Cyber security, computer security or IT security is the protection of computer systems from theft of or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide. Cyber security analysts help prevent attacks through their expertise and knowledge of databases, networks, hardware, firewalls and encryption. Cyber security analysts may also regulate access to computer files, develop firewalls, perform risk assessments and test data processing systems to verify security measures.
In a world where so much communication takes place online, our personal and business security is constantly under threat. We store so much information online and often pay insufficient attention to putting in place and updating security measures that protect our personal and business data. What are the real risks and do we really need to services of cyber security companies?
In September a case was held at The Old Bailey where job hunters applying for positions at London’s Harrods store were targeted by cyber criminals. The position appeared to be posted by well-known recruitment company Blue Arrow, but this was a fraudulent cover. When the job hunters downloaded the job descriptions and application forms, they infected their computers with a bug. The hackers then retrieved personal details that enabled them to clear the job hunter’s bank accounts, totalling over a million pounds.
This may seem a relatively small scale target, which has no relevance to you. So, imagine the detrimental effect if your company’s computers were targeted. Not only could your business data and finances be stolen, but in most cases valuable information regarding your clients, suppliers and partner organisations. If it is worth stealing the bank accounts of job hunters, imagine the value of your business to a competitor if a hacker were to sell your client database, intellectual property and profits.
PWC were commissioned by the department for Business, Innovation and Skills (BIS) to conduct a cyber-security survey with UK companies. The aim was to identify trends, specific threats and to build awareness of the risks to business. The results showed that security breaches were growing, particularly amongst SME’s. Large businesses were facing a significant attack every few days, leading to losses of funds and data. Despite this, most businesses were struggling to keep up with updates to security measures.
The biggest cause of security breaches come from employees, who are often unaware of the potential outcomes of simple actions. These include transferring information between home and work computers via USB sticks, using weak passwords to access restricted data and logging onto social media sites on a work computer. The PWC survey suggests that 36% of the worst breaches were a result of human error. Despite this 42% of the large organisations surveyed didn’t provide security training for their staff.
Blockchain is the future of cybersecurity
Blockchain is a non-editable record of data managed by a cluster of computers. The system is not owned by anyone and it acts like a democracy of data. The technology is all about ‘blocks’ of data ‘chained’ in a public database. It’s like an encrypted digital ledger that is shared among a closed network. Blocks can usually store upto 1MB of data. So if you have more transactional information, you have to store it in different blocks and chain them together. Once a block is added to the Blockchain, it turns public for anyone to view. Blockchain offers complete transparency of the transaction but at the same time ensures privacy too. This is why experts call it the future of cybersecurity. Still, critics question the scalability and sustainability of the technology. So is the technology really viable? Let’s discuss!
Why is Blockchain transparent?
You can connect your computer to the Blockchain network and receive updates whenever a new block is added. Since every piece of information is spreading across a network of computers, it is very difficult to manipulate the data. This is because, the hacker will have to hack into the thousands (sometimes millions) of computers in the network and manipulate every copy of the Blockchain. Not that easy!
Is your information kept private?
The blocks contain more of transactional data recorded with a unique user ID called the ‘digital signature’. All your transactions will be stored under this digital signature and not your name. So even if your blocks are on a public database one cannot search for your transactions that easily. For example, Instead of “Roger sent 1 BTC” , your transaction will be recorded like this:
“1MF1bshFLkBzz9vpFYEmvwT2TbjCt7NoJ sent 1 BTC”.
This is how Blockchain ensures privacy and transparency at the same time. Blocks are differentiated from the other blocks using a code called hashes. Each block has a unique hash. The position of a block in the chain is called ‘height’.
Why is Blockchain Immutable?
Also, you can’t stealthily alter a block. If you edit a block, it’s hashcode changes as well. Since blocks are stored sequentially, the changes in one block would affect the hash of the other and this would go on like a chain reaction. So every tiny change you make would be apparent and it is almost impossible to hack these systems. So the bottom line is this “once you add a block to the chain, it is difficult to edit it and impossible to delete it.
So, where is the Blockchain server?
Nowhere! Blockchain is stored in a cluster of computers using peer to peer networking. Having a single server for all the nodes in the network would slow down the process of downloading and uploading. Also, when there is a server failure, it would affect all the nodes in the network. But this is not the case in peer to peer networking. By eliminating the single server system, even if one computer fails, there is always another one to download data from. Peer to peer networking also have the advantage of not being prone to censorship.
What Blockchain means to Cybersecurity?
Apparently, Blockchain is a very viable technology when it comes to protecting data. Here’s a list of top 4 use-cases:
In the data age, there’s nothing as harmful as storing all your data in one place. By decentralising data storage, Blockchain revokes hackers from having a single point entry. Another advantage of blockchain data storage is that even if you give access to third parties, you can revoke the cryptographic access key anytime.
2. IoT security
IoT is becoming ubiquitous in enterprises and every system is networked. If one trivial device like a smart doorbell or a thermostat is hacked, it becomes a doorway to hack the other devices. This is where Blockchain comes in to save the day. With blockchain, devices don’t need to rely on a centralised control system. This way devices can make their own decisions and block necessary data if any suspicious behaviour is detected. Blockchain would also render a safer DNS and private messaging systems.
3. Secure authentication
ID management is one of the most sensitive systems in an enterprise. Passwordsense considering the advancement of hacking systems today. But blockchain systems are reliable because they use biometric data and private keys. According to Facebook, accounts are hacked 600,000 times a day.
4. Automated Updates
Hackers inject malware into the systems in the form of updates. This becomes worse in the case of automated systems where there is no human entity to verify the authenticity of the updates. But blockchain based systems recognise potentially harmful components and block them.
Wrapping it up,
The scope of Blockchain is not just limited to Cybersecurity. The technology is making significant strides in other industries as well. Since it is very secure and transparent, the transactions can be totally done between two parties without needing a middle man. This means you can hire a cab without Uber and book a stay without Airbnb. Cutting out the third party applies to financial institutions too. Blockchain will replace all the operations carried out by a bank. So in the future, bankers would just be mere advisers and not the gatekeepers of your money. Also, Stockbrokers will not be able to earn through commissions. It’s truly going to bring revolutionary changes in the next few years.
Insights on Cyber Security, Types of Cyber Attacks & Their Effect
With the advancement and modernization of technology, the threat of cyber-breaches has reached sky high and somehow we are also responsible for the growth of these activities as proper security steps are not always been taken to restrict them.
However, since last few years due to the increase in the awareness, the security features against cyber crimes has been made strong in both government and private sectors but still there are huge loopholes which is being used to commit these kinds of crimes.
Types of Cyber Attacks, Their Effect and Solution:
DDoS Attack: – Distributed Denial of Services what DDoS means. In this, the attacker takes control of several computers by hacking into the system and creates many zombie computers. Then all the systems are used together to send bulk data to any particular websites or server causing overloading and end result is slower service to the legitimate users and even complete shutdown of the website or the server.
- Solution: – It may not directly affect you, but your system may be responsible for a bigger incident. Below are the steps that can be followed to reduce the chances of anyone taking over your system: –
Install latest version of antivirus.
Firewall is also very effective in restricting the generation of unwanted traffic from your system.
Manage unwanted emails.
Avoid clicking on links or opening attachment sent from any unknown source.
Hacking: – This one is the most common term related to cyber attacks, here someone gains access to your system by unauthorized manner. So after the access is taken, the attacker can get access to any files in the system, like private files, pictures, information and others. Installing Trojan horse allows the person to get access to your system at any point in time.
- Solution: – To secure the confidential data and information, you need to protect your system from getting hacked by:-
Strong and uncommon password.
Update software’s on regular interval to protect from Malware.
Ensure security while making internet phone calls.
Get antivirus for additional security.
Malware: – It is the most common way used to gain access to your system or damage the same. In this process malicious software’s like Trojan horses, adware, virus and others are used to infect the computer. It is same as gaining complete access to your system as do all kind of possible damages.
Cybersecurity market trends – The Past, Present and the future
The privileges of digital transformation bring with them their fair share of cybersecurity risks. According to McKinsey, 47% of companies encountered cybersecurity breaches. This is serious considering the quantum of sensitive data being digitised today. Besides strong passwords and multifactor authentication, experts recommend an insurance too. Some experts say that cyber attacks are more dangerous than nuclear weapons.Keeping privacy private has become a hardwon luxury. So how did these cyber crimes evolve? Do we have enough resources to defend? Are companies future-proofing their data against these threats? Let’s discuss!
The Past: Evolution of cybercrimes
It all started with a failure project
Three decades ago the word cybersecurity did not exist in the IT vocabulary. It all started with an error created by a student of Cornell University in 1980. The project intended to measure the size of the internet by infecting UNIX systems. But an error made all the networks clog and systems crash. This was called the computer worm and is the world’s first cyberattack (though that wasn’t the intention).
“I Love You” Virus and the Mafia Boy
The 1990s introduced the world to more aggressive threats called viruses. Two viruses named “ILOVEYOU” and “The Melissa” had a front seat among the group of viruses. They made headlines for failing the email systems across the world. In 2000s, Michael Calce (a.k.a. Mafiaboy) attacked the e-commerce websites that cost the industry a whopping $1.2 billion. Followed by this was an era of credit card hacking and corporate data breaches.
Yahoo Data Breach
Yahoo is the biggest victim of data breach in history which exposed over 3 billion accounts in just a year. Post this scandal, Yahoo had to sell the company for $4.48 billion, though it was once valued $100 billion. And now, we have reached a point where everything on the internet is at risk!
The Present – What’s happening?
Let’s face the truth: Today’s solutions are not sufficient! Current cybersecurity models don’t operate at cloud speed. Also, there’s a huge talent gap in the industry. Despite witnessing disasters like the Yahoo data breach and Capital one breach, over 60% of the companies don’t update their IT systems. Today, business can lose up to an average of $2 trillion per year due to cyber crimes. IoT insecurity is more threatening than phishing links. Gartner predicts connected devices en route to hit 25 billion in 2021. This equates to a titanic amounts of cyber risks. The entertainment industry is also facing big challenges as hackers leak the content before production companies itself.
The Future: Cybersecurity business is the next big wave!
Where there’s a problem, there’s an opportunity! Yes, Cybersecurity market is getting off the ground. Cyber Crimes have given birth to a whole ecosystem of cybersecurity startups. Companies started offering free cybersecurity software to secure future elections. The catch? Publicity! Just imagine advertising your software company to a whole country. Cybersecurity companies and the government are doing all the heavy lifting to prevent the damages that are estimated to hit $6 trillion in the next few years. This eventually creates a demand for talent which reflects on 3.5 million open positions by 2021. Besides human talent, cybersecurity would need tons of automation. Infact, the cybersecurity industry runs by less than 2% of humans. The rest is automated. The cybersecurity industry is also being empowered by technologies like AI and Blockchain. So the demand for cybersecurity would reflect on the AI, Robotics, automation and Blockchain technologies as well. Cybersecurity business seems to be the next big wave!
Cybersecurity stocks to watch
Digital transformation and cloud are making significant strides in the tech industry. This is one of the major reasons for making the cybersecurity market really lucrative. Here’s a list of top 3 Cyber Security stocks to watch in 2019:
- FireEye: The Milpitas-based start-up provides cybersecurity solutions for enterprises and governments. Founded in 2004, the 15-year-old company has hit a valuation of $2.69 billion (as of 2018). The unicorn has acquired over 7 startups and generates an annual revenue of $831 million dollars.
- Qualys: The Foster City-based company is providing cybersecurity solutions for cloud-based applications and data. The company has made over 3 acquisitions so far and is valued at $360.6 million. The company generates $289.4 million in revenue annually.
- Fortinet: The Sunnyvale-based startup provides integrated and automated cybersecurity solutions. The company valuation has hit a whopping $14.03 billion and generates an annual revenue of $1.08 billion. Fortinet has made 11 acquisitions so far.
Wrapping it up,
Governments and corporations are starting to realize the importance of cybersecurity. Almost all the tech companies have decided on having cybersecurity expert as a board member. Though speculations suggest cyberwars in the future, countries are getting ready to defend. In fact, the National Security Agency (NSA) of the USA has already launched its cybersecurity arm. Also the defence department is creating a Blockchain based cybersecurity shield. Tech giants in the U.S are dumping millions into the industry. New York which is the capital of Media and Finance is trying to become the cybersecurity capital as well. The future looks like a more secure place.