• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Cyber Security and Network Awareness

July 17, 2018 By Emil Hozan

Basketball strategy plan

From cryptoware to worms, malicious applications and viruses, cyber attacks are oh so prominent in today’s digital age. How do we protect ourselves, our data and our network?

This is a tough question to answer considering the vast quantity of tools out there that seem to make this easier for the bad guys. From NSA-leaked tools to flaws down to the very brain of a computer system – the CPU – cyber security is as important now as networking in general. Network hardening is only as effective as the users within the network and the measures taken to prepare for a disaster – hope for the best yet expect the worst.

Nothing is a bigger bummer than logging into a computer to work on daily tasks to be prompted with an encryption alert and the need to pay money to release your data. What can you do about this? Well, in a single word – backups.

If you currently do not have backups stored offline or in multiple network-accessible locations, each behind their own security measures, you should do so immediately. Backing up critical data should always be a top priority.

What about remote employees needing to get into the business’s network to perform their tasks? How do you protect your network while allowing these users access into the network?

VPNs are a great way to avoid too much public exposure of well-known ports that are potentially exploitable. The level of encryption makes it that much more difficult for anyone trying to listen in on the communication to make sense of the “sniffed” packets. Unencrypted network traffic on the other hand, can be easily listened in on by anyone with the right tools. What risks are you willing to take on your business procedures?

All of the above help add those layers, but what else is missing?

The missing key is employee training. Embedded links in phishy emails can lead to internal outbreaks that could rapidly manifest itself. Network security is not a measure to be taken lightly. There are numerous tools to potentially (and hopefully) block these threats at the door but for the events that seep through (and there are), employee training is critical.

Just like with any information system, there are unknown vulnerabilities and exploits. Many are found day in and day out, unfortunately at the expense of those who would rather it not have happened. Others are found by ethical researchers who are out there looking out for users.

Be sure to say up to date with software for used hardware and products. As vulnerabilities and exploits are found, security patches are released and updating your software is the next. You should routinely review software release notes to determine the benefit, if any, to update to that release. On the other hand, you should take immediate action on security or critical updates to patch any potential security hole.

A good question to ask is: what is YOUR data worth? Are you willing to find out? Or would you rather be prepared, and should something happen, can you recover in an appropriate matter? – Emil Hozan

Share This:

Related

Filed Under: Editorial Articles Tagged With: cyber security

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use