The discipline of cybersecurity
The Zimbabwe social media scene, or “Zwitter” in street lingo, was aflame a few of months ago following the “hacking” of the Zimbabwe Electoral Commission website, or as some publications put it, “ZEC’s IT infrastructure”.
The discourse following on from that incident brought to the fore how cybersecurity issues have perhaps not been given the necessary attention by public institutions in Zimbabwe and possibly by most Zimbabwean institutions, both private and public.
What is cybersecurity?
Cybersecurity has been defined as the discipline of leveraging technologies, processes, controls and protocols to protect computer systems from unauthorized access or otherwise being damaged or made inaccessible. It is a subdomain of information security, which itself is a broad category which deals with the protection of all information assets whether in hard copy of digital form.
Why cybersecurity?
One of the most valuable assets of any organization in today’s digital economy is its data and information. Any organization therefore, that is alive to its fiduciary responsibilities would take measures to prevent or minimize the impact of any event or incident that would jeopardize the integrity of these valuable information assets. A number of factors make it imperative for organisations to adopt a disciplined and systematic approach to cybersecurity.
◆ The cost of a cybersecurity breach is often very high. In addition to the possible loss of valuable data and actual direct financial loss, there are often other non-financial costs to be considered including reputational damage which itself often leads to financial loss down the road.
◆ Cyber-attacks continue to increase in sophistication, with attackers adopting an ever-increasing array of tools and tactics. Organisations consequently must stay abreast with emerging attack methods as well as preventive measures.
◆ The incentives for attackers are huge and continue to grow, ranging from direct financial gain to political, ethical and social motivations. Some estimates have put the annual global losses due to cybercrime at more than US$1 trillion.
Who should implement cybersecurity?
It’s a grave mistake to believe that its only rich organisations and not you as an individual that is of interest to cyber attackers. Every individual and institution that deals with the internet or even uses mobile technologies needs cybersecurity. This is because a lot of cyber-attacks are now automated and exploit common vulnerabilities of the underlying technologies that the solutions that we rely depends upon, such as exploiting vulnerabilities of the underlying operating system that the software that you are using runs on.
The impact of a cybersecurity breach can be and often are devastating to both individuals and organisations.
Domains of cybersecurity
A wholistic cyber security posture demands co-ordinated efforts across all of an organisation’s systems. As a result, cybersecurity can be broken up into the following sub-domains:
◆ Identity Management and Data Security
Identity management refers to the protocols and activities that enable legitimate individuals to access information systems in an organisation. It involves implementing secure data storage techniques that provide for data at rest and in transit.
◆ Application security
This is the installation of various defenses within software and related services to limit the likelihood of any unwanted access or alteration of application software resources. It includes creating secure application system architectures, writing of secure code, implementing strong data input validation among other disciplines.
◆ Network security
Network security involves the implementation of both hardware and software techniques to prevent unwanted access, disruptions, and misuse. Network security should be implemented in such a way that it protects an organisation’s infrastructure from both internal and external attacks.
◆ Mobile security
Mobile devices, because of their portability are subject to increased vulnerability and mobile security is aimed at protecting both organizational and personal data on mobile devices from loss, theft, damage, etc.
◆ Cloud security
Most organisations are now migrating their infrastructure to cloud services such as Google Cloud Platform, Amazon Web Services, Microsoft Azure, etc. Cloud security involves implementing effective designs and secure environment configuration.
◆ Disaster recovery and Business continuity
In as much as individuals and organisation can prepare and secure their infrastructure, the risk of a security incident might not be eliminated entirely, and organisation need to have a plan for such a possibility. Disaster recovery and business continuity deals with processing, monitoring, alerts and plans that help an organisation recover and restore critical business functions and systems during and after a cyber-attack.
Cybersecurity threats
Some of the well-known attacks employed by cyber criminals include:
Phishing – a type of social engineering attack where the criminal poses as a legitimate authority and asks for sensitive information from the victim.
Ransomware – this is when an attacker manages to breach the defences of a computer system and manages to install malicious software which renders the computer system inaccessible or threatens to damage the infrastructure unless they are paid a sum of money.
Malware – Refers to harmful software such as viruses, worms, Trojans that allow unauthorized access to a computer or cause damage to it.
Denial of service attacks – DOS attacks and their variants overloads a server, website, or network with traffic, rendering the infrastructure inoperable or unusable.
Man in the middle attacks – This is when an attacker eavesdrops on messages between two parties.
The need for robust cybersecurity systems is clearly demonstrated by widely reported high profile security breaches. Such breaches have often resulted in incredibly sensitive information being compromised, causing, in most cases, irreversible financial and reputational damage. Institutions and individuals would be well served by implementing measures that ensure the security of their data and digital infrastructure before any incidence of a cyberattack. A stitch in time saves nine!
Medlico as a Research and Training Centre comprises of a team with highly experienced personnel in training and research who can guide organisations in how to better capacitate their employees in handling issues concerning cybersecurity.
Article prepared by Dr Linda Haj Omar, Founder & CEO of Medlico Research & Training Centre. For more information, / enquiries visit: 4 Lanark Belgravia, Harare, Zimbabwe, Tel: (+263) 242 702326/7; WhatsApp: +263 777 553011, Email: info@medlico.co.zw