mobile-logo

Cyber Security

Written by:

Jason Fitch, MBA

what is cyber security?

What Is Cyber Security?

 

Cyber security is the practice of protecting systems, human resources, and physical assets from attacks. Attacks exploit vulnerabilities or weaknesses. Malicious code is then delivered to access, change, steal, ransom, or destroy sensitive information.

 

In some cases, the goal of a cyber attack is to disrupt or bring down a network and its business operations.

 

What Are The Types Of Cyber Security?

 

There are two types of cyber security:

 

  1. Offensive (Red Teaming)
  2. Defensive (Blue Teaming)

 

Red Teams are offensive in nature and specialize in attacking systems, networks, human resources, or physical assets with the goal of breaking through security defenses. Blue Teams play defense and maintain the internal network against all cyber attacks and threats.

 

Somewhere in the middle are Purple teams, which is not a separate team, although it can be. When red teams and blue teams come together to share knowledge from eachother’s discipline they enchance the security capabilities of an organization.

 

Advanced cyber security programs will perform simulated red team attacks against the blue team’s defenses in order to test the effectiveness of the network’s security.

 

The purpose of these simulations isn’t for the red team to breakthrough or for the blue team to detect an attack.  Instead, the goal is for both teams to share information on how to improve the overall security posture of the organization.

 

What Does Cyber Security Protect?

 

Cyber security professionals are responsible for defending against any number of attacks.

 

For example, there are teams responsible for protecting critical infrastructure like:

 

  • Hospitals
  • Traffic lights
  • Power grids.

 

Most businesses are familiar with network security which includes developing password policies, installing anti-virus software on computers and servers, implementing security awareness training, deploying next-generation firewalls, or monitoring internet access.

 

Other attacks target specific software applications. SQL, a coding language synonymous with databases, could be the target of an SQL injection attack.

 

Exploiting this vulnerability can result in the bad guys accessing and exfiltrating data from your network.

 

Internet of Things (IoT) devices, or anything that connects wireless to the internet, are also susceptible to a cyber attacks.

 

This includes appliances, sensors, televisions, wifi routers, and printers.

 

How Can I Protect Myself From Cyber Attacks?

 

Cyber attacks are constantly evolving requiring businesses to be proactive in deploying solutions.

 

To get started, organizations often develop cyber security policies.

 

Outside of standardizing practices, these policies provide a road map to employees of what to do and when to do it.

 

Learn More: How To Build A Cyber Security Program

 

Implementing security awareness training has also risen in popularity, as 98% of cyber attacks rely on social engineering as its entry point into an organization’s network.

 

The goal of this training is to inform and educate employees on how to identify common attacks used by threat actors.

 

The wide adoption of these programs owes its success to how effective the training is at mitigating internal risk.

 

Even with training mistakes still happen. In order to reduce this risk further, businesses often deploy email spam filters and anti-malware filters as the first line of defense against phishing attacks.

 

The idea is to catch malicious attachments and links to sites containing malicious code before they reach users.

 

Your systems and devices connected to a network are also at risk if software and patches are not kept up-to-date. Software developers frequently release updates to fix bugs or patch security vulnerabilities.

 

Vulnerability scans and vulnerability assessments are used to identify weaknesses within your system or network.

 

Reports are then drafted categorizing the vulnerabilities found along with an action plan for remediating threats.

 

Continue Reading: How To Prevent Cyber Attacks

 

Learn How To Secure Your Organization

 

No matter where your security maturity lies today, this expert written content will help you learn cyber security to build a more secure organization.

 

These resources are filled with expert interviews, how to guides written by security professionals with real world experience, practical and actionable tips that you can apply today, case studies, and so much more.

 

Privilege Escalation Attacks

Privilege Escalation Attacks: Types, Examples, And Prevention

August 11, 2019

[vc_row][vc_column][vc_empty_space][vc_row_inner css=".vc_custom_1654220785810{background-color: #f9f9bb !important;border: 3px solid #e8d740 !important;border-radius: 3px !important;}"][vc_column_inner][vc_column_text css=".vc_custom_1654220765388{padding: 10px !important;}"]Test & Validate Your Security Posture Our penetration testing services deliver immediate ROI with an agile and efficient solution testing resilience against the latest attacks and APT techniques.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_empty_space][vc_column_text]Privilege escalation attacks exploit weaknesses and security vulnerabilities with the goal of elevating access to a network, applications, and mission-critical systems. There...

Read More
Cyber Security Healthcare Statistics

19 Healthcare Cyber Security Statistics You Need To Know In 2020

July 12, 2019

Recent statistics showing trends in cyber security threats to the healthcare industry are a cause for concern.  Because healthcare facilities are critical, they are increasingly becoming the target of cyber attacks.   In this article, I’d like to take a closer look at these statistics, and what they actually mean for anyone responsible for ensuring the integrity and confidentiality of healthcare facilities....

Read More
security policy templates

14 Essential Network Security Policy Templates You Need

March 30, 2019

IT Security policies are considered best practice when developing and maintaining a cyber security program.   A network security policy is a set of standardized practices and procedures that outlines rules network access, the architecture of the network, and security environments, as well as determines how policies are enforced.   However, policies it alone will not guarantee protection from a data breach or social...

Read More