What is cybersecurity?

Nowadays, there are an increasing number of connected devices, both for business and personal use, which leads to more attack vectors that we need to be protected from and that need to be monitored through cybersecurity. All users are exposed to daily attacks and these are becoming ever more frequent.

So then we come to the question: what is cybersecurity?

Cybersecurity is the practice of protecting devices, networks, systems and data from IT attacks. To put it another way, it’s about managing IT security or information technology security.

Today, companies are immersed in a technological environment that is constantly changing and where technological information systems are present in some form or other in the majority of processes.

What’s more, it is becoming increasingly common to use mobile devices and cloud services to carry out activities, which offers us new opportunities but which is not without risk. It is for this reason that cybersecurity in organisations is becoming increasingly important and all the necessary measures should be applied to protect against the various malicious attacks that are out there.

Malicious attacks have various targets relating to confidential information: accessing the information, modifying it, destroying the information or extorting users; and other targets such as disrupting business activity.

These attackers take advantage of software vulnerabilities which are known to them or which they manage to detect, in order to exploit them and carry out some sort of undesirable action for the legitimate user and, consequently, the organisation. They also take advantage of erroneous configurations or the user’s lack of awareness, which provide a first point of access to the information systems.

Most common cybersecurity attack methods

• Phishing -> Also known as identity theft, are attacks carried out using fraudulent emails masquerading as emails from reputable sources. Their aim is to steal sensitive data such as credit card numbers, and login credentials.
• Malware -> This is a type of software designed to obtain unauthorised access or to cause damage to IT equipment. There are many types of malware and each one seeks to achieve its aims in a different way, including the following: virus, Trojans, spyware, ransomware, adware, botnets, etc.
  • Ransomware -> In recent times this has become the most widely known type of malware due to the impact of its attacks and their frequency. Its aim is to intimidate users into paying a fine by blocking the IT system or access to files until the payment is made. This payment doesn’t guarantee that the files can be recovered or that the system is restored.
• Social engineering -> This is a tactic used by the attackers to trick legitimate users into revealing their confidential information with the aim of getting money from them or obtaining valuable data to carry out a subsequent attack. This tactic may be combined with any of the previous threats.
• Service denial -> An attack that consists of preventing an IT system from carrying out legitimate requests by overloading networks and servers with unwanted traffic. This leads to the system becoming unusable and prevents the organisation from carrying out vital functions.
• “Man-in-the-middle” type attack -> This is an attack whereby the cyber criminal intercepts the communication between two individuals to steal data. For example, an attacker might intercept messages sent via an insecure Wi-Fi network.

Organisations need to have a cybersecurity strategy to identify the risks to which they are exposed, locate the weak points and put in place processes and tools to detect and mitigate any possible attacks or threats.

First of all, they need to have an up-to-date inventory of assets and software in order to know the potential risks to they are exposed to. Then it is recommended that they carry out an audit to get to know about the state of their cybersecurity and to define the subsequent steps.

Regardless of the result of the audit, at least the following controls should be established:

• Security policies and standards .
• A logical access control system.
• A backup system.
• Anti-malware software on the equipment.
• A policy for software updates.
• Tools to apply security on the internal and external networks.
• Monitoring information supports during their useful life.
• An activity log for monitoring all actions.
• A business continuity plan.
• A cybersecurity awareness-raising plan for all employees.

On the other hand, the application of security standards like ISO 27001 and setting up an Information Security Management System (ISMS) based on that standard, will enable appropriate measures to be managed and carried out to protect the information and, therefore, limit the number of threats arising from malicious attacks.

Likewise, technology is essential to offer organisations the cybersecurity solutions needed to protect them from cyberattacks and to be able to apply the controls needed to protect their assets.

Both the end devices and the networks that enable their connectivity and the cloud or servers for storing information need to be protected. To this end, there are various cybersecurity systems available such as:

• Firewalls.
• Intrusion Prevention and Detection Systems IDS/IPS.
• Anti-malware protection.
• Communication encoding systems.
• DNS Filtering.
• Antivirus software.
• Email security solutions.
• Web security solutions or SIEM monitoring solutions.
• Etc.

We need to bear in mind that end users are the first line of defence against cybercrime and therefore it is vital that they are equipped with all the knowledge and skills needed to protect the company and be alert to any possible attack that might occur. For this reason, developing a cybersecurity awareness programme is the best way to educate staff and create a culture of security.

At GlobalSuite Solutions we have GlobalSuite® software which facilitates automation and management of the ISO 27001 standard to optimise an Information Security Management System (ISMS). The versatility of the software means that it meets the most complex requirements in an affordable and intuitive way, helping organisations to obtain ISO 27001 standard certification and consequently improving the organisation’s cybersecurity. Our teams of specialist consultants offer advice and the support needed to help organisations achieve the ISO 27001 standard