The Non-Technical Guide to Cybersecurity - Part 1
Part 1 - Introduction and glossary
Privacy or security breaches are frightening for both consumers and businesses.
As increasing amounts of personal and business information is stored digitally, this unfortunately means the opportunities available for malicious people to compromise it increases too. This extends to everything from passwords, email addresses, credit card details, bank accounts, and personal information such as names, addresses, medical records, passports, and drivers license details.
When data breaches occur, consumers rightfully become wary of a company’s ability to safely secure their vital information, so temporarily or permanently stop using that business.
This impacts revenues and permanently erodes trust in the processes organisations use to operate their businesses successfully.
What exactly is cybersecurity?
Cybersecurity refers to the systems and actions taken to secure data, computers, and networks from threats or misuse. This can be in the form of deliberate external cyber attacks or from other threats or data losses. It is therefore a very broad process that covers hundreds of different potential threats.
Addressing cybersecurity threats can seem daunting because of the sheer variety of threats out there and how they are continually evolving. But the key to creating a robust cybersecurity approach is to break it down into more manageable sizes that essentially work as multiple layers of protection. This extends from basic approaches such as keeping track of laptops and other portable devices to technology-based steps such as firewalls and automated intrusion detection systems.
Cybersecurity solutions can range from low cost actions that are easy to implement right through to highly complex and resource intensive measures. It’s important to implement a tailored mix of solutions that meets the particular circumstances and risk profile of your business.
Why cybersecurity matters
There are many risks to not having proper cybersecurity strategy and protocols in place. This includes:
- Your website being compromised or unavailable to your users
- Theft of private customer details
- Theft of important business documentation such as contract information or documents of strategic importance
- Office computers being temporarily or permanently unusable due to infection by malicious software or viruses
- Loss of data
These types of breaches or data losses can have extremely negative impacts on the operation of the business. They can also cause costly damage to the company brand.
Key cybersecurity terms
This glossary of the most important cybersecurity terms will help you better understand some of the technical jargon commonly used when discussing cybersecurity.
Authentication - the process of verifying users. Passwords are generally used to authenticate that you are who you say you are and that you are allowed access to the company network or specific folders or files.
Botnet - groups of computers working together to carry out malicious actions. The usual aim is to add your computer to the botnet in order to carry out malicious activities such as transmitting malware or spam.
Data breach - data breaches occur when hackers gain unauthorised entry or access to an organisation or its user’s data.
Digital certificate - Also known as identity certificates or public key certificates, digital certificates are a type of passcode used to securely transmit data over the internet.
Encryption - this is a method of using complex maths and codes to make data only readable by people authorised to view it. If encrypted data is intercepted, it cannot be read by the hacker as they will not have the key to unscramble it.
Firewall - this is a digital wall to keep malicious software or human attackers away from a computer or a network of computers. Firewalls incorporate a filter to assess the safety and authority of requests to access the network.
HTTP and HTTPS - Hypertext Transfer Protocol (HTTP) is the system that web browsers use to communicate. You will notice at the front of the address bar of your web browser an http:// or https:// each time you visit a site. The additional “S” means that the website you are visiting encrypts all the data sent between you and the web server, meaning the privacy of your data is protected.
Spyware - this is a form of malicious software (malware) that is installed on your computer without your knowledge and used to spy on your activity, for example to steal passwords or private information.
Talk to the experts at FinXL about how we can help your business meet it's cybersecurity goals.