Today’s organizations are faced with an infinity of new threats that can affect information systems and their data. Knowing the elementary factors of cybersecurity must be the first step to ensure adequate protection.
Cybersecurity is the practice of guaranteeing the integrity, confidentiality and availability (ICA) of information. Represents the ability to defend and recover from possible failures or attacks that may affect the stored information, ensuring business continuity. From script kiddies to hackers and criminal groups capable of perpetrating persistent advanced threats (APT), all of them represent serious threats to the company. Business continuity and disaster recovery planning are equally important to ensure the security of applications and networks.
Business security must be a priority in any sector in which the organization operates, for which it must have a mandate from senior management. The fragility of the information world also demands strong cybersecurity controls. The management committees of the organizations must ensure that the systems comply with certain safety standards and that the employees are properly trained. To cite a simple example, any language code as a rule has errors of some kind, some of which can be fatal for the security section. After all, the developers are also human.
Training in cybersecurity
It has always been said that the human being is the weakest link in the chain when it comes to business security. Thus, developers should be trained to code the code securely, train operations personnel to prioritize the security section, and strive to train employees to be able to detect emails with phishing and engineering attacks. Social. Cybersecurity must begin with the work of training and awareness.
The most sophisticated hackers can avoid any kind of current defense, their attack surface, or handle different attack vectors.
Protect critical infrastructures
In the case of having to protect sites or services belonging to critical infrastructures, including the systems on which the company depends, such as the electricity network, the channeling and control of water, traffic signals or hospitals , the measures go through ensuring due diligence to protect against possible vulnerabilities. Everyone else should evaluate how an attack on the critical infrastructure they depend on could affect them and then develop a contingency plan. Today there are countless companies that in one way or another, work in collaboration for this type of infrastructure or orgnaisms, which must also maintain good habits in cybersecurity if they do not want to be involved in an altercation.
Security ensuring network security often requires compensation. For example, it may be necessary to deploy access controls with additional logins. The tools used to monitor network security generate a large amount of data, so many that valid alerts are often lost. To help better manage the monitoring of network security, security teams increasingly use machine learning to mark abnormal traffic and alert threats in real time.
Moving the company to the cloud creates new security challenges. For example, in the past year 2017 we could see almost weekly infractions of data of instances of the cloud mis configured. Cloud providers are creating new security tools to help business users better protect their data, but the conclusion remains as follows: Moving to the cloud is not a panacea when it comes to cyber security. What additional measures should also be taken into account?
The security of applications (AppSec), especially the security of web applications, has become the weakest point of technical attack, but few organizations adequately mitigate all the web vulnerabilities of OWASP Top Ten. App Sec begins with secure coding practices, and must be complemented with penetration and fuzzing tests. The rapid development and deployment of applications in the cloud has seen the arrival of Dev Ops as a new discipline. DevOps teams generally prioritize business needs over security, an approach that is likely to change given the proliferation of threats.
IoT refers to a wide variety of critical and non-critical cyber-physical systems, such as electrical appliances, sensors, printers and security cameras. IoT devices are often sent in an insecure state and offer little or no security patch, which poses threats not only to their users, but also to other network dependent services, since these devices are often found in a bot net. This poses new and unique security challenges for society in general.