Cybersecurity, computer security or information assurance is basically the protection of networks and computer systems against external information access, theft, damage or loss of their software, hardware, or electronic data. When information is stolen by an unauthorized party, it becomes a breach in the confidentiality of that information and puts the user and their systems in danger of being hacked. This is essentially what happened when hackers got hold of some of Obama’s email during the last Presidential election. Not only did they have the email but they also had the ability to manipulate the election and put in a candidate they wanted. It is very important for businesses and other organizations to protect themselves from this type of attack because it could easily compromise their information and put them out of business.
The Department of Homeland Security (DHS), which is part of the U.S. Department of Homeland Security, defines cyber warfare as “a form of psychological warfare” where “a hybrid group of hackers and military/cybersecurity professionals attempt to infiltrate a system of electronic information and take control”. For the purposes of this article, I will be referring to cyber security as a form of internal network security. However, there is an overlap between cyber warfare and external threats and those are two separate topics. As mentioned above, many external threats come from within so the discussion below refers to cyber threats coming from an external source.
While we are talking about outside threats, it is important to mention that some of these attacks come from “outsides”. For instance, malware designed for malware attacks on computers is commonly referred to as Trojans. The term malware comes from the word “malware” which has a negative connotation. Many refer to such attacks as viruses, worms, spyware, adware and malicious objects that spread through networks and destroy files.
Computer security companies are constantly working to detect, prevent and counter such threats. While public perception often paints the industry in a bad light, there are a number of legitimate aspects of the industry that contribute to its safety. One such aspect is the implementation of measures that deter both government and private sector employees from carrying out sabotage against networks. Such measures include firewalls, software restrictions, reporting mechanisms and even the threat of prison for officials who are caught participating in cyber espionage or theft.
While there are a number of threats to business today such as data breaches, a greater threat is posed by “cyber criminals”. Cyber criminals typically engage in a number of unlawful activities including data breaches, computer fraud, Internet fraud, identity theft and remote access software abuse. A recent study showed that there are approximately 2 million reported cases of cyber crimes. In many instances, cyber criminals can obtain botnets, spoofed email addresses and other means of sending confidential personal or financial information across an unsecured channel. This allows them to steal identities or obtain credit card numbers from bank accounts and transfer funds from accounts.
As more industries are exposed to cyber threats, it is important for organizations to adopt a comprehensive approach towards securing their networks and implementing effective cybersecurity measures. This includes engaging in different types of risk management activities including proactive protection and response, threat management, event management, integration and collaboration, and prevention and training. The different types of risk management discussed here can help to ensure that businesses take the appropriate actions to mitigate the risks posed by potential cyber crime and hackers.
