What is Cyber security? What are the risks that can emerge from a low level of IT security? But most importantly, why do we need a student association for Cyber security? Find the answer to all these questions in our first report!
Two weeks ago, our University was attacked by a group of hackers. In 2020, Cybercrime upped to 60% due to COVID-19 Pandemic.
When someone is attacked, the threat involves not only the person itself but also the network: family, friends or colleagues. Cyber security is more than ever in our lives and taking secure actions might not be enough. In fact, in order to be safe, it is not enough to be secure. If a gate valve is protected by a passcode, we could consider it secure. But someone that is not responsible to enter it knows the passcode, it can not be considered safe.
Cybersecurity should have a main role in every firm. And the figure of a CISO, a Chief Information Security Officer, is becoming every day more necessary for the well-being of a company.
What do we do at B.Cyber? To answer this question we must first analyze the basics of cybersecurity and its practices.
What is cyber security?
With the increasing use of the Internet, the protection of important information has become a necessity. A computer that does not have appropriate security controls can be infected with malicious softwares which then allow access to any type of information in a few moments.
That is where Cybersecurity comes into play: it is the set of technologies, processes, and practices designed to protect networks, devices, programs, and data from attacks, damage, or unauthorized access, in terms of availability, confidentiality, and integrity. There are many devices connected to the network and hackers are becoming more and more innovative. For this reason, the need to have tools to defend oneself has become paramount and is growing both in the technical and legal fields.
For years, Cybersecurity has earned a reputation for being expensive and hampering operational progress. However, it is actually a decisive factor that can dictate the future success of any company: it determines both the success of small businesses and of an entire country. For example, IT-enabled manufacturing facilities ushered in the era of industrial control systems connected with programmable logic controllers (PLCs).
Certainly, Industry 4.0 is synonymous with innovation of products and services: this is possible only thanks to the close correlation that must necessarily run between information technologies (ICT) and the entire data network that interconnects man and the world. While some companies struggle to improve operational efficiency, customer experience, logistics, and supply chain earnings through the use of the IoT, often others are there ready to engage and spend resources to undermine the efforts of companies. First: just to mention two examples, we recall a DDoS attack on the servers that hosted PayPal, Spotify, Netflix and Twitter data, bringing the latter to a temporary block and a flaw that prompted British Airways to block thousands of frequent flyer accounts because unauthorized activity by third parties was discovered. The fact that companies increasingly embrace the advantages offered by artificial intelligence, industrial robots, and various components that are part of the IoT leads to an analysis of the risks involved, despite the many efficiencies. Any smart environment should have a solid foundation for next-generationintrusion detection, prevention, and efficient systems of application whitelisting, data integrity monitoring, virtual patching, machine learning analytics, anti-malware, risk detection with related vulnerability assessment, firewall, anti-spear-phishing, antispam protection. This is possible only with the implementation of a precise architecture aimed at reducing the risk and constant updating (e.g., new threats and possible prevention measures) by relying on trusted partners.
What are the risks that can emerge from a low level of IT security?
The main risks that can emerge from a low level of IT security include:
- A limited security configuration, the basic enterprise configuration lacks the right encryption criteria and proper password hashing
- Little attention to patch management, a particularly relevant habit in core business systems
- Possible cryptographic inconsistencies, since we often only focus on the inside of the system and not on the interaction between the systems themselves
- Weakness of code security, as code developed by those responsible is not always fully examined to ensure that it is “free of vulnerabilities”
Any of these weaknesses can pose a risk to connected systems that, while unintended, can counterproductively obscure any attempt to improve services, drive innovation, create prosperity and address some of the top business priorities.
In addition, the risk analysis must still take into account all the business processes involved: both databases and the premises where they are located must be protected.
Without any doubts, another major problem not to be underestimated is the fact that the intrusion into company information systems is not an end in itself but rather a means to then attack other realities.
It is necessary to communicate with production in order to better protect the needs of the company. Unfortunately, not everyone is aware of the aforementioned risks and of how a device connected to the network can constitute a weak point that can be exploited by malicious people.
We must also pay attention to the small daily actions: from the protection systems of corporate smartphones to the verification of the trustworthiness of the software developer of our apps, from checking the suppliers of corporate hardware and software to choosing who provides the support environment for the systems. These measures are important for an industry that wants to improve the productivity and quality of production plants by connecting physical and computer systems.
Are companies financing Cyber Security?
While spending on business systems and data security is on the rise, there is a question about the functionality of long-term financing: most companies choose to focus on traditional and converged IT infrastructure security, such as firewalls. However, we must go even further. Companies must define best practices by being careful to respect some key points such as:
- Network, operating system, database, and front-end security, defining clearly structured and different areas, separating high priority areas and determining the related administrative roles with a consequent implementation of database access mechanisms and the requirements of each operating system, configuring the right security between clients and mobile endpoints
- Code security and maintenance, using source code scanning tools to identify possible vulnerabilities and updating software regularly
- Security in communications, where it is necessary to privilege encrypted systems with the possibility of monitoring all systems
- User authorization, raising security awareness
- Definition of the concept of emergency, backup, and recovery, to ensure business continuity, setting up end-to-end fallback systems
What are the regulations regarding Cyber security?
The GDPR, a new European regulation on privacy introduced in May 2018, defines Cybersecurity, and in particular data protection, as one of the fundamental human rights. It is extremely important to ensure IT security plans within companies. Companies are obliged to apply the principle of privacy by design, that is, data protection must be guaranteed from the design stage by implementing suitable technical and organizational measures to give concrete implementation to the principles contained in the new regulation. Furthermore, the concept of privacy by default was introduced, thus establishing that data protection must be guaranteed as a default “setting”.
It will be the responsibility of the data managers to demonstrate full compliance with the obligations of the GDPR by providing all sufficient guarantees to demonstrate that data protection has been taken into account both from the beginning of the design and in the development itself.
It is important to point out that the human component is the fundamental link in the entire implementation process of these systems as it is awareness of the issue that can mislead the same malicious attackers, who use the weakness of the users themselves, from achieving their ends.
The activation of new degree classes for specialization in the cyber world, combined with a diversified culture in other disciplines (e.g., legislation), can lead to a future and better knowledge of the sector. Companies, especially SMEs, if they want to protect themselves must implement all the necessary countermeasures by creating an ecosystem in which research, companies, and institutions can collaborate to defend themselves from digital attacks: it is necessary to increase the level of awareness from CEOs to employees.
As you have read, Cyber security is an emerging sector that will be essential in the future of every company. A student association is helpful for both people that are going to work in this field, but also for all managers who will have to deal with a CISO inside their company. Knowing the Cyber-basics, being able to understand what the Cyber security team is telling you, will give you an added value compared to other managers.
Mohammed Chraim and Domenico Alesci