"Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say."
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.
In 2020, the average cost of a data breach was USD 3.86 million globally, and USD 8.64 million in the United States. These costs include the expenses of discovering and responding to the breach, the cost of downtime and lost revenue, and the long-term reputational damage to a business and its brand. Cybercriminals target customers’ personally identifiable information (PII) — names, addresses, national identification numbers (e.g., Social Security number in the US, fiscal codes in Italy), and credit card information — and then sell these records in underground digital marketplaces.
A strong cybersecurity strategy has layers of protection to defend against cyber crime, including cyber attacks that attempt to access, change, or destroy data; extort money from users or the organization; or aim to disrupt normal business operations. Countermeasures should address:
Critical infrastructure security - Practices for protecting the computer systems, networks, and other assets that society relies upon for national security, economic health, and/or public safety. The National Institute of Standards and Technology (NIST) has created a cybersecurity framework to help organizations in this area, while the U.S. Department of Homeland Security (DHS) provides additional guidance.
Network security - Security measures for protecting a computer network from intruders, including both wired and wireless (Wi-Fi) connections.
Application security - Processes that help protect applications operating on-premises and in the cloud. Security should be built into applications at the design stage, with considerations for how data is handled, user authentication, etc.
Cloud security - Specifically, true confidential computing that encrypts cloud data at rest (in storage), in motion (as it travels to, from and within the cloud) and in use (during processing) to support customer privacy, business requirements and regulatory compliance standards.
Information security - Data protection measures, such as the General Data Protection Regulation or GDPR, that secure your most sensitive data from unauthorized access, exposure, or theft.
End-user education - Building security awareness across the organization to strengthen endpoint security. For example, users can be trained to delete suspicious email attachments, avoid using unknown USB devices, etc.
Disaster recovery/business continuity planning - Tools and procedures for responding to unplanned events, such as natural disasters, power outages, or cybersecurity incidents, with minimal disruption to key operations.
Storage security - IBM Flash System® delivers rock solid data resilience with numerous safeguards. This includes encryption and immutable and isolated data copies. These remain in the same pool so they can quickly be restored to support recovery, minimizing the impact of a cyber attack.
Mobile security - IBM Security® MaaS360 with Watson enables you to manage and secure your mobile workforce with app security, container app security and secure mobile mail.
Dangerous cybersecurity myths
The volume of cybersecurity incidents is on the rise across the globe, but misconceptions continue to persist, including the notion that:
Cybercriminals are outsiders. In reality, cybersecurity breaches are often the result of malicious insiders, working for themselves or in concert with outside hackers. These insiders can be a part of well-organized groups, backed by nation-states.
Risks are well-known. In fact, the risk surface is still expanding, with thousands of new vulnerabilities being reported in old and new applications and devices. And opportunities for human error - specifically by negligent employees or contractors who unintentionally cause a data breach - keep increasing.
Attack vectors are contained. Cybercriminals are finding new attack vectors all the time - including Linux systems, operational technology (OT), Internet of Things (IoT) devices, and cloud environments.
Key cybersecurity technologies and best practices
The following best practices and technologies can help your organization implement strong cybersecurity that reduces your vulnerability to cyber attacks and protects your critical information systems, without intruding on the user or customer experience:
Identity and access management (IAM) defines the roles and access privileges for each user, as well as the conditions under which they are granted or denied their privileges. IAM methodologies include single sign-on, which enables a user to log in to a network once without re-entering credentials during the same session; multifactor authentication, requiring two or more access credentials; privileged user accounts, which grant administrative privileges to certain users only; and user lifecycle management, which manages each user's identity and access privileges from initial registration through retirement. This helps speed investigation and response times to isolate and contain the damage of a breach.
A comprehensive data security platform protects sensitive information across multiple environments, including hybrid multiload environments. The best data security platforms provide automated, real-time visibility into data vulnerabilities, as well as ongoing monitoring that alerts them to data vulnerabilities and risks before they become data breaches; they should also simplify compliance with government and industry data privacy regulations. Backups and encryption are also vital for keeping data safe.
Security information and event management (SIEM) aggregates and analyzes data from security events to automatically detect suspicious user activities and trigger a preventative or remedial response. Today SIEM solutions include advanced detection methods such as user behavior analytics and artificial intelligence (AI). SIEM can automatically prioritize cyber threat response in line with your organization's risk management objectives. And many organizations are integrating their SIEM tools with security orchestration, automation and response (SOAR) platforms that further automate and accelerate an organizations response to cybersecurity incidents, and resolve many incidents without human intervention.
Cybersecurity and IBM
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, provides security solutions to help organizations drive security into the fabric of their business so they can thrive in the face of uncertainty. For help with risk assessment, incident detection, and threat response, be sure to check out:
IBM X-Force Exchange (link resides outside of ibm.com) for global threat intelligence
IBM Security Services for cybersecurity strategy alignment
IBM Security Command Center for deep cyber range experience
1. Keep software up-to-date
Software companies typically provide software updates for 3 reasons: to add new features, fix known bugs, and upgrade security.
Always update to the latest version of your software to protect yourself from new or existing security vulnerabilities.
2. Avoid opening suspicious emails
If an email looks suspicious, don’t open it because it might be a phishing scam.
Someone might be impersonating another individual or company to gain access to your personal information. Sometimes the emails may also include attachments or links that can infect your devices.
3. Keep hardware up-to-date
Outdated computer hardware may not support the most recent software security upgrades. Additionally, old hardware makes it slower to respond to cyber-attacks if they happen. Make sure to use computer hardware that’s more up-to-date.
4. Use a secure file-sharing solution
If you regularly share confidential information, you absolutely need to start using a secure file-sharing solution. Regular email is not meant for exchanging sensitive documents, because if the emails are intercepted, unauthorized users will have access to your precious data.
Using a secure file-sharing solution like Titanfall on the other hand will automatically encrypt sensitive files so that you don’t have to worry about a data breach. Remember, your files are only as secure as the tools you chose to share them with.
5. Use anti-virus and anti-malware
As long as you’re connected to the web, it’s impossible to have complete and total protection from malware. However, you can significantly reduce your vulnerability by ensuring you have an anti-virus and at least one anti-malware installed on your computers.
6. Use a VPN to privatize your connections
For a more secure and privatized network, use a virtual private network (VPN). It’ll encrypt your connection and protect your private information, even from your internet service provider.
7. Check links before you click
Links can easily be disguised as something they’re not so it’s best to double check before you click on a hyperlink. On most browsers, you can see the target URL by hovering over the link. Do this to check links before you click on them.
8. Don’t be lazy with your passwords!
Put more effort into creating your passwords. You can use a tool like howsecureismypassword.net to find out how secure your passwords are.
9. Disable Bluetooth when you don’t need it
Devices can be hacked via Bluetooth and subsequently your private information can be stolen. If there’s no reason to have your Bluetooth on, turn it off!
10. Enable 2-Factor Authentication
Many platforms now allow you to enable 2-factor authentication to keep your accounts more secure. It’s another layer of protection that helps verify that it’s actually you who is accessing your account and not someone who’s unauthorized. Enable this security feature when you can.
11. Remove adware from your machines
Adware collects information about you to serve you more targeted ads. It’s best to rid your computer of all forms of adware to maintain your privacy. Use Ad Cleaner to clean adware and unwanted programs from your computer.
12. Double check for HTTPS on websites
When you’re on a website that isn’t using HTTPS, there’s no guarantee that the transfer of information between you and the site’s server is secure. Double-check that a site’s using HTTPS before you give away personal or private information.
Future of cybersecurity
The environment itself is evolving in several key ways:
Growing network, infrastructure and architectural complexity create a greater number and variety of connections that can be targets of cyberattacks.
Increasing sophistication of threats and poor threat sensing make it hard to keep track of the growing number of information security controls, requirements and threats.
Third-party vulnerabilities will persist as organizations continue to struggle to establish minimum but robust controls for third parties — especially as most vendors, in particular cloud vendors, are themselves relying on third parties (which become your fourth parties and so on).
Cybersecurity debt has grown to unprecedented levels as new digital initiatives, frequently based in the public cloud, are deployed before the security issues are addressed.
Cyber-physical systems are engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). Connecting the digital and physical worlds (as in smart buildings) presents a unique and growing area of vulnerability.