[BreachExchange] Is Mapping Out Cyber Security Important?

Destry Winant destry at riskbasedsecurity.com
Thu Dec 20 22:48:36 EST 2018


https://www.entrepreneur.com/article/325099

Just flip through any newspaper and with all surety you will come
across the huge sum of money being siphoned in a newer kind of
cyber-attack. According to the Indian Computer Emergency Response Team
(CERT-In), 27482 cases of cybercrime were reported in a span of 6
months in 2018. As more people are going online, the cybercrime rate
through phishing, probing, virus, malicious code and ransomware have
become the major modus-operandi of cyber attackers.

Do the increase in losses and cyber-crime rate necessitate the
implementation of expensive cybersecurity systems? Some companies do
not have access to proper knowledge; others find the installation of
cyber-safety too expensive. “With a plethora of topics, adequate funds
and staff, the installation of cybersecurity systems are more of a
headache,” says Sakun Aggarwal, Managing Director of Krishna
Brickworks, who seems to be satisfied with secured passwords for all
his data and records.

However, losses in terms of millions of dollars and loss of private
information of employees, ransom demand to unlock files and various
other malpractices are rising significantly. Ransomware payments hit
USD 2 billion in 2017, twice as much as in 2016, according to
Bitdefender antivirus software firm. Likewise, the cybercrime at
Equifax (EFX), one of the largest credit bureaus, where personal data
of 145 million people was stolen, cannot be ignored. The situation is
alarming. Hence, the need to prioritize cybersecurity becomes
predominant in today’s times.

By definition, cybersecurity means the techniques and processes of
protecting the computers, data and programs from unauthorized access
and misuse which can lead to exploitation. The intruders begin from a
lesser protected system and gradually move up to more confidential and
critical information undeterred, posing a threat to the entire system.
Know-how as to how manipulation can happen and the steps needed to
prevent vulnerability is mandatory and highlighted in following
points:

1. Establish secure passwords and antivirus tools

Mechanisms like emails attachment scanner, strong authentication and
stronger passwords have become the first step of the security
measurements. The passwords shouldn't be easily guessable.  They
should be unique.Ramneet Kaur, COO of Rapid Skillz says, “Avoid using
passwords with birth dates and family names. Else it becomes quite
predictable and easy to guess. Use specialized skill to strengthen
your passwords and secure all data.”

2. Employee training

The employees should be educated and trained against all human
vulnerabilities and guided that phishing is a common scam. The
attachments with emails cannot be locked and thus, should be opened
only if the employees are certain of the sender. They should avoid
clicking any pop-ups that flash on the screen.

3.  Steps to reduce access to information

Easy access to any kind of information should be protected. Various
software like proxy testing programs, encryption software, Virtual
Private Number (VPN) and reliable security software should be
installed.

Vimal Gupta, CEO of New Idea Farm Equipment Company says, “After
having been duped by a fake bank call asking for the credit card
number and its details, later misusing it for their personal use; we
have become wary of the vulnerability around. We have installed
Kaspersky software and become cautious of any fraudulent practices
that are possible.”

4. Updating is the key

Professionals should be appointed to check intrusion at regular
intervals and to tab any lacuna possible by human error. The system
has to be updated every now and then. Keep a note of the latest
pitfalls and mistakes that are causing severe monetary losses and
steps being undertaken to prevent future fallacies globally.

Arpit Jain, Founder of Promatics Information Technology suggests, “It
is advisable to devise a continual back-up to prevent any fallacy and
easy restoration of valuable data in case of adversity. The institute
should be safely guarded against any cyber-crime possible as data is
the crux of all information.”

The bottom line:

Cybersecurity is an ongoing phase. It is undoubtedly expensive but
with the increase in techniques and pace of cyber-crime, installation
of the mechanism is much better than repentance later. One can always
begin with free cyber-security options and gradually prioritize the
digital data security. In the age of digitalization, the digital data
is becoming the crux of all information and hence it has to be
protected against any malpractices.


More information about the BreachExchange mailing list