What is cybersecurity?
Nist.gov states it is “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.”
With so much that needs to be secured, organizations are often confused as to what to do. Cybersecurity experts came up with a concept called the CIA Security Triad. As the name states the Triad has three components- confidentiality, integrity, and availability. Each of these components helps guide the company to what type of security measures, controls, and what the overall cybersecurity strategy should be.
So let’s break down each of these components.
- 1. Confidentiality- A system’s capability of restricting access to the networks and data to only the correct user/system/resource.
- 2. Integrity- A system’s capability to prevent any corruption of the system and information.
- 3. Availability- The system’s ability to provide access to authorized users the vast majority of the time.
In order to achieve each of these components, organizations need to bring in a cybersecurity expert to perform a cybersecurity risk assessment. This cybersecurity risk assessment looks at the whole cybersecurity framework of the organization and finds potential risks that need to be addressed. The assessment is based on cybersecurity best practices that are used in many industries. This assessment is the best way for organizations to know how secure their IT infrastructure, business processes, and systems are.
This cybersecurity risk assessment uncovers:
- Critical security threats
- Weaknesses in the IT systems and infrastructure
- If additional employee training on IT security is needed
- Any gaps in the cybersecurity policies
- Any potential security risks
Why is having a cybersecurity risk assessment important?
Malware is malicious software such as viruses, spyware, ransomware, Trojan horses, and key loggers. This software is installed on a computer when someone clicks on a malicious link or attachment. According to Cisco malware can
- Block access to key IT network systems
- Automatically install additional software
- Obtain information from an infected system covertly.
- Disrupt the computer system making it inoperable
Phishing is when a fake form of communication such as email or text is sent to a victim in an attempt to have them click on a link or open an attachment. Oftentimes this communication looks legitimate and is always urgent. This is created in such a way so that the victim doesn’t have time to truly research if the communication is legit.
Man-in-the-Middle (MitM) Attacks
Also known as eavesdropping attacks, occurs when an attacker places themselves in the middle of a two party transaction. Once they are established they are able to steal all sorts of data. This type of attack occurs the most commonly in unsecured public WiFi and through malware that is on a device.
Denial-of-Service (DOS) Attack
DOS attacks floods the IT systems, servers, and/or networks with traffic to overwhelm the systems. When this occurs the systems cannot function and there is a system malfunction. In some cases, cyber attackers also use this opportunity to establish other attacks that they can activate at a later time.
Brute Force Attack
Passwords can be compromised by brute force guessing. An attacker will guess the password to an account over and over until the correct combination is guessed. Brute force attacking involves automating the password entry to allow for thousands of guesses per hour. Brute force attacks are often slow and can even take months but are still used as they can find easily guessed passwords. Remote Desktop Protocol is often attacked by this method.
Remote Desktop Protocol
Remote Desktop Protocol (RDP) is a well-known and widely used tool for remotely controlling computers. It’s been in use since the early 2000s. It’s also a widely attacked protocol. A large number of ransomware attacks have exploited this protocol to gain a foothold and launch their attacks. Today, open RDP on the Internet is considered insecure by virtually all security professionals.
A Structured Query Language (SQL) attack occurs when a cyber attacker inserts malicious code into a server that uses SQL. This then causes the server to reveal information that is usually highly protected.
The Zero-Day exploit occurs when a venerability in a system is found but there is no patch or update to remedy it. During these times systems are vulnerable and hackers use this opportunity to hack into a system and attack it.
Domain name system, or DNS, is the protocol that translates website addresses, such as google.com or amazon.com, into computer IP addresses, such as 109.256.12.169. Cyberhackers know that DNS is widely used and trusted across the world. Since DNS is not used for any kind of data transfer, most organizations don’t look for any malicious traffic. That is why Cyberhackers use this method of attacking organizations’ systems.
CyberVenger offers a cybersecurity risk assessment to organizations that are concerned about their cybersecurity. Our experienced IT engineers will perform the assessment and offer remedies to make sure that your IT systems and infrastructure are secure.
Contact us 773.570.9935
Our IT Compliance Experts Can Help!