more importantly, the implications of having to report data breaches to customers and employees, along with providing identity theft protection in some cases, means companies are taking more rigorous steps to protect that data in the first place.
These are some of the reasons why companies are now determining how to get into cyber security. This increased interest level is causing two interesting trends:
- The cyber security field is growing: Technology practitioners are becoming more interested in cyber security due to the rise in openings and increases in pay that become possible, and
- Emerging technologies are gaining ground: blockchain, artificial intelligence, and other solutions are making it easier to secure data, resulting in higher adoption rates.
With or without GDPR, it’s clear that with cyber attacks on the rise, the risk of having to pay fines and revenue loss resulting from loss of reputation increases. As a result of this increase, cyber security and cloud based cyber security are becoming a CEO and boardroom concern. This can be used to increase the funding needed to implement a good cyber security program.
One way to do this is to focus on building a strong cyber security program and information security policies for the applications and infrastructure supported internally as well as choosing the right cloud provider for those applications that will be hosted in the public cloud. Combining a strong internal program with a provider like CG Technologies, whose cloud cyber security programs are well proven, the likelihood of recognizing and fending off cyber-attacks is stronger.
CG Technologies combines two aspects of a robust cyber security program: strong endpoint, intrusion detections, and physical security, along with continuous monitoring to ensure that when an attack is attempted, action can be taken before access is gained. This protects the network and infrastructure on which customers’ services run. Combined with a strong internal, application, and data security program, this enables customers to rest a bit easier when the day is done. Contact us to find out how we can help reduce your risk from cyber attacks.
Leave IT to us
With over 25 years of experience delivering exceptional services to 100’s of companies in the greater Toronto Area (GTA), CG Technologies are confident we can deliver the same benefits to your organization – keeping you secure, delivering reliable and trusted IT solutions and expertise. Our industry leading strategic IT consulting and IT solutions will allow you to focus on what matters most – your business.