What is cyber security?
Cyber security comprises the totality of all measures within the framework of IT security to protect computers, mobile phones, networks, electronic infrastructure and devices, confidential data, secret files and online communications against cyber attacks by malware, ransomware or viruses, for example.
As digitalisation advances, most modern companies are connected to the internet in some capacity, making IT security a must-have. It is a serious topic that should be meticulously implemented by management and employees, whether in corporate groups or SMEs.
Legal guidelines and certification frameworks have also been issued for a variety of industries – by the European Parliament and national information security authorities. Under these legal security standards, companies are obligated to protect their own infrastructure from malware through encryption, access management or targeted IT governance, for example.
Insufficient cyber security poses a significant security risk to any company looking to drive their digitalisation strategies. According to a report by the University of North Georgia, 2645 data records have been stolen every minute since 2013, although the number of unreported cases is probably much higher. Threatmap, a website that charts different cyber attacks worldwide in real time, puts the number of daily attacks at 40 to 60 million.
In order to be able to successfully ward off cyber threats, it is important to differentiate between the five most common types of attacks.
Malware
Malware is a collective term for different types of malicious software, including viruses, spyware, ransomware or worms. In general, malware exploits known and unknown vulnerabilities in a network to gain access to the critical infrastructure behind it. This can include databases with confidential customer data or encrypted company information, employees’ computers or even source code repositories of (company) software.
Ransomware
Ransomware is a particular type of malware that has become increasingly widespread in recent years. Ransomware attacks encrypts all systems or data and files in a company network, and only the attacker can decrypt it again. They then use this as leverage to blackmail affected companies. Either management pays the demanded ransom or the data remains encrypted and inaccessible. Depending on which data is affected, ransomware attacks can bring businesses to a standstill.
SQL injections
Almost all companies generate data that has to be managed, which is where well-known database systems come in. These systems are usually accessed and operated using Structured Query Language (SQL). An SQL injection is when an attack ia launched via a phishing e-mail with the aims of feeding a database server with corrupt SQL queries. This is used to reach information that is actually not accessible in a database. Search fields on company websites, for example, are often internally converted into SQL queries and sent to a database. If these SQL queries are not implemented correctly, however, an attacker could use the search field to access any information from the database.
Man-in-the-middle
Man-in-the-middle (MitM) attacks are cyber attacks where the attacker interposes himself between the digital communication of two systems to record or even alter the entire exchange without the systems being aware of it.
Zero-day exploits
Zero-day attacks are intrusions via previously unknown vulnerabilities in software that are exploited for the first time. No anti-malware tool will be able to fend off the attack, as it is not a known point of attack. However, a solid cyber security concept should be able to quickly isolate affected systems in the company network and therefore limit the extent of the damage.
There are many more attacks than those listed here. Cyber criminals are constantly developing new malware and attack methods to circumvent cyber security measures including anti-malware software, cloud security, incident response or new encryption techniques.
How does cyber security work?
Of course, no security measure can never offer complete protection against cyber attacks. However, a dedicated concept to ensure the system is always defended against malware, ransomware, spyware or viruses will exclude many weak points in a company network from the outset. Provided they are known. The digital security concept should take into account the five principles of information security, which define how data, files and other information is used, processed, transferred and stored.
Availability
In order to prevent computer attacks, availability of data means that certain information within a company must be available at all times to authorised persons via defined access points.
Integrity
Data integrity should also be continuously safeguarded. This involves ensuring the data from the company’s own IT infrastructure is not corrupt and has not been changed by unauthorised persons or modified during transmission.
Confidentiality
The principle of confidentiality ensures data is only made available to persons or systems that are authorised to view or process it. A security concept should therefore define exactly which persons have access to which confidential information so all files and computers in the company are adequately protected.
Authentication
Data must be protected against malware through access controls such as 2-factor authentication. In addition, data access rights should be assigned by user group and role. These steps regulate the authentication of the user and define who is allowed to read, write and/or process which data.
Non-repudiation
When data is transferred, it is essential that the sender and recipient are actually transmitting the correct data and that the transfer is complete and successful. The principle of non-repudiation ensures that a sender cannot deny the authenticity or integrity of a message or transaction that they have sent using cryptographic techniques such as digital signatures and digital certificates.
To allow companies to successfully implement cyber security, there are a variety of guides and frameworks that help organisations develop and implement meaningful strategies. Five of the most important frameworks worldwide are Cyber Essentials (Plus), ISO/IEC 27000 series, COBIT, NIST and MITRE ATTQ&CK.
What are the benefits of cyber security?
Companies often shy away from implementing information security measures, as it can be a time-consuming, costly and complex process that requires integration with existing systems and may involve restructuring existing processes. The economic advantages of cyber security, however, clearly outweigh the effort required for its implementation.
Prevention of financial loss
Simply the act of repairing affected systems and making them operational again after an attack involving malware, ransomware, virus-infected software or DDoS can be incredibly costly. And this doesn’t even take the significant financial losses due to theft of funds, business disruption and legal fees into account.
A well-planned and thought-out cyber security strategy protects companies against various automated attacks by malicious software. In addition, it is possible to detect successful security breaches early on, limit them and thus mitigate the operational fall out. Depending on how comprehensive the concept is, backups and recovery strategies can quickly have them up and running again, which minimises downtime and costs.
Protection of brand reputation
Depending on the industry, such as banking, insurance, the public sector or professional associations, seamless data security is part of the commitment organisations make towards their customers. IT security measures that can be communicated transparently to the outside world strengthen the trust of stakeholders, and can help attract new customers.
Avoid regulatory fines
Oftentimes companies will not share that they have been victim of a cyber attack for fear of impacting their reputation. However, countermeasures can only be developed if a software vulnerability is made known and other companies are given the opportunity to fix it. Many countries have, therefore, introduced legal reporting obligations and minimum IT security and data handling requirements. The resulting fines can be significant. For example, the ride-hailing company Uber had to pay a fine of more than $148 million, in the US in 2018 because the company had concealed a cyber attack from October 2016, during which the data of around 50 million passengers and 7 million drivers was stolen. On 25 May 2018, the Europe-wide General Data Protection Regulation (GDPR) came into force, which defines the way personal data should be processed by companies, for example. If companies do not comply with GDPR when handling personal data, they face high fines in addition to the financial damage caused by the attack. These fines can be as much as 4% of the company’s annual turnover (source: Manager Magazin). To avoid being fined for poor data management, companies should seek out legal advice early on and implement an appropriate IT security concept without delay.
Where does Lobster come in?
Availability
- High availability load balancing system
- Fail-safe load balancing system
- Data processing guaranteed at all times
- Lobster_data Cloud
- 24/7 or 8/5 monitoring
- Operating guarantee with a fault tolerant system
- Always available with cloud-based backups
- Data transfer via all common security protocols AS2, AS4, HTTPS, SFTP/OFTP
- Encrypted data transmission (via VPN)
- Data transfer monitoring (also verifiability)
- Logging user activity
- Connection of systems via an in-house DMZ
- 2-factor authentication
- LDAP
- Access rights, users, clients
- Portal access for external companies
- Data transfer logging
- Data transfer monitoring
- Monitoring/validation of transferred data (AS2/AS4)
https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html
https://www.bsi.bund.de/DE/Das-BSI/Auftrag/Gesetze-und-Verordnungen/Cyber-Security-Act/cyber-security-act_node.html
https://www.bsi.bund.de/DE/Das-BSI/Auftrag/BSI-Gesetz/bsi-gesetz_node.html
https://sdi.ai/blog/5-principles-of-information-assurance/
https://cybersecurityforme.com/what-are-the-5-pillars-of-cybersecurity/
https://riversafe.co.uk/tech-blog/nist-framework-5-pillars-for-your-cyber-security-strategy/
https://www.nist.gov/cyberframework/online-learning/five-functions
https://ung.edu/continuing-education/news-and-media/cybersecurity.php
https://dsgvo-gesetz.de/art-1-dsgvo/
https://mip.bsi.bund.de/