Information & Cyber Security – Your Questions Answered
According to the Institute of Directors (IoD), there are more than 7 million cyber-crime attacks on small to mid-sized businesses in the UK every year. These attacks are both persistent and sophisticated, presenting a very real and serious risk to businesses.
This FAQ: Information & Cyber Security – Your Questions Answered, is designed to answer some of the many questions that business leaders have relating to Information and Cyber Security.
What is the difference between Information Security & Cyber Security?
These are very closely linked, hence the confusion. In simple terms, Cyber Security relates to protecting a business from attacks by cyber criminals. These malicious attacks range from hacking into your systems to steal sensitive or personal information, through to rendering your systems unusable until a ransom is paid. Information Security is the protection of your sensitive or personal information, and while it covers protecting this information from cyber criminals, it also covers protecting data from accidental loss or theft from existing or previous employees. You should make provisions for both of these threats when developing IT Security strategy for your business.
What is Phishing?
Phishing is where a member of your staff is duped by an internet-based hacker into entering their corporate username and password into a false ‘login’ web page that is constructed to mimic a genuine page. Their credentials are then harvested by the hacker and used to log into their corporate accounts at a later date, causing untold damage to your company including financial fraud and data theft.
What is Malware?
Malware is malicious software that can exist within a computer program or file, and is designed to cause harm to your end-user devices, corporate network and centralised servers. It is spread in files transferred by email or automatically downloaded from malicious websites. There are many types of malware including computer viruses, worms, trojans and spyware. The objectives of these range from stealing sensitive data, hijacking core computer functions and monitoring users’ activity without permission.
Attackers are taking advantage of the current trend to move applications and data to the cloud. When cyber-criminals infiltrate these systems, malware network traffic becomes extremely difficult to identify and contain because it mimics the behaviour of legitimate traffic.
What is Ransomware?
Ransomware is a type of Malware that, once present on an end-user device or server, will encrypt the programs and data making it unusable. A ransom request is then made requiring payment before systems are unlocked by the cyber-criminal.
How can I protect myself from cyber-attacks?
The reality is that you cannot fully prevent cyber-attacks. They are pervasive and continually evolving; however, there are many steps that you can take to mitigate risk. The most effective way to do this is to take a holistic approach that covers Systems, Processes and People. It is putting in place the right tools to help you prevent, detect and remediate cyber-attacks. It is ensuring the right policies and processes are in place to protect sensitive and personal information within your organisation, and it is making sure that your people are aware and take ownership for information security.
Making strategic security improvements and following industry best practice will give you better visibility into the emerging threat landscape and help to protect your business from cyber attackers.
The impact of recent large-scale ransomware attacks like WannaCry and Nyetya could have been significantly reduced, or even prevented, if more businesses had applied basic security best practices such as patching vulnerabilities and establishing appropriate processes for incident response.
What can I do to prevent cyber-attacks?
There are a vast range of cyber security tools available aimed at blocking and detecting malicious activity. These range from Firewalls designed to block unauthorised or malicious access to your systems and infrastructure, through anti-spam and malware detection that are designed to block malicious files and programs from being accessed and a variety of network monitoring tools that constantly look for anomalies in activity that could suggest malicious activity.
Consider using first-line-of-defence tools that can scale and adopting next-generation endpoint monitoring tools. Together these will give you access to timely, accurate threat intelligence data.
Be prepared. Use network segmentation to help reduce the exposure of an attack. Back up often and test your restoration procedures. Reviewing and practising your security response plans will help you recover faster if you are the victim of an attack.
Phishing emails were the cause of some of the biggest breaches in recent years. Combining email security technologies with user training, and importantly, accountability, is a crucial strategy for combatting these threats.
What policies and procedures should I have in place for Information Security?
All businesses working with customers inside the EU are required to comply with GDPR (General Data Protection Regulation). This requires organisations to have in place policies and procedures to protect the personal data that they are either holding or processing. GDPR aims to make organisations more aware and responsible for information security.
In simple terms, organisations should fully understand the flow of information around their business and the risks associated with this, then take the necessary steps to protect data both at rest and in motion.
Who should be responsible for Information Security?
The simple answer to this question is everyone has a role to play. Your IT team can help to put in place tools that reduce risks around your systems and connectivity. Your leadership team should understand the risks and impact of information security on the business and instil a security-aware culture. Your people need to be aware of information security, its importance and the steps they can take to mitigate risk.
We hope that you found this quick FAQ on Information and Cyber Security both useful and informative. It is likely to have raised many more questions on the topic and we are more than happy to answer these for you.
You can contact the Conosco team on 0800 368 8690 or email us at firstname.lastname@example.org.