FAQ
Find answers to your cyber security questions.
Artificial intelligence
AI is a branch of computer science dedicated to building computer systems that can perform tasks normally requiring human intelligence, such as visual perception, speech recognition, translation between languages, decision making and problem-solving.
Machine Learning (ML), is a subset of AI, consists of algorithms that “learn” from data and improve through experience.
The different types of machine learning are:
- Supervised learning
- Semi-supervised learning
- Unsupervised learning and,
- Reinforcement learning
Phishing
Phishing is a type of cyber-attack where attackers use impersonation tactics to manipulate people into clicking on a malicious link by making it appear trustworthy. They exploit people’s emotions through social engineering techniques to gain access to personal information or login credentials. The goal of a phishing attack is to steal sensitive information or money.
Different types of phishing attacks include spear phishing, email phishing, ice phishing, angler phishing, voice phishing, smishing, whaling, pharming, clone phishing, trap phishing, deepfakes, CEO fraud phishing, etc.
It is important to exercise caution while opening email attachments as they may contain malicious links that can infect your device or network, potentially causing data loss, damaging your organization’s reputation, and resulting in financial loss. Email attachments may also be used in email phishing attacks, where attackers attempt to trick individuals into providing sensitive information or clicking on a malicious link.
Definitions
A supply chain attack occurs when a trusted third-party vendor or partner who offers services or software is compromised and the threat actors then move up the supply chain to gain access to other organizations’ environments.
Zero-day attacks exploit unpatched vulnerabilities in software that are unknown to the developer or were already known, but the repair was delayed. Once the exploit runs, developing a patch can take hours or months.
One of the most well-known zero-day attacks was Log4j. The Log4j vulnerability affected everything from the cloud to developer tools and security devices.
The General Data Protection Regulation (GDPR) is a framework that establishes guidelines for the collection and handling of personal data of individuals within the European Union (EU).
Data privacy and protection
The General Data Protection Regulation (GDPR) is a framework that establishes guidelines for the collection and handling of personal data of individuals within the European Union (EU).
GDPR compliance training familiarizes employees with the critical components of the General Data Protection Regulation (GDPR). The GDPR course provides a detailed overview of GDPR principles, related roles, and responsibilities for ensuring privacy and data protection. This reduces the likelihood of organizations being fined under the GDPR and losing their reputation.
Non-compliance with GDPR may result in severe legal, reputational, and financial risks. GDPR violators can be fined up to 20M Euros or 4% of their annual turnover for the preceding financial year (whichever is greater).
Supply chain attacks
A supply chain attack occurs when a trusted third-party vendor or partner who offers services or software is compromised and the threat actors then move up the supply chain to gain access to other organizations’ environments.
A supply chain attack occurs when a trusted third-party vendor or partner who offers services or software is compromised and the threat actors then move up the supply chain to gain access to other organizations’ environments.
Cybercriminals exploit trust relationships and compromise the weakest entity in the supply chain. Once the cybercriminal gains access to the supplier’s network, they work their way up the supply chain to the target organization. It may take them months, but they persist until they gain access.
Cyber security awareness
GDPR compliance training familiarizes employees with the critical components of the General Data Protection Regulation (GDPR). The GDPR course provides a detailed overview of GDPR principles, related roles, and responsibilities for ensuring privacy and data protection. This reduces the likelihood of organizations being fined under the GDPR and losing their reputation.
An information security awareness training is designed and delivered to teach employees about various cyber security risks, proper cyber hygiene, and how to combat information security breaches.
Information security and privacy are top priorities for C-level executives. The cybercrime landscape is becoming more sophisticated and technologically advanced, making us more committed to information security. C-level executives being at the forefront of cyber security ensures that the right cyber security tone is set for the entire organization.
Cyber risk management
Information Risk Management identifies and controls threats and vulnerabilities to information resources in an organization in order to achieve business objectives.
Proper conduction of cyber risk assessment allows organizations to identify weaknesses in their information systems and prioritize implementing security measures to defend against potential cyber threats. Additionally, this process offers various advantages, such as increasing overall security, improving incident response, raising awareness and understanding of cyber risks within the organization, and reducing the potential financial impact of cyber incidents.
In cybersecurity risk management, potential risks to an organization’s technology and information systems are identified and evaluated, and steps are taken to mitigate or eliminate them. This includes identifying threats and vulnerabilities, implementing security measures to protect against them, and regularly monitoring the effectiveness of those measures. The ultimate goal of cybersecurity risk management is to safeguard the organization’s assets, reputation, and operations against the negative impact of cyber-attacks.
Generative AI
Generative AI, a part of machine learning, aims to generate new, original data, such as images, text, or sounds, rather than simply predicting or analyzing existing data. This is achieved through specialized algorithms and models that can either be instructed to produce specific outputs based on user inputs or trained to learn from large datasets and generate new, previously unseen data.
Generative AI, such as natural language processing models like ChatGPT, transforms various industries by simplifying complex tasks. For instance, researchers can leverage generative AI to extract information quickly and efficiently, which would otherwise take hours of manual labour. Generative AI generates unique content by utilizing vast amounts of data from datasets, helping researchers discover new insights and knowledge in their field.
One of the key limitations of generative AI is the potential for biased or inappropriate content to be generated due to the need for more control over the output. Another limitation is the risk of developing plagiarized content, which could lead to copyright infringement if incorporated into an article without proper attribution. Additionally, obtaining sufficient training data can be a significant challenge in specific domains, and preprocessing may be required to ensure the data is suitable for training the model.
Secure application development
The source code must always be maintained in a source code repository with restricted access rights. The source code repository logs must be reviewed for anomalies regularly.
This course will assist employees in identifying and understanding several security features that should be considered while developing an application. It will teach employees how to write secure code, manage it securely and implement other safe coding practices in the industry.
The different phases of the SDL(secure application development) lifecycle are;
- Requirement gathering
- Design
- Coding
- Testing
- Release and Deployment
Malware
A Ransomware attack is a type of cybercrime in which hackers infiltrate a network, gain access to the system, and encrypt the data. They then demand a ransom payment to restore access to the locked data. These attacks can cause significant damage and disruption to organisations if they do not have proper backup and recovery plans.
Malware is malicious software specifically created by cybercriminals to gain unauthorized access to a computer system or network to cause harm, such as data breaches or theft.
Even though spyware comes from the family of malware, there are differences between the two. The term malware refers to any harmful software that can cause damage to a computer or network, like viruses, worms, trojan horses, and ransomware. In contrast, spyware is a specific type of malware that collects information about its victims without their knowledge. It can track keystrokes, take screenshots, and gather information about browsing habits and personal data.
Ransomware
A Ransomware attack is a type of cybercrime in which hackers infiltrate a network, gain access to the system, and encrypt the data. They then demand a ransom payment to restore access to the locked data. These attacks can cause significant damage and disruption to organisations if they do not have proper backup and recovery plans.
Crypto malware, also known as crypto-jacking malware, aims to secretly mine cryptocurrency on the infected device. The malware typically disguises itself as legitimate software, and once it is installed, the malicious code runs in the background without the user’s knowledge. The cyber threat actors behind the malware use the infected device’s computing power to mine cryptocurrency, often without the user’s knowledge.
There are several types of ransomware: Encrypting Ransomware, Locker Ransomware, Ransomware-as-a-Service, Double extortion Ransomware, and so on.
GDPR
The General Data Protection Regulation (GDPR) is a framework that establishes guidelines for the collection and handling of personal data of individuals within the European Union (EU).
GDPR compliance training familiarizes employees with the critical components of the General Data Protection Regulation (GDPR). The GDPR course provides a detailed overview of GDPR principles, related roles, and responsibilities for ensuring privacy and data protection. This reduces the likelihood of organizations being fined under the GDPR and losing their reputation.
Non-compliance with GDPR may result in severe legal, reputational, and financial risks. GDPR violators can be fined up to 20M Euros or 4% of their annual turnover for the preceding financial year (whichever is greater).
HIPAA
The HIPAA Privacy Rule establishes the standards for individually identifiable health information in any medium. It ensures the privacy of Protected Health Information.
Demographic information, medical histories, test and laboratory results, mental health conditions, insurance information and other data a healthcare professional collects to identify an individual are considered as PHI or Protected Health Information.
No. Two types of organizations are regulated under HIPAA: Business Associates and Covered Entities. Following are the list of entities which needs to be HIPAA compliant:
- Healthcare providers
- Healthcare clearinghouses
- Health plans
- Business associates
Cyber warfare
In cyber warfare, a nation uses digital threats like unauthorized access and malware to attack another nation’s computer systems, preventing them from accessing information and communication systems.
The main motivations for cyber warfare are:
- Compromising economic advantage
- Theft of intellectual property
- Disrepute and humiliation
Some real examples of cyber warfare are
- Ransomware
- Zero-day attack
- Stuxnet malware
IT security best practices
IT security best practices are actions followed to protect an organization’s information assets. It includes an analysis of threats and vulnerabilities to minimalize the exposure that may affect an organization’s information assets.
IT teams that include both the IT security team and Information Risk Management (IRM) team should work in conjunction to identify risks associated with the organization’s IT infrastructure and create controls to mitigate those risks.
An organization needs to adopt IT security best practices to prevent exposure to threats and vulnerabilities that could result in financial loss, legal consequences, regulatory sanctions, and reputational damage.
Secure coding
Secure Coding is the practice of developing computer software to avoid the unintentional introduction of security vulnerabilities.
The secure coding principles are:
· Input Validation
· Output Encoding
· Authentication and Password Management
· Session Management
· Access Control
· Rate Limiting and Race Conditioning
· Cryptographic Practices
· Error handling and logging
· Data Protection
· Communication Security
· System Misconfiguration
· Database Security
· File Management
· Memory Management
Secure coding is one of the most critical elements of the software development lifecycle since it eliminates commonly exploited software vulnerabilities and prevents cyberattacks from happening.
Software with insecure code is more likely to be attacked, resulting in…
· Loss of customer trust
· Theft or loss of sensitive data
· Financial and legal repercussions
· Loss of brand reputation
Cyber security leadership
Information security and privacy are top priorities for C-level executives. The cybercrime landscape is becoming more sophisticated and technologically advanced, making us more committed to information security. C-level executives being at the forefront of cyber security ensures that the right cyber security tone is set for the entire organization.
Information security leaders need to always look for current and upcoming attacks. It is their responsibility to lead others into taking the necessary security measures to protect the organization. Knowledge of laws and regulations, active participation in risk management, and being a role model are the other responsibilities of an information security leader.
Cyber risk assessment
There may need to be more than just learning material to raise employee cyber security awareness. To ensure that the information is retained and understood by employees, it is essential to use a combination of techniques such as cyber security assessments and micro-learning programs. These methods can help employees to actively engage with the material and apply their knowledge rather than passively consuming it. Using cyber security quizzes and interactive learning tools can enhance the employee’s ability to understand and recall the information, thus better equipping them to tackle cyber security threats.
Cybersecurity risk assessment is the systematic process of evaluating and identifying potential risks to an organisation’s information assets and determining if the existing security controls are adequate to protect against those risks. A cybersecurity risk assessment aims to identify vulnerabilities and prioritise the implementation of appropriate security controls to protect against potential cyber threats.
