cyber security

In today’s digital era, every business should be concerned about cyber security, otherwise, it is only a matter of time before losing any precious data during a cyber attack. What is cyber security? How to protect companies against cyber attacks? What are the recommended cyber security courses for organisations? Preface is here to give you a complete overview!

What is cyber security?

Cyber security refers to the practice of defending technical systems, networks and programs against malicious attacks and unauthorised exploitation.

Source: kaspersky, CISCO, IT Governance

Areas of cyber security

Cyber security ranges from simple to complex, common measures include:

Network security

Protects the network and data from breaches, intrusions and other threats.

Application security

Prevents security vulnerabilities against threats such as unauthorized access and modification. For example, all wireless devices and products should take action to improve cyber security before entering the EU market.

Information security

Keeps data secure from unauthorized access or alterations.

Operational security

Safeguards sensitive information and preserve essential secrecy.

Disaster recovery and business continuity

Responds to or adapts to potential threats or unforeseen disruptive events while minimising the negative impacts

Storage security

Encompasses the implementation and management of security across all layers of a storage environment.

Cloud security

Avoids data stored on cloud computing platforms from being stolen, deleted and leaked to unauthorised parties.

End-user education

Equips employees with the tools and skills required to protect themselves and their organisation’s assets from loss or harm.

Source: IBM, kaspersky

Why is cyber security important?

cyber security

While people are becoming more and more dependent on the internet, there has been an increasing number of incidents of security breaches, fraud, malicious attacks and more that could potentially dupe you of your money or other crucial data.

According to InfoSec, there has been a surge in computer and internet based criminal activities, and the problem is identified to be one of the major public concerns.

Therefore, whether you are an individual, small business or large multinational, maintaining a strong cyber security posture is of utmost importance. With reference to Cybersecurity Ventures, cyberattacks are expected to cost organisations worldwide about $6 trillion by the end of 2021. Therefore, businesses of all sizes and in all sectors should put cyber security and safety as top priority.

Especially during the pandemic, business owners should take extra attention to cyber security given that the mass shift to working from home might make employees become confused as to how to continue to work securely.

Businesses that require capturing and using sensitive information frequently, the healthcare industry, in particular, are facing more cyber threats and forms of disruption than ever before. In 2020, there has been a 25% year-over-year increase in healthcare data breaches.

It goes without saying that data breaches and hacks will continue to accelerate, organisations should therefore incorporate the highest security measures to protect themselves from ongoing dangers.

Source: CISCO

Types of cyber security threats

1. Virus

A virus will infect the computer system by duplicating itself without any permission. It will penetrate its own malicious code into pre-existing programs with an aim to spread to other systems. This is one of the most destructive threats as it might damage various data storage and lead to a complete system failure.

2. Ransomware

Ransomware is that kind of threat that will take your data hostage, unless money is paid, or else the whole data set will be destroyed. However, more often, even if the victim has settled the payment, the attackers won’t return the hostage but keep demanding for more.

3. Worm

The nature of worms is similar to viruses as they will replicate themselves on a computer system and cause destructive consequences. But also unlike the virus, a worm is an independent program that can work just fine without attaching to a file.

4. Cryptomining Malware

It is a well-known fact that mining cryptocurrency consumes a great amount of computing power. Therefore, some miners will parasite other computers and steal the processing power for their own uses, given that this allows them to mine faster and more efficiently. Once the organisations’ computers are hijacked, there will be an obvious decrease in speed.

5. DDoS Attacks

The full name of “DDoS” is “Distributed Denial of Service”, meaning that the normal operation of a system or device will be interrupted, resulting in access denial and downtime. DDoS normally brings a larger scale of destruction, making the recovery process to be more challenging. To deal with this, experts suggested adopting advanced threat protection.

6. Phishing

Phishing primarily relies on social engineering techniques. It usually starts with dropping the victim an email, instant message or text message with a malicious link, once the recipient is tricked into clicking the link, it can then lead to auto-installation of malware and sensitive information such as login passwords and credit card numbers will fall into the wrong hands.

Source: CISCO, Citic Telecom

Want to keep up with the tech-driven future? Check out Preface Coding Event for our latest Tech Seminars and Coding Workshops to stay relevant! Come enjoy the exquisite beverage selection from Preface Coffee & Wine while updating yourself with the most up-to-date knowledge!

Cyber security online courses

To prevent sophisticated cyberattacks, businesses must extend the cyber security awareness to all employees, helping the employees to avoid and prevent cyberattacks when they are accessing email, social media and other apps while using the company’s technology resources or their personal devices.

To achieve that, companies should consider holding cyber security training programs since continuous employee awareness training is effective in mitigating cybersecurity risks as proven by the cyber security awareness training firm KnowBe4.

Below is a list of some featured courses:

This is a beginner course for cyber security. If you know how to work on computers and have Basic knowledge of the Internet, you must be able to catch up with the class.

The course will talk about the basics of cyber security, the common threats as well as the solutions to protect organisations from cyberattacks. The course was originally priced at USD $34.99 and is now discounted to USD $9.99.

The course is designed to help students develop a deeper knowledge of the most common information and system protection technology and methods nowadays.

After the course, learners are expected to get a baseline understanding of common cyber security threats, basic functional protections, real-time security techniques and methods and a series of advanced topics in cyber security.

The course is now free for registration from 21 Nov 2021.

This course covers different areas of cyber security, including but not limited to network security, cloud security, system security, network infrastructure, protocols and encryption.

It is not necessary for students to have any IT background, throughout the course, learners will be provided with the groundwork for future studies or the potential for entry-level work in smaller companies.

The course is now priced from USD $55 to USD $80.

The course is supported by the UK Government’s National Cyber Security Programme.

By the end of the course, students will be able to explain basic cyber security terminology, identify major malware types, describe basic authentication mechanisms, apply fundamental risk analysis and management techniques and more.

The course fee ranges from USD $15.83 to USD $89 per month.

This course begins with the very basics. First students will learn how to install the tools, some terminology and how devices communicate with each other. Then they will learn how to scan vulnerabilities with Nessus and gain full access to computer systems via discovering the weaknesses and vulnerabilities.

Students will also be given the opportunity to learn how to set up a lab environment and install the needed virtual machines such as Kali Linux, Nessus and Metasploit.

The tuition fee was USD $84.99 and is now reduced to USD $9.99 only.

Source: Medium, ZDNet

How to protect yourself against cyber attacks

cyber security

Though cyberattacks are unexpected, they are not completely inevitable. Below are some tips to protect yourself from a cyberattack:

1. Use a secure password

Instead of using your birthday and other commonly used combinations such as “123456”, “qwerty” and “pa$$w0rd”, you should better use a mix of uppercase and lowercase letters, and make sure the passwords are at least eight characters long.

2. Apply zero-trust strategy

“Zero-trust” refers to “never trust, always verify”, which means that devices should never be trusted by default, instead you should verify everything trying to connect before granting access.

3. Protect every device

Computer viruses and malware are everywhere. Antivirus programs such as firewalls and intrusion detection systems can protect your computer against unauthorised code or software that may threaten your operating system.

4. Backup your computer

If you haven’t started backing up your hard drive, you should do it immediately. Backing up your data is critical in helping you to rebuild as quickly as possible after suffering any data breach or loss.

5. Use two-factor authentication

Two-factor authentication adds another security layer to the login process, reducing the chances of your account getting hacked since having a password alone is not enough to pass the authentication check.

Source: kaspersky, Victoria University

Top cyber security tools

1. Kali Linux

Kali Linux is an open-source, Debian-based Linux distribution. It contains several hundred tools targeted towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

2. Nmap

Nmap stands for Network Mapper, which is a free open source command-line tool. It is an information-gathering tool used for recon reconnaissance. Basically, it scans hosts and services on a computer network, followed by sending packets and analyzing the response.

3. Keepass

KeePass is a free, open-source password manager that helps users to manage passwords in a secure way. Keepass stores all passwords in one database that is locked with a single master key. This database is encrypted using extremely secure encryption algorithms.

4. POF

POF is mainly used for monitoring the network without generating additional data traffic. It can be used for detecting host operating systems in a network, as well as creating probes, lookups, queries, and more as additional functions.

5. Nikto

Nikto is an open-source vulnerability scanner that provides additional vulnerability scanning specific to web servers. It performs checks for 6400 potentially dangerous files and scripts, 1200 outdated server versions, and nearly 300 version-specific problems on web servers.

Source: Jigsaw

Does cyber security require coding?

If you are looking for entry-level cyber security jobs, coding skills are not necessarily required. However, for mid-level and upper-level cyber security positions, being able to write and understand code will be a must.

To mitigate cyberattacks, more advanced technologies such as Artificial Intelligence (AI) and Machine Learning (ML) have been applied to cyber security practices. Therefore, if cyber security interests you, you might consider taking some coding courses to strengthen your knowledge.

Preface’s Web Developer course is well recognised by many leading companies including JP Morgan, Cathay Pacific and Adidas. It is a beginner-friendly program with an aim to give learners a concrete base in both front-end (HTML & CSS) and backend (Python in Django) development. By taking a step-by-step teaching approach and comprehensive exercises, quizzes and assignments, students are expected to master coding and programming techniques and apply them to various actual business use cases accordingly.

Preface has successfully offered top-tier coding education to over 6,000 graduates since 2015. This course goes through the entire data science process such as APIs, matrix factorisation and cross-validation methods. The tutor will then move from basic knowledge to more advanced concepts like machine learning and algorithms for predictive analysis, which is closely related to cyber security applications.

Source: Startacybercareer, CIOinsight

Cyber security Law in HK

When it comes to cyber-related offences, the Hong Kong Police Force (HKPF) is the key enforcement authority. HKPF has a division called Cyber Security and Technology Crime Bureau dedicated to handling cyber security issues, its job duties include carrying out cybercrime and technology crime investigations, computer forensic examinations and prevention of technology crime.

Hong Kong is also the first Asian jurisdiction to enact comprehensive personal data privacy legislation. From a business perspective, the key compliance framework to follow is the Personal Data (Privacy) Ordinance (PDPO), which clearly states that all organisations that collect, hold, process or use personal data must comply with the specific data protection principles, or else might lead to a fine of HK$1 million and imprisonment for five years.

Source: The Law Society of Hong Kong, Allen & Overy

Cyber security resilience

Last but not least, you need to know about cyber resilience.

Cyber resilience is the ability to prepare for, respond to and recover from cyber threats. A cyber-resilient organisation is able to adapt to both known and unknown crises, attacks, adversities and challenges.

Both cyber security and cyber resilience are vital strategies to protect a company’s assets and keep customers’ sensitive data secure. In a nutshell, the former refers to a company’s ability to protect against and avoid the increasing threat from cybercrime, whereas the latter describes a company’s ability to mitigate damage and carry on once systems or data have been compromised.

Source: World Economic Forum

Want to keep up with the tech-driven future? Check out Preface Coding Event for our latest Tech Seminars and Coding Workshops to stay relevant! Come enjoy the exquisite beverage selection from Preface Coffee & Wine while updating yourself with the most up-to-date knowledge!

Total
0
Shares
Related Posts
NFT Art

NFT:什麼是NFT?加密藝術是否會動搖傳統藝術世界?

NFT:什麼是NFT?加密藝術是否會動搖傳統藝術世界? 若然你是藝術粉,必定會知道早前當代藝術大師Damien Hirst推出首個NFT企劃:《The Currency》。到底何時開始NFT成為一個熱話?什麼原因導致NFT擁有如此高的價值?究竟什麼是NFT?如果你有興趣參與NFT這個「大派對」,就千萬不能錯過這篇終極攻略! NFT是什麼意思? NFT是Non-fungible Token的簡寫,意思是非同質化代幣。 我們不妨把NFT拆成兩個部分作簡單說明。 首先,關於Non-fungible,代表NFT不能像比特幣和以太坊這樣的標準加密貨幣那樣容易地互換——一個NFT(A)的價值不等於另一個NFT(B),這個概念類似於當你用比卡超(寵物小精靈)換一個人馬獸(數碼暴龍)時,兩者完全是南轅北轍。 其次,Token的定義意味著NFT與加密貨幣共享相同類型的區塊鏈編程——它們當中的每一個都包含作為所有權證明的內置身份驗證,令NFT有著非常獨特且稀有的特質。 NFT於2013年誕生,多得CryptoPunks和CryptoKitties的創建,令到NFT在2017年底開始引起媒體關注。縱然話題過後,隨著NFT市場不斷出現新的發展,NFT從未失去它的熱度,一些活動和企劃甚至達到了創紀錄的銷售額。 資料來源:Forbes, The Verge NFT如何運作?為何NFT總是與藝術作品密不可分? 創建NFT的過程非常簡單,即使你不是加密行業的專業人士,仍然可以設法創建自己的數碼藝術品。 要開始創建你的NFT,你必須將你的加密錢包連接到你想要展示你藝術品的NFT市場。設置後,直接前往市場上的 “Create…
Read More