July 21, 2016
-
Joe Franscella
,

What is Cybersecurity: FAQs

<p><em>What is Cybersecurity? </em>It's more than a software application running in the background of your desktop. Cybersecurity is an ideal state of minimized threats to your network and its assets, as well as the process of working towards this state.</p><p><em>Who is responsible for the dangers online? </em>The <a href="https://wwwlegacy.anomali.com/files/infographics/Anomali_HackerPersonas.pdf" target="_blank">sorts of people responsible</a> for the millions of yearly IT security crises are as different as the victims. Thieves, scammers, spies-for-hire, saboteurs, and tacky pharmaceutical marketers have all found abusing the power of the Internet to be worthwhile. Some threat actors can even be found within your walls.</p><p><em>What are they after?</em> In most cases, hacking is done in the name of money, information, or information that can be monetized. In other cases, the victim is spied upon or sabotaged for symbolic meaning or spite. Malware can generate income from any victim. Hackers take the time to target individuals when there is proprietary info or some specific thing of value involved, including the functionality of your company’s website. Leaking information or launching DDoS attacks are used as both an underhanded way to cripple a competitor and as an act of protest. Identifying all of your <a href="{page_3300}">potentially-exploitable assets</a> is essential to a comprehensive online protection plan.</p><p><em>Will a security platform protect me?</em> Your threat intelligence and anti-malware programs are powerful tools. They must be used properly in conjunction with the prudent use of your network in order to be effective. Many discussions about cybersecurity concern the tools we use to combat threats. However, most battles with hackers are lost not from faulty security programs, but by human error. Inadequate credentialing policies encourage bad habits and remove accountability. Common email and login credential mistakes:</p><ul><li>Falling for phishing - clicking links to password-stealing and logging in</li><li>Using company email credentials to make a profile on a less secure site</li><li>Choosing weak passwords or using the same password on multiple accounts</li><li>Keeping your password written somewhere “hidden” in your desk, notebook, etc.</li><li>Allowing users to share logins</li><li>Allowing unused logins or over-spammed accounts to remain valid</li><li>Sending sensitive messages through uncertain channels</li></ul><p><em>Why do good employees make so many grave cybersecurity errors? </em>Up to <a href="http://www.darkreading.com/vulnerabilities---threats/employee-negligence-the-cause-of-many-data-breaches-/d/d-id/1325656" target="_blank">66% of organizations</a> believe their own users are the weakest link in the security chain, but why? The answer to this question is a double edged sword; network safety policies must be made clear and implemented consistently to be effective. Well-meaning employees fall victim to social engineering tactics and make other common errors very frequently. Phishing emails are becoming more and more convincing, fooling us with language picked from our own data trails. <a href="https://www.fbi.gov/file-repository/elicitation-brochure.pdf/view" target="_blank">Elicitation, a classic form of snooping</a> meshes well with cyber-espionage. Spies will strike up a conversation with an insider to learn if there are any exploitable assets in the network and which employees make the best targets for trick emails.</p><p>Unfortunately, not everyone who has network access is trustworthy. Users who have unfettered access to all network assets can wreak havoc whether they mean to or not. Disgruntled employees are known to breach trust, implied or explicitly stated, when helping themselves to client lists, SOPs, etc. on their way out or right under the bosses’ noses.</p><p><em>How can you reduce user-created threats?</em> Integrate security measures into your everyday activities. Be as stringent with IT security as you would a cash register drawer; discourage sharing and encourage individual responsibility for making good security choices. Allow access to files and admin privileges only on an as-needed basis.</p><p>With this basic information, you can do a lot to protect your network and the people who rely on it. Keep cybersecurity on your list of top priorities and the battle against threats will become part of your regular culture.</p><p>Now that you are more informed about what cybersecurity is, learn more about the Anomali Match model and see how it can help you with your company security operations.</p><p><span class="hs-cta-wrapper" id="hs-cta-wrapper-522663a1-2e23-4655-9c36-592b876fdb70"><span class="hs-cta-node hs-cta-522663a1-2e23-4655-9c36-592b876fdb70" data-hs-drop="true" id="hs-cta-522663a1-2e23-4655-9c36-592b876fdb70" style="visibility: visible; display: block; text-align: center;"><a class="cta_button" cta_dest_link="{page_3455}" href="https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/c/?cta_guid=ae87b536-87f5-4cf1-85e5-1cf25faf63c6&amp;placement_guid=522663a1-2e23-4655-9c36-592b876fdb70&amp;portal_id=458120&amp;redirect_url=APefjpEK9XBu3b9Re55YBRcH30g4dscKNmpQK5kiZag6zfRaJJX_T62ObnK122v_pBpQqgoB6Bqioy1OC_kBuPT-A-30F-bvv-eTRWvdq71QQSnF111VFcLqo32uRXMoAXcTJ5lc62XrQX4uB9xRMXX1lxEfWKV_bxc_db4pLKjVvy_Bt1Jt7XHfU2iq6W0tZeD3zR76NYdEIY3BB_T6hI2wGyGtfm8K6z5uHpu7v7nWyRd0GoYv6G2VugHTIwfIRuP-hhsH3lmCMnMAhxLLKxRCoXZVdGH8ryEuEPgWqP5bvBX1DuWu9V3n8UF7y7EJnydRrO1VvYzyfpgZY_Wa0CPqxRZUGgHRzWiKtfn-eggoLXVJAyXu15yDn5XEr9TwH6G1WbjposoN&amp;hsutk=2767d93d6471d657e0c9f660e4b58ef8&amp;utm_referrer=https%3A%2F%2Fblog.anomali.com%2Fwhat-is-cybersecurity-faqs&amp;canon=https%3A%2F%2Fblog.anomali.com%2Fwhat-is-cybersecurity-faqs&amp;__hstc=41179005.2767d93d6471d657e0c9f660e4b58ef8.1456736058655.1478822660171.1478831861868.179&amp;__hssc=41179005.75.1478831861868&amp;__hsfp=1335165674" id="cta_button_458120_ae87b536-87f5-4cf1-85e5-1cf25faf63c6" style="margin: 20px auto;" target="_blank" title="Free Download Here">Free Download Here </a> </span> <script charset="utf-8" src="https://js.hscta.net/cta/current.js"></script> <script type="text/javascript">hbspt.cta.load(458120, '522663a1-2e23-4655-9c36-592b876fdb70', {});</script> </span></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.