Part of living in the digital era is understanding that our private information is more vulnerable than ever before. News stories about ID theft and data breaches abound, with the effects being felt by millions of consumers. And while companies and institutions are constantly working to protect themselves with increasing security measures, you can play a role in this fight as well.

Cyber security doesn’t involve just businesses and the government. Your computer, tablet and cellphone probably contain information that hackers and other criminals would love to have, like other people’s email addresses, names and birthdates. Suppose, for example, a hacker had access to your contact information. He could then send an email or text message to everyone you know, using your name, encouraging them to click on a link containing malware.

In a connected world, it is our responsibility to protect ourselves and the people we interact with, and it all starts with understanding cyber security [1].

What is Cyber Security?

Cyber Security is everywhere. It’s your firewall, your anti-virus, fault-tolerant architecture, and 2-step authentication. Cyber Security is also using different passwords for different accounts, it’s avoiding using your credit card on unsecured public wifi, it’s ensuring that your company’s sensitive data is only stored on encrypted hard drives, and it’s closing your laptop screen before you get up a little too eagerly when the barista calls your name.

Components of Cyber Security:

Cyber Security is the collection of all the tools & practices for keeping Software, Data, Systems and Network infrastructure secure. A few of many components of cyber security are as follows:

  1. Secure Policies: Practices to help people create, browse, work and share safely.
  2. Secure Network Design: Rules to create & maintain networks that keep private data private and unauthorized users out.
  3. Firewalls: Physical & Digital gateways to prevent unauthorized access to networks & systems.
  4. Secure Software Design: Rules to ensure that software is created with user, data & system security in mind.
  5. Cryptography: It is a method of making data hard for unauthorized parties to read [2].

Since, Cyber security is not just an IT problem, but a business problem, so, awareness training is not just for IT personnel but for all employees who has access to a computer and the Internet. The focus and specialty of awareness training need to be tailored to each employees’ function and their role within an organization. Cyber security needs to be part of an organizations culture to be effective, if it is just a checkbox approach, which employees don’t understand what it is about and why it will surely be ineffective.

Benefits of Cyber Security Awareness

  1. Less exposure to cyber security related risks.
  2. Lower costs due to both the lower frequency of cyber-related loss-incidents and the severity of those incidents.
  3. Lower costs associated with cyber security Insurance premiums.
  4. Saving time, as a lot of time, is wasted post Cyber Security incidents in both finding out what happened, as well as possibly having to redo do the affected work.
  5. Market edge over your business competition, as public knowledge of Cyber Incidents, will negatively affect your business reputation, and
  6. Positive staff culture regarding the Cyber and Information security [3].

 

An effective cyber security awareness programme should have the following attributes:

  1. Should be focused on real-life examples, both with the most common causes and the effects these examples might have.
  2. Each individual needs to understand their role in securing the business information, the importance of their roles and the consequences of their actions.
  3. The training should cover the Prevention and the responses to Cyber incidents.
  4. The training needs to be updated as new threats emerge and as the business culture and operations change.

 

Cyber security awareness should be an important part of any organisations cyber security management strategy. Not only does it address the human weakness factor in your strategy, it also provides immediate protection at an affordable price.

Intermediate Skills & Knowledge for Professionals:

Professionals can add the skills that ensure security as part of the development process with various global certificate courses offered by EC-Council. It provides world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) certifications and as well as many others certifications that are offered in over 102 countries through a training network (ATCs) of more than 700 training partners globally.

References:

  1. “Why is Cyber Security Important?” [Online] (https://www.transunion.com/blog/identity-protection/why-is-cyber-security-important) Accessed on 25/10/2018.
  2. Temiquel, N. (2018) “What you need to know about cyber security?” [Online] (https://blog.coursera.org/what-you-need-to-know-about-cybersecurity/) Accessed on 26/10/2018.