Worldwide Cyber Security Statistics In this era of globalization technology is a phenomenon which is interchangeable between individuals, firms, in states, and all around the world as well. These technological changes happen in the form of data and information. And that’s what gives hackers an opportunity to attack on and commit a cybercrime. Cyber-crimes are fostered due to the ignorance of cyber security and its awareness among clients. Otherwise compliance and risk matters exist everywhere, wherever online activity happens. Generally, tea, augmentation can be outsources wherever potential threat exists. The outsourced personnel will do the threat hunting to be able to deal with it. Furthermore, they can also provide training and awareness regarding potential vulnerabilities. Security awareness trainings are one of the must have coping mechanisms for most of the organizations anyway that contain sensitive information. Here are some statistics according to aag regarding cybercrimes. According to them, it is found that around 1 billion emails were found to be affecting every 1 in 5 users. Around 236.1 million attacks were found globally only in first half of 2022. Every other American faced account breaches in 2021. In 2022 itself, 39% of the businesses particularly went through the cyber-attacks. As a result, UK has brought its own National Cyber Security strategy into existence. And has dedicated huge budgets to its Cyber Security Program itself. Cyber-attacks in developing and less developed countries are not an exception. To sum up, cyber security is a burning issue for IT experts all around the globe.
Cyber Security Basis With the emergence of science, there came more sophisticated cybercrimes and malicious activities into existence, which are currently evident and quite dangerous to the information systems. Cybersecurity matters generally go through of some basic principles, which happen to be getting familiar of goals of information security initially, next, what matters is the understanding of security principles and terminologies, thorough screen through of security roles, security policies and, last but not the least spread of security awareness. Network security, cyber security, and, information security are the terms that can be interchangeably used. As per Right Security , these are basically the mechanisms to control information assets to make sure they are protected. To sum up, only a strong cyber security strategy can help to avoid cyber-attacks. And, cyber security awareness training is a must for employees for most of the organizations to avoid social engineering. Organizations come with several cybersecurity services. Right security is one of them. They are offering multiple services including cyber strategy & consulting, compliance and risk, team augmentation, gap analysis and auditing, XMDR EDR & MSSP, security red teaming, active threat hunting, training and awareness, and, dark web scanning.
CIA vs DAD The general aim of security revolves around the CIA triangle, and, that is mainly confidentiality, Integrity, and Availability. This triangle is contrasted with DAD, and that is Disclosure, Alteration, and Trial. Security is meant to ensure that it is performed by authorized personnel, performed by trustworthy personnel, and that of data exchanges are safe and are not being damaged. With confidentiality we aim to prevent unauthorized disclosure of our data. Encryption particularly deal with confidentiality of data. The aim is to encrypt the data which is in transit. On the other hand, integrity is making sure that our data is not altered either intentionally or unintentionally. Hashing algorithms are used to prevent integrity of data. Which means, data sent from one source to another with hashing algorithm remains in the same form as it was while being dispatched. Commonly known hashing algorithms are MD 5, SHA 512 and vice versa. In the end, availability of data is mandatory or else it’s useless. Low bouncers, backup sites, hot sites etc. are typically used with availability. DAD can be avoided with the use of CIA triangle.
Weaknesses that Cause Threats Vulnerabilities, exploits or threats are the terms which are to be observed by any organisation. Organisations need thorough understanding of these to be able to clearly monitor and document their cybersecurity controls. Technology is inevitable for any organisation, and, it comes with bugs anyway. Mistakes can happen in building and coding of technology. Thus, that leads to the vulnerabilities. Once a vulnerability is identified by hackers, they will try to exploit it. For that reason, your organisation needs proactive approach to scan the environment for vulnerabilities using an appropriate vulnerability management tool According to, Rapid, this proactive approach is performed by Security Information and Event Management (SIEM). Major types of network security threats are spyware, viruses, detection, firewall, infection, hacking. These viruses occur mainly when an organization structure has weaknesses. And these weaknesses might be technological weaknesses, configuration weaknesses, policy weaknesses or they might happen due to human error.
Technological weaknesses According to HBR, technology has played vital role in our lives since last 50 years. We have become used to of spending a lot of time on internet, we have given ourselves virtual identities, and, we spent a lot of time connecting one another using these virtual identities. We live in times where we drive to work, fly on airplanes, cook in microwave and much more. We owe our lives to drastic developments in technology to be able to enjoy all of these. However, every pro comes with the cons. The easier it has made our lives, the important it has become for IT experts to constantly monitor the technological issues that might be underlining. At the end, technology has artificial robots working for them anyway, and, making them useful for human being. Technological weaknesses are more prominent in small scaled firms which are trying to deliver services to their clients virtually. They are in need of continuously developing and securing their information networks for smooth delivery of services to the potential clients. Technological weakness is defined as the chance of any system collapsing due to outside factors. Technological weaknesses might rise because of TCP/IP, I.e. the weaknesses which are part of the standards developed over time. Which involves open protocol, as well as many applications and services. Organizations might also face technological weaknesses because of the operating systems which have millions of codes and bugs that can be exploited. Technological weaknesses might also happen because of network equipment issues I.e. installation can be problematic or if it’s unable to be upgraded and secured easily.
Configuration Weaknesses According to datto configuration weakness occurs when there is flaw in security settings of your system. I.e. if your data is un-encrypted. If a security breach happens, that cyber-attack can drastically affect the entire network, and can cost an organisation billions of dollars loss. And in every 14 seconds an organisation is vulnerable to ransomware attack. A ransomware attack alone, can give huge productivity and monitory losses to an organisation. Configuration weaknesses generally happen because of unsecured accounts, system accounts with easily identified passwords, misconfigured internet services, unsecure default settings, misconfigured network equipment. As a result of configuration weaknesses, Torjan horse, vandals viruses may come up front. Using and updating the passwords regularly, running security checks on third party platforms, ensuring employees are working through a VPN, performing regular security protocol assessments, and making sure that devices are physically protected are some of the mechanisms which an organisation can adopt the configuration vulnerability.
Policy weaknesses Oreilly suggests that following a baselining always helps for all infrastructure gears as well as for unforeseen security threats. Policy weaknesses arise if an organization lacks a particular written policy, if there happen to be politics within the organization i.e. there are arguments between different departments, as well as if there is tendency of committing fraud. If turnover ratio is high for employees, or if concise access controls are not applied means there is no uniformity of access towards control. Whenever, there are changes to occur in software or hardware installations, there is no particular policy to follow. And, there happen to be no existent disaster recovery plan, i.e. no standard bill, no baselining. It’s always a great idea to document the security guidelines to which everyone is supposed to adhere to, and, that would be a baseline security policy document.
Human error Last, but not the least, there is the possibility of human error occurrence in any given organization. According to PwC, cyber criminals are looking for every possible way to attack, and human exploitation is not an exception. Humans are to commit errors intentionally, or, unintentionally. There is a tendency of cyber-attacks on SME’s mainly, because, it is a misconception that attacks target only big organisations that contains more financial and sensitive information. It may happen because of accidents, ignorance, workload or dishonesty. Impersonation of social engineering may happen because of prevailing disgruntled employees. Some of the ideal ways to mitigate human error would be bringing a Cyber Security Culture, Training individuals, IT shadowing individuals regularly, and, incorporating a strong password policy.
Best possible Solution to Threats All these above mentioned weaknesses call for creation of a secure network strategy which is capable enough of dealing with both internal and external threats. Internal threats may arise because of the implicit trust that internal users might have on one another. However, the major aim for any organization is to get rid of policy weaknesses as much as possible by clearly defining policies and procedures. According to techtarget, best possible precautionary measures to avoid these threats are; to emphasize on security policy first, it is strongly recommended not to neglect physical security, screening new hires could help, and use of strong authentication can be useful, securing desktops is mandatory, segmenting LANs is required, continuous monitoring of anomalous activities is required, refocus of perimeter and strategy is a must, and monitoring the misuse if that happens by any of the internal member. Physical Security Threat in Particular Unsecure defines common physical security risks that a business might confront and the way it can be avoided. Because, strong emphasis needs to be placed on physical security as well, which is often overlooked threat for the most of the times. I.e. going to a certain part of the building which has tools integrated for the sake of logical and digital security. And if any of the personnel reaches up there and press the wrong button, boom it can hit up to any loss for an organization. Most common physical security risks to the companies would be tailgating, theft of documents, unaccounted visitors, stolen identification, and, social engineering,
Normal v/s Not Normal through Vulnerability Scanning and Penetration Testing The first step ever to identify your weakness would be knowing the baseline, which is deviated from what is being normal. Organizations need to be well aware of what is the starting point of what is normal, to understand what is abnormal. For that IT experts use vulnerability scanning and penetration testing. What they do is they look into systems passively using online tools and sometimes its social engineering as well. After this passive follow up, they go further into penetration testing using different services to figure out how far they can get inside the network and elevate privileges. According to Bright Security, Penetration testing is a security method that allows organizations to identify, test, and prioritize vulnerabilities in computer systems and networks. And, vulnerability assessment (VA) is a process of defining, detecting, categorizing, and prioritizing security vulnerabilities in a computer system, application, or network. At the end of the day, what a hacker looks up to is to elevate the privilege. At the end of the day, security is achieved through persistence and prevalence. It’s a never ending thing. However, following through the process, upgrading a bespoke application remains on top.
Mechanisms to Mitigate Risks Accendo Reliability mentions 4 effective risk mitigation strategies. It revolves around avoidance, acceptance, reduction or control, and, transference. Avoid, accept, reduce/control, or transfer. For each risk you encounter, you and your organization will have to deal with it. A little forethought and work enable more options than just a major product recall or bankruptcy filing. On technical level, there are different authentication models, authentication factors, access control methodologies, access control models, access control strategies, security awareness programs which can be incorporated to mitigate threats within organizations. And as mentioned above, there are different types of attacks that might harm information systems of any organization. Mainly, we can categories these attacks into four groups, I.e. network attacks, password attacks, application attacks, and, human attacks.
Inside attacks vs outside attacks Digital Guardian compares inside attacks as in a child that can be trained not to take candies from outsiders, whereas, it’s challenging to train employees to make them able not to fall for outsider scams. However, the broader comparison of inside attacks vs outside attacks depends on the threat model for each enterprise. Insider threats may arise because of malicious activity that an employee might undertake, it could be due to negligence or accidental. On the other hand, outside threats depends on the nature of a business and composition of its workforce. These attacks happen as a result of one or more prevailing weaknesses which are mentioned above. Some of these attacks overlap, some of the weaknesses do, and, some of them are completely in a category of their own. It is generally considered that these attacks come from outside the organisation, whereas, according to the most of IBM reports it is found that the ratio of insider attacks is more than the outside ones. Mostly it happens because of the elevated levels of trust within an organisation. This is what’s known as human attacks. Some of the common human attacks are surfing, Tailgating, Phishing/Vishing/Whaling/Smishing, Blackmail, Data mining.
Threats and prevention measures It is well said that “precaution is better than cure”. The aim of any organisation in terms of security is to turn the tables around to the hackers themselves. A cyber-attack can be expensive and overwhelming for any organisation to cope with. Thus, dealing with these attacks/threats is crucial to any organisation. There has to be a deep defence mechanism in place. The perimeter has to be strong with sound system security and network security. Best practise design principles need to be incorporated to avoid vulnerabilities and any prevailing loopholes. And there are further components to each of it for a successful implementation of a security strategy. Organizations need to incorporate physical security principles & concepts, need to perform risk analysis, have to adopt risk mitigation strategies. Last, but not the least they need to incorporate DR/BCP processes. According to Trava, Phishing, Social Engineering, Malware, Ransomware, Zero day vulnerabilities, Insider threats, Supply chain attacks, Denial of Services (DOS), Distributed Denial of Services (DDS), System Intrusion, Man in the middle (MitM) happen to be most common cyber-attacks that any organisation wants to avoid.
Written by: Wajiha Kanwal
Add a Comment