What and why of Cyber Security

What and why of Cyber Security

Cybersecurity refers to the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorised access. Cybersecurity may also be referred to as information technology security.

Criminals and criminal organisations around the world already have worked out, there is money to be made in cybercrime and that policing it, given the international nature of the crimes, is very difficult. Cybercrime has moved from the “conventional hacker” just being a nuisance with new viruses, etc., to criminals now harnessing that capacity to steal and extort.

Cyber attacks primarily fall into two specific categories: breaches in data security and sabotage. Personal data, trade secrets and information linking to bids, mergers and prices are targets for a data security breach. Sabotage can take the form of denial of service attacks, which flood web services with false messages, as well as more conventional efforts to disable systems and infrastructure. In addition to commercial losses and public relations problems, disruption of operations and the possibility of extortion, cyber attacks may also expose an organization to regulatory action,

negligence claims, the inability to meet contractual obligations and a damaging loss of trust among customers and suppliers.

Examples of cyber attacks on Banks IT infrastructure and data systems include:

1. Malware that logs your keystrokes, giving your banking credentials to the cybercriminals;

2. Ransomware that infects and encrypt data files while they are still on our computers and the only way to get access to data is by paying a ransom to criminal to unlock them; or

3. the loss of sensitive/confidential data, exposing Bank to government/regulatory fines and/or legal action from clients or business partners whose information has been “leaked”.

4. Today almost all computers now come with some form of technical protection such as Anti-viruses, and still, the chance of being compromised continues to grow at rapid speed, with the black market for stolen data booming into a multi-billion dollar industry. Banks are now expected to take reasonable proactive measures, even in law, to protect the private data of their clients and business partners from cyber attack.

5. Anti-viruses, a robust firewall and network management practices are vital but are not the total of the solution.

For any technical security measures to be effective, the human factor also needs to be taken into consideration. The fact that human error now causes a growing number of data breaches means that no matter how strong and secure our network is, one malicious email or one click is all it takes for hackers to find a way to breach our system and disable our systems.