Simplifying cyber security

Do you know your malware from your phishing? Most people don't, understandably so, as the cyber-security space is constantly coming up with new phrases to describe new forms of attack - and the defences against them.

Johannesburg, 20 Sep 2018
Read time 5min 40sec
Tom Bale, Business Development and Technical Director, Logicalis.
Tom Bale, Business Development and Technical Director, Logicalis.

Tom Bale, Business Development and Technical Director at Logicalis, says: "Pretty much everything to do with IT is rich with acronyms and jargon. Cyber security is no different. It's important to use language that everyone can understand; unfortunately, the IT sector doesn't really lend itself to everyday, user-friendly terminology."

Cyber security is rapidly moving away from being solely the domain of the IT department, and everyone across the business is expected to play their part in deflecting cyber attacks. This means the average person needs to have a basic grasp of what the various terms mean and what can be done to protect the business and its data. Owing to the escalation in number and type of threats, and the increasing complexity required to defend against them, many companies are choosing to acquire managed security services.

"When it comes to protecting your enterprise against cyber threats, there are certain steps that need to be taken," says Bale. "Listed below are five of the most important things that you can do to safeguard your business's data, and an overview of what they really mean."

Vulnerability assessment

This will help you determine whether your organisation is prepared for an attack on your digital assets. Firstly, you need to ask yourself some hard questions. Do you have an incident response plan in place? How would you know if you've been attacked? Before you can determine if you're adequately prepared, you have to take the time to assess your vulnerability.

Realising that this is not part of their core business activity, and could well be beyond the skills of their in-house IT department, some organisations choose to outsource this to an external security expert, who will ask the right questions and know where to look for answers.

To help you to ensure your security goals are appropriate, you need to assess the following:

* What type of data you have as well as the value and sensitivity of that data?
* Is the data subject to any type of industry or governmental compliance regulations?
* Does the business have a formal security risk management strategy in place, and if so, does it fully support and integrate with your overall risk management policies?

Many organisations naturally assume since they have skilled IT staff that they can turn over the management of the security solution to them once it is up and running. In some cases, that may be the best option, but when managing the continuous flow of alerts and threats overwhelms an IT department, they may need to turn to expert outside help.

This can alleviate some of the burden from your business's IT staff by removing the burden of the monitoring of threat activity and allowing the service provider to act as a first responder to determine whether or not a threat really exists.

A combination of automated tools and manual techniques can be deployed to scan corporate networks to identify vulnerable machines, incorrect network design and rogue devices. Consultants will then work with management to review the findings and provide a recommended course for corrective action and continuous vulnerability management.

Firewall management

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

With the ever-growing use of mobile devices, social networks, cloud-based applications and daily news of intrusions into organisations, securing your business's vital assets is critical. Besides deliberate outside attacks, your own employees may unwittingly threaten your network by opening e-mail-borne viruses, running bandwidth-hungry applications or accessing the wrong Web sites.

Your firewall security infrastructure requires constant real-time management to ensure your perimeter is secured and that all appropriate updates and patches are applied.

Patch management

Keeping your software and hardware updated with the latest vendor-supplied patches and fixes can often be a time-consuming and unmanaged process.

Bale says: "Vulnerabilities in software are continually on the rise, despite fixes being available for applications and, all too often, we see organisations suffering costly breaches because they haven't been implementing these fixes, owing to the overwhelming task of managing a huge number of applications on multiple devices."

Malware protection

Short for 'malicious software', malware is a high-level term for any piece of software developed by cyber attackers to gain access or cause damage to a computer or network, often while the victim remains oblivious to the fact there's been a compromise.

In a world where companies routinely fall prey to hackers, malware protection has become critical to business success. The headlines are full of businesses, including the NHS, BBC and WPP, whose malware protection let them down.

Ransomware has now become the most popular form of malware used in cyber attacks. Once ransomware infects a machine, it encrypts data until a payment, usually in the form of a popular crypto-currency, is made. Ransomware breaches doubled last year and could double again this year, according to a recent report by Verizon.

Security awareness training

The majority of malware and ransomware attacks involve a user doing something they shouldn't, such as clicking on a malicious Web link, opening an e-mail attachment or installing a new application. Usually this is due to a lack of understanding of the security risks associated with such actions. Phishing, a form of social engineering, is a common technique used to get ransomware inside an organisation, effectively duping users into downloading malicious code or otherwise opening up the organisation's network to cyber attack.

Many organisations provide basic security training as part of an induction or as one-off exercises to address audit requirements. "However," says Bale, "security training should be a regular part of users' development, must be regularly updated and should be delivered at a pace and frequency that fits in with the employees' work schedules with progress monitored and tested for effectiveness as part of the programme."

Bale concludes: "Don't be overwhelmed by the jargon. The answer could be as simple as picking up a phone to someone who talks your language. The clear advantage of managed security is that it operates around the clock, 365 days a year."

Login with