What is Cyber Security?
Cyber is all things Information Technology and computer related so Cyber Security is keeping that Information Technology and those computers secure.
If you are looking for a more formal definition of Cyber Security then the Centre for the Protection of National Infrastructure (CPNI) has a great example that is easy to follow and avoids over use of the word Cyber
“Almost every business relies on the confidentiality, integrity and availability of its data. Protecting information, whether it is held electronically or by other means, should be at the heart of the organisation’s security planning. The key questions to keep under constant review are:
Who would want access to our information and how could they acquire it?
How could they benefit from its use?
Can they sell it, amend it or even prevent staff or customers from accessing it?
How damaging would the loss of data be? What would be the effect on its operations?”
Where is it heading and how can we combat it?
2018 was a significant year in the cyber security world and highlighted the fact that even though you think you are doing everything you can to prevent a cyber attack the attackers remain at least one step ahead.
It was a year that saw many significant breaches almost on a weekly basis resulting in cyber security being the number one issue on every business leaders mind.
It was also the year that organisations had to get to grips with huge compliance changes like GDPR, with hefty fines already incurred by some big names.
New regulations are slow to come into force and are nearly always reactive to the dynamic and fast-moving nature of the cyber security threat landscape. Having a culture of compliance and regulation is not enough and can provide organisations with a false sense of security against attackers who are motivated and agile.
Cybercrime driven by greed with the theft of data and holding organisations to ransom is one thing, but attacking the integrity of an organisation’s data, something that has significantly increased in the last year, will cause long-term reputational damage or potentially the complete failure of those organisations.
There is already a massive global shortage of cyber security skills in the workplace which can only result in more and more breaches in the future. Demand will rise as organisations realise their security strategy is not as robust as it needs to be.
Companies are trying to handle their security needs internally but are not always investing in the right places, such as training and skills growth, which can only really be tackled with tailored training programmes.
With the advent of Internet of Things and Bring your own device it is inevitable that new security vulnerabilities are exposed with regularity. Attackers are using AI to emulate the behaviours of users that might not be detected by experienced and skilled security professionals, a phishing campaign that can fool even the most threat-conscious individual.
Attackers are already getting bolder and harder to trace. They are also getting smarter, always ahead of any ability to counter their exploits.
Breaches will become more complicated and difficult to beat as cybercriminals become more malicious and devious.
Organisations will be looking to risk insurance as part of their operational risk strategy which is expensive even if you have all the security and recovery mechanisms in place. Relying on insurance to mitigate against loss of reputation and trust is probably too little and too late and is it really money well spent?
The right software and training programs will be crucial in getting the security and protection you need within an organisation, prevention rather than cure is far more cost effective. Simple and effective AI based software solutions will benefit many organisations where cyber skills are in short supply or difficult/expensive to recruit.