Cybersecurity Jargon-BustingJuly 8, 2015 Leave your thoughts
It’s one of the hottest topics in the networking world and I’d happily bet all of my limbs that it’s not going away any time soon.
Cybercrime is costing the UK an estimated £27 billion a year, with the global estimate set at a staggering $445 billion (£266 billion). The threat to businesses has increased at an alarming rate and a number of high-profile breaches – Sony, Microsoft, Kaspersky…even the United States Government – have created a climate in which it seems clear that this is an issue to be placed firmly at the summit of any CTOs ‘to-do’ list.
Studies and reports on the subject come thick and fast and, like reading from an astronomy text book, the numbers can be difficult to fathom:
- Globally, we are spending approximately £266 billion annually in the fight against cybercrime
- Cybercrime is costing British businesses alone a mammoth £34 billion per year
- The cost of fighting cybercrime is set to increase by around 38% over the next decade
- Despite all this, 31% of small businesses have no firewall protection whatsoever…not to mention those with outdated or inadequate defences
Some fairly worrying stuff, wouldn’t you say?
We’ve Got to Wake Up!
People and businesses are slowly waking up to the very real threat of cybercrime, but some might say the reaction is nowhere near urgent enough. We can only speculate as to the reason for this, but education must play a significant role in fighting back against hackers and digital crime. With that in mind we thought it might be useful to indulge in a short session of jargon busting.
As with many sub-sections of the networking world, cybersecurity is often characterised by long technical-sounding titles, endless acronyms and nomenclatures…here are just a few of the main culprits.
- SECURITY POSTURING
We’ll begin with a fairly simple one; Security Posturing is essentially your network security ‘plan’. This can encompass many separate and interconnected elements which together form your businesses complete approach to ongoing network security – from planning and implementation to management and regular auditing.
- APT (ADVANCED PERSISTENT THREATS)
This acronym is amongst the most common (at least within the articles and reports that I have read recently) and is one that all businesses should definitely be aware of.
Very much like a nasty tapeworm or some other ungodly parasite, an Advanced Persistent Threats enable criminal elements to gain access to private networks with the goal of leaching valuable data whilst going undetected over long periods of time. This method of data breach is both effective and concerning as many of us probably assume that a hack would be the digital equivalent to a high-street ram-raid or smash and grab, in which large amounts of valuables are taken in one go, leaving the victim to pick up the pieces…this is not always the case.
- NEXT GENERATION FIREWALLS
A new landscape of cyber-threats requires an arsenal of new weapons with which to fight back. Traditional firewall technology is not able to cope with many of today’s more sophisticated methods of cybercrime and the next generation has been designed to take a layered, more granular, approach to protecting business data.
One of the main differences between the old and the new technologies is that Next Generation Firewalls are APPLICATION AWARE. This essentially means that they are able to discern application traffic irrespective of the port from which it has originated, making it harder for malicious traffic to go undetected.
- ENDPOINT PROTECTION
We live in a world of endpoints – smartphones, tablets, PCs, laptops, ‘wearables’ and even POS (Point of Sale) machines and data capture devices. With the burgeoning ‘Internet of Things’ seemingly reaching a critical point, the number of endpoints is only set to increase alongside the headaches of IT administrators across the land.
Safeguarding these endpoints requires each device to be configured in such a way that complies with your businesses specific network security policies. Subsequent network access relies on server validation of the device, which could involve checking for updates, an approved operating system or even whether the device has the latest anti-virus protection installed.
This is another one that could be put in the ‘commonly heard’ category, however it is still one of the most effective ways for hackers to gain access to private networks and the valuable information held within.
We’ve all received them; emails which look to be from a trusted source – our bank or insurance providers perhaps – which, if clicked, can result in nothing but bad news. As more of our personal information becomes freely available across the web, through the multitude of social media platforms, it gives hackers a wealth of material with which to target certain individuals with increasingly tailored messages. Imagine receiving an innocent looking email from a ‘friend’ regarding a recent fishing trip, clicking a link contained within it (perhaps to a pic of the giant Sea Bass you reeled in) only to have your computer infected by something malicious. Scary stuff!!
Greater care must be taken with any information shared or received online – treat everything with suspicion!
- DLP (DATA LOSS PROTECTION)
On the subject of sharing information, Data Loss Prevention or DLP is the area of network security which seeks to ensure that business employees do not send or share valuable information outside of the corporate network.
With thousands of separate digital communications likely taking place each day within your average business, the chances of sensitive information being unintentionally shared become far greater. DLP and associated softwares allows network administrators to assert control over what data is shared and with whom. This may mean that certain users cannot access certain information or it may deny them access to cloud storage.
The importance of DLP is just one great example of how threats to network security are not solely from external sources but must also be considered from an internal perspective as well.
- IPS (INTRUSION PREVENTION SYSTEM)
Basically, an Intrusion Prevention System is your network watchman; checking all network traffic for anything untoward. Detecting and preventing network breaches is key to what we like to call a ‘positive approach to network security’ and should be an integral part of any successful contemporary cybersecurity strategy.
We often talk about taking a layered approach to security and the IPS forms one of these layers. Acting as a second line of defence behind the firewall, if any malicious traffic is detected, the system can be configured to perform a number of reactionary tasks, such as sending an alert to the system administrators or blocking traffic from the source address.
Education, Education, Education
The best way to defeat or master most things – at least in my own humble experience – is to discover how they work and use that knowledge to switch the odds in your favour. This may be easier said than done in the fast-moving cybersecurity sector, but cybercrime is certainly not going away any time soon and thus positive steps to mitigation must be our core collective goal.
Cybercrime, Cybersecurity, enterprise network security, network security solutions