What is Cybersecurity?
Cybersecurity is the practice of protecting computers, networks, servers, mobile devices, electronic systems, and data from malicious digital attacks. The aim of these digital attacks is usually the theft or destruction of data, the extortion of money, or to cause mischief and mayhem to a business or organization.
According to a Varonis article on cybersecurity statistics:
- The average cost of a malware attack on a business is $2.6 million
- Worldwide cyber crime costs will hit $6 trillion annually in 2021
- Since the pandemic began, the FBI reported a 300% increase in cyber crimes
- Remote work has increased the average cost of a cyber breach by $137,000
- Hackers attack every 39 seconds and the rate is expected to increase to an attack every 11 seconds by the end of 2021
These figures are staggering, and show that former FBI director, Robert Mueller, was correct when he said “There are only two types of companies: those that have been hacked and those that will be.”
Types of Cybersecurity Threats?
Phishing is usually an email or phone call from a cyber criminal pretending to be someone they are not, such as your bank, in order to steal your personal or financial information. As an example, you may receive an email that looks like it came from your bank, the link in the email may open a page that looks like your bank’s with the colors and the logo – but it is designed that way to get you to give up your username and password so that criminals can log in to your actual bank account and transfer money to their own outside accounts.
Ransomware is the encrypting of your data for the purposes of holding it hostage until a ransom is paid. Often times this is the product of opening a suspect file or email attachment which executes some code and begins the encryption process.
While phishing and ransomware are often categorized under the umbrella of malware, there are so many other types of attacks which are considered malware. Malware is any software that attempts to steal, destroy, ransom, or lock you out of your data for the purposes of gaining access to personal or financial data. It may even be used to just annoy or destroy for no other reason than to annoy or destroy.
Social engineering is the art of manipulating people to gain personal or financial information, or access to protected systems. It can be both in person, over the phone, or through emails – with the attacker often posing as someone else, such as a friend, a representative of a trusted company, or an agent of the government. Through manipulation tactics they have vital information divulged which gives them the access they need to a computer, to an account, or to a building.
What can I do to protect myself and my business?
95% of all cybersecurity breaches are caused by human error. The first step is filling the gaps in knowledge and finding out what you don’t know. The best way of doing this is through training – training staff on the latest trends, what to look out for, what best practices to follow. The second step is understanding that the best training in the world won’t save your business if your technology stack is not set up in such a manner as to protect you. Making sure that your systems are set up correctly, that you have (the right) backups in place for all your data, and that your team is equipped with the right tools, policies, procedures and education will go a long way to keeping your business or organization safe.