Cyber security is the state or practice of protecting and recovering systems, networks, and programs from any cyber attacks.
These attacks are usually aimed to access or destroy sensitive data or extort money, largely affecting organizations, employees, and consumers.
In 2017, almost 1/3 of U.S. businesses reported experiencing data breach. The average cost per data breach on that year exceeds by up to $3 million USD — with the average number of compromised records per breach rising to 24,000.
Plus in another survey of nearly 3,000 IT professionals, more than 75% revealed that they did not have a formalized plan within their organization for responding to a cyber security breach.
Most common causes for cyber attacks include weak and stolen passwords, poorly designed or implemented software applications, malicious software, social engineering, overly complex access permissions, insider threats, physical attacks, and user error.
Having more than 50 billion devices by 2020, businesses will certainly increase both their collection and analysis of data, despite the growing security risk.
Cyber security is becoming a top concern for today’s enterprises and tech giants, thus becoming one of the highly availed product and service worldwide.
A Gartner survey in 2017 revealed that there are top three drivers for security spending, these are (1) security risks; (2) business needs; and (3) industry changes. Privacy concerns are also becoming a key factor. Gartner believes privacy concerns will drive at least 10% of market demand for security services through 2019 and will impact a variety of segments, such as identity and access management(IAM), identity governance and administration (IGA) and data loss prevention(DLP).
In a statement, Siddharth Deshpande, research director at Gartner said, highly publicized data breaches, like the recent attack on SingHealth that compromised the personal health records of 1.5 million patients in Singapore, reinforce the need to view sensitive data and IT systems as critical infrastructure.
He adds that “security and risk management has to be a critical part of any digital business initiative.”
Cyber security: A top growing concern?
This year, Gartner forecasts that worldwide spending on information security products and services will grow by 8.7% to $124 billion in contrast from their previous report of more than $114 billion in 2018.
The global research and advisory firm has identified at least 30% of organizations will spend on GDPR-related consulting and implementation services through 2019.
With technological advancements on the rise,cyber security should be heightened as well.
Cyber threats categories
Cyber threats attacking your devices and network, generally fall under three (3) categories:
- Attacks on confidentiality. The stealing of your personal information, bank account or credit card information. Many attackers will take your information to sell it on the dark web for others to purchase and use.
- Attacks on integrity. Often called leaks, these attacks consists of personal or enterprise sabotage. Cyber criminals access and release sensitive information to expose data and influence the public to lose trust on a certain individual or company.
- Attacks on availability. Blocks users from accessing their own data until they pay a fee or ransom. Attackers will infiltrate your network and block you from accessing important data, demanding that you pay a ransom. On this case, companies sometimes pay the ransom and fix the cyber vulnerability afterwards to avoid halting business operations.
Individuals and companies can prevent these attacks by taking some of these preventive steps:
- When providing your personal information only use trusted sites. Try to check the URL. If the site has this, “https://”, then it is a secure site. But when the URL includes“http://”, but without an s, you must not enter sensitive info such as your credit card details or Social Security number.
- You should not open email attachments or click links in emails from unknown sources. This is one of the most common ways people and enterprises are attacked from just receiving emails disguised as being sent from a trusted source.
- Always keep devices updated because cyber criminals attack on outdated devices, having no important patches to fix security issues.
- Back up your files because in case of cyber security attacks, your files stored in a safe, separate place.
- Secure Wi-Fi networks and use a firewall for your Internet connection.
- Download and install software updates for operating systems and applications once they become available.
- Backup copies of valuable business data and information.
- Install, use and regularly update antivirus and anti spyware software on each computer used in business operations.
- Train employees about cyber security principles.
- Change passwords regularly.
- Have individual user accounts for each employee.
- Limit employee access to data and information and limit authority to install software.
Cyber attacks could disrupt business operations and stain someone’s reputation, costing millions and millions dollars in lost sales and/or damages.
At this point, IT personnel, business owners, technology directors, and ordinary consumers should take guard against certain vulnerabilities to prevent attacks from cyber criminals.
By Tuan Nguyen