• Call Us : (02) 8005 6562

Frequently Asked Questions

Cybersecurity is the collection of technologies, processes, and practices that protect networked computer systems from unauthorized use or harm. Broadly speaking, cybersecurity topics can be subdivided into two complementary areas: cyber attacks, which are essentially offensive and emphasize network penetration techniques; and cyber defenses, which are essentially protective and emphasize counter-measures intended to eliminate or mitigate cyber attacks.

Cyber attacks can take aim at the enterprise, government, military, and other infrastructural assets of a nation or its citizens, where these assets can include physical infrastructure (e.g., power grids, nuclear reactors) as well as computational infrastructure (e.g., computers, networks). Cyber attacks can be classified by their participating actors (states vs. non-states) and their attack mechanisms (e.g., direct attack, malware, exploits).

Correspondingly, cyber defenses must protect the enterprise, government, military, and other infrastructural assets of a nation or its citizens. As is the case with cyber attacks, cyber defenses can be classified by their participating actors (states vs. non-states) and their attack mechanisms (e.g., direct attack, malware, exploits).

The increasing reliance of our information age economies and governments on cyber (computer-based) infrastructure makes them progressively more vulnerable to cyber attacks on our computer systems, networks and data. In their most disruptive form, cyber attacks target the enterprise, government, military, or other infrastructural assets of a nation or its citizens. Both the volume and sophistication of cyber threats (cyber warfare, cyber terrorism, cyber espionage and malicious hacking) are monotonically increasing, and pose potent threats to our enterprise, government, military, or other infrastructural assets. Knowing that to be forewarned is to be forearmed, we are well advised to effect strong Cybersecurity defenses that will thwart rapidly evolving cyber threats.

Recent newsworthy cyber attacks on critical cyber infrastructure (e.g., Target data breach, Mt. Gox bitcoin hacker attacks, NSA data leaks and subsequent PRISM revelations) demonstrate the urgent need for improved cybersecurity. As cyber threats grow, so must our abilities to neutralize them. Towards that end the U.S. government issued an Executive Order for Improving Critical Infrastructure Cybersecurity in February 2013, and the 2014 President’s Budget devotes over $13B to cyber-related programs and activities [Federal Information Technology FY 2014 Budget Priorities, p. 15]. The European Union Agency for Network and Information Security (ENISA) lists all known public documents of National Cyber Security Strategies in the EU as well as the rest of the world.

cyber attack: An offensive action by a malicious actor that is intended to undermine the functions of networked computers and their related resources, including unauthorized access, unapproved changes, and malicious destruction. Examples of cyber attacks include Distributed Denial of Service (DDoS) and Man-in-the-Middle (MITM) attacks.

cyber threat: A potential cyber attack, which may be assigned a probability of occurrence that can be used for cyber risk assessment.

cyber risk: A risk assessment that has been assigned to a cyber threat, such as DDoS attack or a data breach. A cyber risk assessment may be either qualitative or quantitative, where the latter should estimate risk (R) as a function of the magnitude of the potential loss (L) and the probability that L will occur (i.e., R = p * L).

The terms cyber attack, cyber threat, and cyber risk are interrelated as follows. A cyber attack is an offensive action, whereas a cyber threat is the possibility that a particular attack may occur, and the cyber risk associated with the subject threat estimates the probability of potential losses that may result.

For example, a Distributed Denial of Service (DDoS) cyber attack by a botnet is a cyber threat for many enterprises with online retail websites, where the associated cyber risk is a function of lost revenues due to website downtime and the probability that a DDoS cyber attack will occur.

Malware is an umbrella term derived from “malicious software”, and refers to any software that is intrusive (unauthorized access), disruptive, or destructive to computer systems and networks. Malware may take many forms (executable code, data files) and includes, but is not limited to, computer viruses, worms, trojan horses (trojans), bots (botnets), spyware (system monitors, adware, tracking cookies), rogueware (scareware, ransomware), and other malicious programs. The majority of active malware threats are usually worms or trojans rather than viruses.

Cyber hygiene refers to activities that computer system administrators and users can undertake to improve their cybersecurity while online. The term cyber hygiene was coined by Vinton Cerf, an Internet pioneer, who used that the expression in his statement to the United States Congress Joint Economic Committee on 23 February 2000, where italics are added for emphasis:

It is my judgment that the Internet itself is for the most part secure, though there are steps we know can be take to improve security and resilience. Most of the vulnerabilities arise from those who use the Internet–companies, governments, academic institutions, and individuals alike–but who do not practice what I refer to as good cyber hygiene. They are not sufficiently sensitive to the need to protect the security of the Internet community of which they are a part. The openness of the Internet is both its blessing and its curse when it comes to security.

Cyber hygiene related activities for computer system administrators include, but are not limited to, segmenting networks, enforcing compartmentalized (“need to know”) user permissions, enforcing strong password rules and bi- or multi-authorization procedures, ensuring that firewalls are properly installed, updating both “white lists” and “black lists”, ensuring that all antivirus and spam ware protection software is properly installed, removing all unauthorized software, ensuring that all firmware and software patches are current.

Cyber hygiene related activities for computer system users include using strong passwords which are changed frequently and not written down, avoid accessing cybersecure systems on unauthorized and/or non-secure BYODs (Bring Your Own Devices), avoid mixing personal with cybersecure email and/or work documents.

Cybersecurity technologies and processes are most effective when organizations diligently practice good cyber hygiene habits while concurrently checking their cyber defense vulnerabilities defenses via aggressive white hat” (a.k.a. “ethical hacking”) Penetration Testing (“pen testing”).

The cyber- prefix generally denotes something to do with cyberspace, the virtual environment that consists of all networked computers, whose interconnections comprise the Internet-of-Things (IoT). For example, in the context of cybersecurity (= cyber + security) it is common to speak of cyber threats, cyber attacks, cyber defenses, and cyber countermeasures.

Cyberspace is the virtual environment that consists of computer systems and networks, where all computers communicate via networks and all networks are connected. The term originated in science fiction during the 1980s and became popular during the 1990s. More recently computer vendors are attempting to brand cyberspace as the “Internet of Things” (IoT).

The best way to learn cybersecurity, as well as other technologies, is to combine the best of theory (principles and) with hands-on best practices.