Cyber Security: Connecting
Cyber Security: Securing
Cyber Security: Managing
Cyber Security: Partnering

Cyber Security – What Is It?

The term “cyber security” has been growing in popularity in recent years, and is often used to cover all aspects of IT security. As is the case with most IT terms, cyber security often means different things to different people.

Here at Seccom Global, we have developed the following cyber security definition:

Cyber Security protects organisations and individuals from loss of information, degraded operational capability and / or reputational damage through a combination of people, process and technology measures.

Adverse impacts may be experienced as a result of malicious attacks or inadvertent action / behaviours by either external entities or trusted insiders.

Cyber security is a critical consideration for all organisations, regardless of their size. As we see an ever-growing number of devices being produced with network capabilities, and an ever-growing quantity of devices being connected, we are also seeing an increase in the volume – and complexity – of cyber attacks.

Cyber attacks can take many forms. Some of the most common include:

  • Spam

    Although spam rates have been on the decline over the past few years, electronic junk mail is still a common cyber threat – even if it generally more annoying than dangerous.

  • Viruses, trojans & malware

    Viruses can be distributed via malicious websites, emails, social media or physical media. Their damage can include deleting of files, blocking certain applications, causing devices to behave erratically – some may even wipe hard disks. Trojans are software programs which are (normally) malicious disguised as helpful software. Damage can include disabling key applications including anti-virus tools, logging keystrokes in order to steal private information, corrupting system files and more. Malware is a broad term for “malicious software” and includes keyloggers, spyware, forced advertising and ransomware (extortion).

  • Phishing, pharming & spoofing

    These attacks all focus on identify theft. Phishing involves an email disguised as coming from a known, reputable source (such as a financial institution or government agency) hoping to obtain personal information from the victim. Pharming consists of an internet site designed to look like a reputable business, which includes a mechanism of capturing the victim’s details. Spoofing is the name given to a cyber criminal who pretends to be an authorised employee or contractor with the aim of obtaining confidential information.

  • Denial of Service (DOS attacks)

    A DOS attack is any attempt to prevent a machine or network device from being accessible by its intended users. This is normally achieved by the attacker flooding the network with useless traffic.

  • Employee IP / data theft

    Insider Data Theft is a growing trend. It has been reported that more than 80% of breaches can be attributed to employee negligence – sharing passwords, losing a USB key, forgetting to secure the physical premises of the company and so on.