Home / Our Blog / Spotlight on Cybersecurity

Spotlight on Cybersecurity

Что такое кибербезопасность

Cybersecurity has long been in the spotlight. Companies are increasingly facing serious system failures, large information leaks, privacy breaches and significant financial losses. At the same time, many managers still don’t know how to approach information security and don’t take appropriate measures, hence causing significant losses. To avoid making such mistakes, we would recommend familiarising yourself with the risks, strategies and solutions that can help protect your company from cyberthreats.

What is information security?

Let’s start with the fact that information security (InfoSec) is not some special server or awesome antivirus that you can just “put and forget”. It’s a set of administrative and technical measures that prevents attackers from gaining access to data or enterprise IT systems. It’s an ongoing process that requires constant attention and monitoring.

Furthermore, it’s necessary to take into account that the number of digital assets is growing steadily and more and more aspects of business are being digitised and automated. So paying attention to your security organisation is definitely worth it.

What threatens information security?

It’s not so easy to get the hacker’s attention, because it is difficult, highly skilled and quite dangerous work. But you need not be a crypto exchange to become a victim of fraud. 

You can be hit by a massive cyber-attack that aims to infect as many vulnerable computers  as possible or become the victim of a targeted attack, where a hacker selects cracking tools specifically for the weaknesses of your infrastructure. Moreover, there are always internal threats by your own employees.

Whatever the attack is, massive or targeted, the following techniques can be used against you:

Malware

which scammers design themselves to damage the user's computer or data on it. Such software is often distributed under the guise of harmless files or email attachments. Malware comes in many forms, but the most common types are:

  • Viruses, which are programs that infect files with malicious code.
  • A Trojan Horse that hides under the guise of legitimate software.
  • Spyware is software that secretly monitors users’ actions and collects necessary information.
  • Ransomware that encrypts files and data to get a ransom for their recovery.
  • Adware is an advertising-supported software that can be used to spread malware.
  • Botnets, that are computer networks infected with malware.

SQL injection

is one of the most common web hacking techniques. Its essence is to enter arbitrary SQL code into the data. This type of cyberattack is also used to steal information from databases.

Phishing

is an attack that aims to scam a user's confidential information. Criminals usually just send emails to victims, posing as an important organisation, and gain access to the data they need.

Man-in-the-Middle (MitM) Attacks

is an attack in which a cybercriminal intercepts transmitted data. The hacker becomes an intermediary link in a two-party transaction without the victim even realising it.

DDoS attacks

when criminals overload the target's networks and servers, causing the system to stop working properly and become unusable.

Each of these techniques, in one way or another, threatens the confidentiality, integrity and availability of data, which could cause reputation, financial and productivity losses. Let’s find out  about the types of risks that can come up.

Breach of privacy

When attackers gain access to information and can quietly snoop around, sell your data to competitors or put it out in the open.

Breach of access

When an attacker stops all systems from working. For example, an unfair competitor hires a cybercrime to hack into your infrastructure and delete all your information. The more digitised a business is, the more likely it is to face serious consequences of such actions.

Breach of integrity

This is deleting or modifying data. If a significant part of your business is the storage of important information, such actions can be fatal. Add to this the efforts to recover from data modification or deletion, as well as the direct financial loss, and you can see the completeness of risk.

How to reduce the damage from cyberattacks?

Everyone gets hacked, and it’s better to be ready for it. A smart approach to cybersecurity involves multiple layers of protection for computers, networks, programs and data. An organisation needs to set up the right interaction of people, processes and technology to provide effective protection against cyberattacks. Here are some obvious, but no less effective, tips.

Privacy

It's quite simple: the less you need to hide from prying eyes, the more often you delete old data and the more segmented your services are, the less damage you take.

Accessibility

The more dependent you are on IT, the more serious the damage will be. The best way out is to be prepared to work without IT. If you have an internet outage in your office, employees should continue their work. For example, they should take on tasks that don't require the Internet. You could always hold appointments, meetings or team-building events. And such solutions should be prepared in advance. Also, if you are providing a public service, it would be wise to notify users of service problems and estimated recovery time.

Integrity

Backup is the first and most important step to minimise damage when data is deleted or changed. Even if an encryptor obtains all your data, on all your computers and servers, you can always get a fresh backup. Also, backups protect against employee mistakes that accidentally delete or corrupt data.

Of course, the number of cybercrime and fraud schemes is still on the rise. In particular, the COVID-19 pandemic contributes to their spread. Therefore, companies not only need to think seriously about how to strengthen the cyber defences of their IT infrastructure, but also how to improve the cyber literacy of their employees. Outsourcing your enterprise cybersecurity could solve this problem.

Outsourcing cybersecurity

And now for the good news: you can protect yourself against almost all attacks, threats and risks. And it’s not necessarily up to your staff to organise the InfoSec, you could always outsource those tasks.

All that remains is to choose the right type of service:

Pentesters

These are “good hackers” who try to hack into your IT infrastructure as “malicious hackers” would do. Their services are usually divided according to their knowledge of your infrastructure.

Black-box pentest

When only the name of the company or website is known, the hacker needs to use open source intelligence tools (OSINT) themselves and then exploit the collected information to find vulnerabilities in your IT infrastructure.

Gray-box pentest

When you give a piece of information or access to the code of your website or product. In this case, the pentester takes the place of a hacker who’s already penetrated the infrastructure, either obtained the data or is an employee of yours.

White-box pentest

When you don't hide anything from the pentester at all and contribute in every way to the InfoSec audit.

Such services cost from $5k to $15k and are completed within a month by a team of experts. As a result, you get a report with information about successful and unsuccessful attack directions, as well as recommendations on how to fix the vulnerabilities. It’s important to understand that you should order a pentest when you’ve already implemented all the necessary security features, otherwise the pentest will take the shortcut and the full potential will not be achieved.

Cybersecurity Providers

It’s a distributor of software from major vendors who doesn’t sell their software directly to customers. Typical examples of vendors: IBM, Cisco, Symantec. Dealing with vendors involves expertise on your side, i.e. an IT security specialist who can select the solution, configure and maintain it. Vendors prefer to work with medium and large companies (100 employees or more) that have an InfoSec specialist in a command. It’s important to understand that their goal is to sell their product. Therefore, they’ll offer a paid solution for every problem and won’t try to solve the problem architecturally.

SOC (SECURITY OPERATION CENTER)

All of your systems generate events (logs), such as authorisations, some user actions and system events. The SOC gathers, aggregates, looks for correlations in events – in short, detects the signs of hacking. It’s a fairly expensive service as it requires the storage of a large volume of logs, expensive SIEM systems, and a highly qualified analysts staff. At the same time, the service is very effective, as it can detect the most sophisticated attacks using zero-day vulnerabilities that aren’t detected by anti-viruses.

The best anti-viruses are thought to cut off 99% of attacks, and only the remaining 1% is detected by experts in ‘manual mode’. However, the service requires a high level of expertise from the client, who must transmit all logs to the SOC as well as respond to the threats identified, as the SOC doesn’t stop threats, it only detects them.

Кибербезопасность что это

Preparing for certification

If your company is regulated, you have to satisfy the standards requirements. For example,  if you want to process credit/debit cards you need PCI DSS, GDPR required if you have at least one European among your customers, it should be Cyber Essential for working with UK government agencies. The goal is to get certified, and the actual security is secondary, i.e. not the focus of the experts. Typically, such training costs $5k-15k.

Polygraph examiners

As strange as it may seem, “lie detector” is the most effective protection against data leakage. Yes, there are many DLP (Data Loss Prevention) systems on the market, but they are only effective if the processes are debugged and regulated down to specific actions. Moreover, DLP is expensive, complex in operation and requires a specialist knowledgeable in your business processes. As practice shows, it is always easier to interview an employee during hiring, especially since such a survey costs $50-$100.

Complex services (MDR)

This is an ideal solution for all companies that don’t have their own InfoSec specialists. In this case, the contractor’s task will be to select the most effective arrangements for their client’s cybersecurity system.

Is your IT infrastructure protected?

Practice shows that in 90% of cases, security is given residual attention. This is not because IT specialists are incompetent or fail to do their job. But often they are too focused on other tasks: providing the service as quickly as possible and keeping it up and running. Somewhere ports are left open, somewhere weak passwords are set, and all due to haste. And these are the best entry points for attackers.

If you’ve decided to set up a cybersecurity system and protect your business from cyberattacks, you’re welcome to contact the os.eco team today to find an effective solution for you.

Zholnay Kyryl,
CEO DIS.works & CO-CEO 
os.eco

Our Portfolio

Setting up a security and video surveillance systems

Service: Support for offices and any other locations

Opening a 200-employee office in two months instead of three

Service: Support for offices and any other locations

Recovering from a large-scale DDoS attack

Service: Cyber security and IT support

We are here to assist you

Kyiv, Sports Square 1, BC Gulliver