cybersecurity

Cyber security

Cyber security is the collective term for technologies, processes and methodologies that organisations apply to protect the confidentiality, integrity and availability of their computers, networks, software and data. Together, these three security objectives are also known as the CIA triad of cyber security. This not only involves technical measures such as firewalls, encryption or anti-virus tools. Security processes such as risk management, prevention and incident response are also part of your cyber security. Often, employees’ security awareness turns out to be the most important aspect.

Why is cyber security important?

The importance of cyber security is continuously increasing, because the importance of information technology continues to grow. IT systems have long passed the stage of being a mere administrative tool for companies and organisations. Business processes are gradually becoming fully digitised, from the initial product development to service delivery and invoicing end customers. A hack of your digital systems can bring an organisation to an immediate and complete standstill, resulting in lost revenues and claims for damages. In addition, often the impact isn’t limited to one organisation, but multiple parties are affected, in some cases even entire sectors. This is also doesn’t stop at our national borders, so cyber security needs to be tackled at the European level.

Another growing concern is the security of personal data. After all, digitisation is not just about processing financial and business data. More and more data from consumers, students, patients and employees are stored and processed as part of your efforts to go digital. Privacy is very important, and data breaches that expose such personal data can lead to enormous claims for damages and fines from, for example, the Personal Data Authority, one of the watchdogs around cyber security in the Netherlands.

So in many cases, your digitalisation is at the core of your business operations, which makes cyber security a ‘boardroom’ topic these days. Information security has to be embedded in the C suite (the CIO) and the person ultimately responsible for cyber security – the Chief Information Security Officer (CISO) – is also a key player now.

The three pillars of cyber security

The three pillars of cyber security

In this regard, today’s cyber security relies on three pillars, all of which are equally important and must be organised in conjunction:

  • Often, the main focus by default is on technology as the first line of defence against cyber threats. Think, for example, of access management systems, firewalls, anti-virus software, encryption and intrusion detection systems.
  • However, business processes are just as important. It is crucial that processes for identifying threats, responding to cyber incidents, and recovering from any damage are implemented from a clear security policy.
  • And perhaps employees are the most critical to your cyber security. They unknowingly click on phishing emails, put a post-it note with their password on their laptop and get tricked by social engineering phone calls. By providing employees better training and investing in a security culture, you can retrain them to be the first line of alert and to be knowledgeable employees. One of the tools employed is the cyber security awareness month that is organised annually in October these days.

All the aspects above play an important role. In a good cyber security strategy you create one coherent ensemble of people, processes and technology. This is evident, for example, in the NIST Framework for Cyber Security (link). In this framework, you start by identifying critical systems, data and risks. You then design and implement protective measures, as well as methods to detect cyber threats and incidents, respond to them effectively and repair any system damage.

Types of cyber threats

There are various types of cyber threats, for example:

  • Malware (Malicious Software) is an umbrella term form software specifically designed to attack IT environments. Viruses, for example, that corrupt data or disrupt systems. Worms copy themselves on systems and overload networks. Ransomware can hold data hostage and spyware is designed to steal data.
  • Phishing is a commonly used trick where criminals try to steal sensitive data such as login credentials via email or social media. The messages used are increasingly professional, leading victims to believe they are communicating with a trusted party.
  • Distributed Denial of Service (DDoS) is a cyber-threat involving large numbers of computer systems that have been infected. These systems are then used to send messages or connection requests to servers, websites and networks. The goal is to overload the servers, websites and networks.
  • Zero-Day Exploits refer to the practice where hackers exploit newly discovered vulnerabilities in software and hardware before the vendor has developed a patch.
  • SQL injections are attacks on systems that use malicious SQL scripts that are inserted through the input forms of online applications.
  • Brute-force attacks and Credential Stuffing are automated methods to steal and abuse access credentials. Brute-force methods attempt to automatically reproduce passwords while credential stuffing involves automatically trying known combinations of usernames and passwords on large numbers of websites and online services.

These are just a few examples. Particularly problematic is that some attacks remain under the radar. Certainly organised criminals and so-called state actors invest in Advanced Persistent Threats (APT), maintaining a long-term presence in a network without being detected. Moreover, the challenge for cyber security specialists is that threats evolve at lightning speed. That is why, for example, ISO 27001 – an international standard for information security – pays a lot of attention to a strong plan-do-check-act cycle within organisations. You need to thoroughly update your risk analysis regularly and constantly adapt your security measures. In cyber security, standing still invariably means falling behind.

Types of security

All this leads to the conclusion that cyber security requires a holistic approach. These aren’t standalone issues. You really need to understand the interrelationship between different security risks to design an effective cyber security strategy. At the same time, nobody can be an expert in everything and you’ll need to collaborate with multiple specialised cyber security companies and services that focus on specific cyber security topics. Examples include:

  • Network security mainly focuses on protecting networks with firewalls, Virtual Private Networks (VPNs), and intrusion detection and prevention systems.
  • Endpoint security provides security for user devices such as computers, smartphones and tablets. This includes antivirus software and device management systems.
  • Application security protects applications against vulnerabilities. This includes automated rollouts of updates and patches, as well as robust development and testing methods.
  • Cloud security protects cloud systems, data and services and includes access security and cloud data encryption.
  • Information security focuses on the confidentiality, integrity and availability of all data. In addition to data encryption and access management, data classification, for example, is also used.

Tools4ever has been focusing on information security for 25 years, specialising in identity management and access control.  By structurally organising and managing digital identities and their access rights throughout their entire lifecycle, we ensure that each user can only access applications and data they genuinely need at any given time. This approach prevents unauthorised access to your systems and helps avoid data breaches.

Want to learn more organising about your cyber security? The NCSC (National Cyber Security Centre) compiled a list of basic measures every organization should take to counter cyber-attacks. You can find this advice here. If you specifically want to know more about your information security and how comprehensive identity management plays a role in it, Tools4ever can assist you.

A Man-in-the-Middle Attack (MitM) is a cyber-attack in which communication between two parties is intercepted so that sensitive information can be stolen and/or manipulated.

The National Cyber Security Centre (NCSC) is part of the Ministry of Justice and Security and works on cyber security in the Netherlands. The focus here is on the security of the digital infrastructure.

Cyber security is the protection of IT systems, networks, and data from cyber-attacks, unauthorised access, damage, or disruption. The goal is to ensure the integrity, confidentiality and availability of information.