The world has recorded several cyber technological attacks and fraud on unprecedented scales. These attacks remind us that cyber crime is a growing phenomenon worldwide, and we must continually outline prevention mechanisms.
Information technology security involves not only technology, hardware and software, it involves the protection of data, information, processes, organizational culture, it involves all intellectual property of the Company. The growing number of IT attacks highlights the need to consider information systems security as a critical business factor.
In order to reduce the risk of business interruptions, mitigate complex system failures, comply with the surrounding legal requirements and ensure the Company's future sustainability, the Company must have implemented controls to obtain an effective overall view of the level of security present in its infrastructures.
At the moment the main security threats are:
- DOS / DDOS (Denial Of Service / Distributed Denial Of Service): Aimed at creating unavailability of service and making it impossible for the company to operate its systems, leading to a potential financial loss;
- MITM (Man-in-the-middle): Attacks that seek to obtain privileged access to information. If done on the internal network can have a high impact;
- Password cracking / Bruteforce: Passwords discovery process, through trial and error. It can only be carried out if the services are not protected with due security controls;
- Ramsomware: The attack that has been most reported. The information is encrypted and only becomes available after payment of an amount. Paying this value does not guarantee data recovery. This type of attack is usually triggered through the internal network, however the threat may come from outside (opening an infected email);
- Attacks of social engineering: One of the major vulnerabilities of systems is found in the people who operate them. Only these are able to bypass controls, no matter how rigid they may be. And it is for this reason that it is important not to neglect possible attacks of social engineering. It is fundamental to raise awareness about the theme, usually called "security awareness".
Which systems should be safeguarded?
Before proceeding to the improvements in the information technology security environment, it is essential to carry out the proper risk analysis.
First, you need a strong financial investment to make the applications robust from a security standpoint and above all you need to ensure that this investment is done periodically as new threats are constantly emerging.
It is in this sense that risk analysis becomes fundamental to determine which are the most critical applications for business continuity and which are the applications that contain the most relevant data. The security focus should be primarily on these applications, to ensure that if there is a security breach, the data will not be disclosed to third parties.
The greater the exposure to the Internet (emails, websites, other services), the greater the likelihood of being targeted. The real need for exposure of certain services should also be considered. It is only after the scope has been determined that they should direct efforts to improve the Information Technology environment.