What does it do?
Cybersecurity is technologies, processes and practices that protect against digital attacks. Cyber security is what protects our computers, servers, devices, electronics from malicious attacks. (Kaspersky.com.au, 2019) Cyber security is a broad term but can be divided into the following categories.
Information security
Information security (InfoSec) is a broad term within cyber security that refers to the processes and practices used to protect data. It is the process of protecting data from unauthorized access, modification, disruption, or destruction. There are types if infosec are Application security, Cloud security, encryption, incident response, vulnerability management and disaster recovery. (Cisco, n.d.)
Application security
Application security is technology and processes that protect applications against threats such as unauthorized access and modification. The main types of application security are
Authentication
Authentication is the process of ensuring that who is accessing the application is who they say they are. This is done many ways including requiring the user to logon with a username and password, two factor authentication and biometric authentication. Authorisation – Once a user is authenticated authorisations to the app can be granted. These can vary upon what level of access is desired within the app. This can be done by checking the credentials of the user against a list of authorised users. Encryption – To keep data safe it is encrypted. This means it is secured using mathematical techniques and is only accessible to those who have the key. Logging – Data logging leaves a record that can be called upon in the event there is suspicious activity or even a security breach. Testing – Testing the above processes and controls ensures they are working, and the app is secure.
(VMware, 2021)
Cloud Security
Cloud security are the technologies, processes, controls, and policies that protect cloud-based infrastructure, data, and systems. These are used to protect data on the cloud, comply with regulations, ensure privacy for customers, and sets authentication rules. (Forcepoint, 2019)
Network Security
Network security is a term that describes the technologies, devices, and processes that protect networks. There are typically three distinct types on controls in place to protect networks. Physical controls, which are in place to prevent physical access to a network. This is in the form of restricted access, biometric authentication, and locks. Technical security controls protect all data whether it be stored in the network or in transit in or out. Administrative network security controls are the policies and processes that determine how users are authenticated and access they have to the network. Types of network security include:
Network access control: NAC are policies and protocols that determine who can access what on the network.
Antivirus and Anti-malware software:Software that protects against a wide spectrum of malicious software.
Firewall protection: Firewalls are a barrier between untrusted external networks and the trusted internal network.
Virtual private networks: VPNs allow a protected network connection when using public networks. They encrypt data and hide your IP.
Incident Response
Incident response is the system in place that monitors for suspicious behaviour. To help minimise damage of a breach, there should be an incident response plan to contain the threat and restore systems. (Cisco, n.d.)
Vulnerability Management
Vulnerability management is process of scanning your environment for potential weak points and prioritises them based on the risk. Keeping on top of any weak points in the system is vital and can protect against disastrous breaches. (Cisco, n.d.)
Operational Security
Operational Security (OPSEC) is a risk management and security process that identifies critical information and determines the process required to protect it. The five steps of OPSEC are:
1. Identify critical information.
2. Analyse threats.
3. Analyse vulnerabilities.
4. Assess risks.
5. Apply appropriate countermeasures.
Best practices of OPSEC are:
Change-management process- Ensures there are change management process in place for employees to comply with when changes are made to the network
Restrict Device Access-Only essential employees should have access to networks, and the network should have authentication.
Implement leave privileged access-Most employees of a business should have the minimum required access they can have and still do their job.
Deploy dual control- The teams responsible for security and corporate networks should be separate to negate any conflict of interest.
Implement automation- Where possible automation should be implemented to reduces the risk of human errors.
Craft disaster recovery plan – There should be a plan in place for the event of a breach, this ensures the impact of the breach can be minimised.
(What is OPSEC (operational security)? - Definition from WhatIs.com, 2020)
End user education is the practice of teaching end users about cyber-attacks. It is not only about educating the end user on what cyber-attacks are, but also teaching them the skills required and equipping them the tools to protect themselves. (TAV Technologies, n.d.)
Cybersecurity is an ever-evolving technology as it must constantly improve and adapt to the new threats of cyber-attacks. Cyber security will be created for the demands of the time. We are likely to see new technologies to accommodate the security risk of the substantial number of remote workers created by the covid-19 pandemic. With the expansion of the Internet of things (IoT) there are now more cyber attack surfaces than ever. There will have to be new securities to counteract the potential cyber attack threat. Ransomware is not a new threat, but its prominence is expected to rise. Ransomware is becoming increasingly sophisticated and thus so cyber security that defends against it. With the rise increasing adoption of cloud services, they are more than ever a prime target for cyber criminals. The drastic implications of a security breach of a cloud server means the technology protecting it must stay ahead of the cyber criminals. (Kaspersky, 2019)
With the sheer scale of a cyber security operation, organisations are looking to technology developments in artificial intelligence (AI) and machine learning to refine their infrastructure. AI already has been vital in automating current cyber security systems, natural language processing, automatic threat detection and face detection. AI is also now being used by cyber criminals to develop advance malware that can bypass the current cyber security systems. The use of AI in cyber security is still relatively new, they will be further implemented and optimised over the upcoming years. (Kaspersky, 2019)
What is the likely impact?
How cyber security develops will impact everyone in the modern world. It will impact the security of everyone, from huge mega corporations to small business to the individuals of the general population. How cyber security develops will determine how the constant battle between cyber security and cyber criminals will play out.
How the cyber security sector works is likely to change and evolve around the advancements in artificial intelligence and machine learning. The current uses of AI currently in cyber security are underdeveloped as the technology is still new. As cyber security companies and cyber criminals both farther develop and use AI it will likely to fundamentally change the approach to cyber security.
Companies who rely on cyber security to protect their business are going to be the most affected by the developments in cyber security. The cost of a successful cyber attack on a business is significant and can have long lasting ramifications. A company who has fallen to a cyber attack will lost trust of consumers in their capability to protect their data. The general population also has the potential to be affected by the future of cyber security. Successful cyber-attacks against individuals in the general population can lead to significant financial loss, stolen data, and data loss. Compared to companies it is a lot harder for an individual to recover from a cyber-attack.
As the industry is ever evolving, the innovative technologies and security systems will replace the old. Artificial intelligence and machine learning will make a lot of old technologies obsolete; it will streamline previously labour-intensive tasks. There will still be a huge demand for skilled workers in the cyber security sector in the upcoming years. The constantly evolving industry will need skilled workers if it wants to keep up with cyber criminals.
