Cybersecurity

Cybersecurity is the practice of protecting networks, systems, hardware and data from digital
attacks. Our guide will bring you up-to-speed on the field of cybersecurity, including types of
cyber attacks and it's growing global importance in a digital world.

What Is Cybersecurity?
Cybersecurity is the practice of securing networks,
systems and any other digital infrastructure from malicious
attacks. With cybercrime damages projected to exceed a
staggering $6 trillion by 2021, it’s no wonder banks, tech
companies, hospitals, government agencies and just
about every other sector are investing in cybersecurity
infrastructure to protect their business practices and the
millions of customers that trust them with their data.

What’s the best cybersecurity strategy? A strong security infrastructure includes multiple layers
of protection dispersed throughout a company’s computers, programs and networks. With cyber
attacks occurring every 14 seconds, firewalls, antivirus software, anti-spyware software and
password management tools must all work in harmony to outwit surprisingly creative
cybercriminals. With so much at stake, it’s not hyperbolic to think that cybersecurity tools and
experts act as the last line of defense between our most vital information and digital chaos.

THE IMPORTANCE OF CYBER SECURITY

Cyber security is important because government, military, corporate, financial, and

medical organizations collect, process, and store unprecedented amounts of data on computers
and other devices. A significant portion of that data can be sensitive information, whether that
be intellectual property, financial data, personal information, or other types of data for which
 unauthorized access or exposure could have negative consequences. Organizations transmit
sensitive data across networks and to other devices in the course of doing businesses, and
cyber security describes the discipline dedicated to protecting that information and the systems
used to process or store it. As the volume and sophistication of cyber attacks grow, companies
and organizations, especially those that are tasked with safeguarding information relating to
national security, health, or financial records, need to take steps to protect their sensitive
business and personnel information. As early as March 2013, the nation’s top intelligence
officials cautioned that cyber attacks and digital spying are the top threat to national security,
eclipsing even terrorism.

CHALLENGES OF CYBER SECURITY

For an effective cyber security, an organization needs to coordinate its efforts throughout its
entire information system. Elements of cyber encompass all of the following:
• Network security
• Application security
• Endpoint security
• Data security
• Identity management
• Database and infrastructure security
• Cloud security
• Mobile security
• Disaster recovery/business continuity planning
• End-user education
The most difficult challenge in cyber security is the ever-evolving nature of security risks
themselves. Traditionally, organizations and the government have focused most of their cyber
security resources on perimeter security to protect only their most crucial system components
and defend against known treats. Today, this approach is insufficient, as the threats advance
and change more quickly than organizations can keep up with. As a result, advisory
organizations promote more proactive and adaptive approaches to cyber security. Similarly, the
National Institute of Standards and Technology (NIST) issued guidelines in its risk
assessment framework that recommend a shift toward continuous monitoring and real-time
assessments, a data-focused approach to security as opposed to the traditional perimeter-based
model.

MANAGING CYBER SECURITY

The National Cyber Security Alliance, through SafeOnline.org, recommends a top-down

approach to cyber security in which corporate management leads the charge in

prioritizing cyber security management across all business practices. NCSA advises
that companies must be prepared to “respond to the inevitable cyber incident, restore normal
operations, and ensure that company assets and the company’s reputation are protected.”
NCSA’s guidelines for conducting cyber risk assessments focus on three key areas: identifying
your organization’s “crown jewels,” or your most valuable information requiring protection;
identifying the threats and risks facing that information; and outlining the damage your
organization would incur should that data be lost or wrongfully exposed. Cyber risk assessments
should also consider any regulations that impact the way your company collects, stores, and
secures data, such as PCI-DSS, HIPAA, SOX, FISMA, and others. Following a cyber risk
assessment, develop and implement a plan to mitigate cyber risk, protect the “crown jewels”
outlined in your assessment, and effectively detect and respond to security incidents. This plan
should encompass both the processes and technologies required to build a mature cyber
security program. An ever-evolving field, cyber security best practices must evolve to
accommodate the increasingly sophisticated attacks carried out by attackers. Combining sound
cyber security measures with an educated and security-minded employee base provides the
best defense against cyber criminals attempting to gain access to your company’s sensitive data.
While it may seem like a daunting task, start small and focus on your most sensitive data, scaling
your efforts as your cyber program matures.
 TYPES OF CYBER ATTACKS

Cyber attacks come in all shapes and sizes. Some may be overt
ransomware attacks (hijacking important business products or tools
in exchange for money to release them), while some are covert
operations by which criminals infiltrate a system to gain valuable
data only to be discovered months after-the-fact, if at all. Criminals
are getting craftier with their malicious deeds and here are some of
the basic types of cyber attacks affecting thousands of people each day.

Malware

Malware is used to describe malicious software, including spyware, ransomware and viruses. It
usually breaches networks through a vulnerability, like clicking on suspicious email links or
installing a risky application. Once inside a network, malware can obtain sensitive information,
further produce more harmful software throughout the system and can even block access to vital
business network components (ransomware).

Phishing

Phishing is the practice of sending malicious communications (usually emails) designed to

appear from reputable, well-known sources. These emails use the same names, logos, wording,
etc., as a CEO or company to dull suspicions and get victims to click on harmful links. Once a
phishing link is clicked, cyber criminals have access to sensitive data like credit card, social
security or login information.

Social Engineering

Social engineering is the process of psychologically manipulating people into divulging personal
information. Phishing is a form of social engineering, where criminals take advantage of people’s
natural curiosity or trust. An example of more advanced social engineering is with voice
manipulation. In this case, cyber criminals take an individual’s voice (from sources like a
voicemail or social media post) and manipulate it to call friends or relatives and ask for credit
card or other personal information.
Man-in-the-Middle Attack

Man-in-the-Middle (MitM) attacks occur when criminals interrupt the traffic between a two-party
transaction. For example, criminals can insert themselves between a public Wi-Fi and an
individual’s device. Without a protected Wi-Fi connection, cyber criminals can sometimes view
all of a victim’s information without ever being caught.

Zero-day attack

Zero-day attacks are becoming more-and-more common. Essentially, these attacks occur
between a network vulnerability announcement and a patch solution. In the name of
transparency and security, most companies will announce that they found a problem with their
network safety, but some criminals will take this opportunity to unleash attacks before the
company can come up with a security patch.

BASIC PROTECTION
Cybersecurity Basics

A multi-layer cybersecurity approach is the best way to thwart

any serious cyber attack. A combination of firewalls, software
and a variety of tools will help combat malware that can affect
everything from mobile phones to Wi-Fi. Here are some of the
ways cybersecurity experts fight the onslaught of digital attacks.

AI FOR CYBERSECURITY

AI is being used in cybersecurity to thwart a wide variety of malicious

cybercrimes. Security companies are training artificial intelligence tools
to predict data breaches, alert to phishing attempts in real-time and even
expose social engineering scams before they become dangerous.

Securing Against Malware

Security against malware is certainly one of the most important issues today (and it will continue
to be as malicious software evolves). An anti-virus software package is needed to combat any
suspicious activity. These packages usually include tools that do everything from warning
against suspicious websites to flagging potentially harmful emails.

Mobile Security

Mobile phones are one of the most at-risk devices for cyber attacks and the threat is only
growing. Device loss is the top concern among cybersecurity experts. Leaving our phones at a
restaurant or in the back of a rideshare can prove dangerous. Luckily, there are tools that lock
all use of mobile phones (or enact multi-factor passwords) if this incident occurs. Application
security is also becoming another major issue. To combat mobile apps that request too many
privileges, introduce Trojan viruses or leak personal information, experts turn to cybersecurity
tools that will alert or altogether block suspicious activity.

Web Browser Security & the Cloud

Browser security is the application of protecting internet-connected, networked data from privacy
breaches or malware. Anti-virus browser tools include pop-up blockers, which simply alert or
block spammy, suspicious links and advertisements. More advanced tactics include two-factor
authentication, using security-focused browser plug-ins and using encrypted browsers.

Wi-Fi Security

Using public Wi-Fi can leave you vulnerable to a variety of man-in-the-middle cyber attacks. To
secure against these attacks, most cybersecurity experts suggest using the most up-to-date
software and to avoid password-protected sites that contain personal information (banking,
social media, email, etc.). Arguably, the most secure way to guard against a cyber attack on

MACHINE LEARNING IN CYBERSECURITY

Machine learning has become a vital technology for cybersecurity. Machine learning preemptively
stamps out cyber threats and bolsters security infrastructure through pattern detection, real-time
cyber crime mapping and thorough penetration testing.
public Wi-Fi is to use a virtual private network (VPN). VPNs create a secure network, where all
data sent over a Wi-Fi connection is encrypted.

I S M AC HI N E L EA R NI NG E NO U G H T O ST O P CY B E RC RI ME ?
Machine learning does some things really well, such as quickly scanning large amounts of data
and analyzing it using statistics. Cybersecurity systems generate reams of data, so it's no
wonder the technology is such a useful tool.

“We have more and more data available, and the data is generally telling a story,” Raffael Marty,
chief research and intelligence officer at cybersecurity firm Forcepoint says. “If you understand
how to analyze the data, you should be able to come up with the deviations from the norm.”

And those deviations sometimes reveal threats. Thanks to that important function, the use of
machine learning is surging in multiple sectors. It's employed for tasks that require image
recognition and speech recognition. It has even defeated the world's top Go player at his own
game.

But while it has improved cybersecurity, Marty says, humans are still crucial.

“There's this promise that you can just look at past data to predict the future—forgetting that
domain expertise is really important in this equation,” he says. “There are groups of people who
think you can learn everything from the data, but that's simply not true.”

Over-reliance on AI in cybersecurity can create a

false sense of safety, Marty adds. That's why, in
addition to judiciously applied algorithms, his firm
employs cybersecurity experts, data scientists and
psychologists. As with all current artificial
intelligence, machine learning supplements and
enhances human efforts, rather than
replacing them.
“AI is going to become more prevalent in security. It's maturing,” CrowdStrike Founder and
CEO George Kurtz said in late 2018. “AI is a feature, not a company. It's going to play a role in
solving a specific problem. But not every problem can be solved with AI.

“It's going to be a tool in the toolkit.”

WHITE HAT HACKERS: INSIDE THE WORLD OF ETHICAL HACKING

Companies have long played defense against cyber attacks. With the help of ethical hackers,
they're taking more proactive measures.

These days, intruders around the world have permission to

infiltrate networks. It's called ethical hacking, and those who
practice it are growing in number. Just as vaccines guard
against diseases by introducing a weakened form of the
offending biological agent, companies and government
organizations invite these non-malicious hackers to penetrate
their systems in order to pinpoint security gaps and develop
stronger defenses.

While ethical hacker types had begun to emerge (the New York Times wrote about some
“mischievous but perversely positive” ones in 1981), they were still viewed as anomalies and
outlaws of a sort.

Now, nearly a decade later, as cybercrime costs companies billions of dollars and is predicted
to exceed $6 trillion worldwide by 2021 (the worst cyber attack in history, a particularly nasty
strain of malware dubbed NotPetya, cost FedEx alone at least $300 million), ethical hacking is
catching on in a bigger way than ever before. Within two years, U.S. companies are expected to
spend $1 trillion annually on proactive cybersecurity procedures to safeguard their valuable data.
GLOSARIO

ENGLISH MEANING