Kevin Mitnick is an American computer security consultant, author, and convicted hacker, best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes. Kevin started using social engineering at age of 12 to bypass the punch card system used in buses of Los Angeles.
Security comes from:
1.Technology: networks, firewalls, antiviruses;
2.Training: awareness of different attacks;
3.Policy: set procedures and requirements.
[Source: https://images.squarespace-cdn.com/content/v1/504779d6e4b0dcecada0fc99/1487873936517-5KGYL2H6N6RWPTC5LCW1/rules1.jpg?format=1500w]
Technology:
Currently humans cannot function without the help of digital devices. When we wake up, first thing we do is check our smartphone and then check the online news for if there is anything new. And we end our day with and episode of a movie on the tv or an online article.
In my country, Cyprus, technology is at a very early state of advancements, but still, the government is beginning to realize how important it will be. Currently the biggest issue is the WIFI speed, since it is an island it is required for everyone to use optical fiber in order to have a good speed.
Training:
One of the key concepts to grasp with cybersecurity is that maintenance is a constant job. New attacks develop monthly, if not daily, and your approach to guarding against them can’t be limited to annual training. New features are brought to us constantly and if you take a break and forget to keep up, you will end up in a disadvantage. If you only updated your knowledge once a year, it is the same as updating your devices once a year, your security would be a nightmare. Currently Cyprus only has large tech companies which care about security on that level, the majority of local businesses are small and didn't reach that stage yet.
Policy:
Everything has to go by rules, therefore releasing new technology should be discussed and validated to ensure full security and ease of use. For example securing authentication and proof of identity online is one of the major points of attack as well as online voting, since changed results could be detrimental. Currently Cyprus is working on their online health system and taking validating very seriously.
In conclusion i would say that Cyprus is still at a very young age to judge its cyber security status. However yes, the current security situation is not as high as it should definitely to be. And the formula of Mitnick indeed proved to highlight that the three aspects should be kept in mind otherwise chaos will come.
Comments
Post a Comment