cyber security

In today’s digital era, every business should be concerned about cyber security, otherwise, it is only a matter of time before losing any precious data during a cyber attack. What is cyber security? How to protect companies against cyber attacks? What are the recommended cyber security courses for organisations? Preface is here to give you a complete overview!

What is cyber security?

Cyber security refers to the practice of defending technical systems, networks and programs against malicious attacks and unauthorised exploitation.

Source: kaspersky, CISCO, IT Governance

Areas of cyber security

Cyber security ranges from simple to complex, common measures include:

Network security

Protects the network and data from breaches, intrusions and other threats.

Application security

Prevents security vulnerabilities against threats such as unauthorized access and modification. For example, all wireless devices and products should take action to improve cyber security before entering the EU market.

Information security

Keeps data secure from unauthorized access or alterations.

Operational security

Safeguards sensitive information and preserve essential secrecy.

Disaster recovery and business continuity

Responds to or adapts to potential threats or unforeseen disruptive events while minimising the negative impacts

Storage security

Encompasses the implementation and management of security across all layers of a storage environment.

Cloud security

Avoids data stored on cloud computing platforms from being stolen, deleted and leaked to unauthorised parties.

End-user education

Equips employees with the tools and skills required to protect themselves and their organisation’s assets from loss or harm.

Source: IBM, kaspersky

Why is cyber security important?

cyber security

While people are becoming more and more dependent on the internet, there has been an increasing number of incidents of security breaches, fraud, malicious attacks and more that could potentially dupe you of your money or other crucial data.

According to InfoSec, there has been a surge in computer and internet based criminal activities, and the problem is identified to be one of the major public concerns.

Therefore, whether you are an individual, small business or large multinational, maintaining a strong cyber security posture is of utmost importance. With reference to Cybersecurity Ventures, cyberattacks are expected to cost organisations worldwide about $6 trillion by the end of 2021. Therefore, businesses of all sizes and in all sectors should put cyber security and safety as top priority.

Especially during the pandemic, business owners should take extra attention to cyber security given that the mass shift to working from home might make employees become confused as to how to continue to work securely.

Businesses that require capturing and using sensitive information frequently, the healthcare industry, in particular, are facing more cyber threats and forms of disruption than ever before. In 2020, there has been a 25% year-over-year increase in healthcare data breaches.

It goes without saying that data breaches and hacks will continue to accelerate, organisations should therefore incorporate the highest security measures to protect themselves from ongoing dangers.

Source: CISCO

Types of cyber security threats

1. Virus

A virus will infect the computer system by duplicating itself without any permission. It will penetrate its own malicious code into pre-existing programs with an aim to spread to other systems. This is one of the most destructive threats as it might damage various data storage and lead to a complete system failure.

2. Ransomware

Ransomware is that kind of threat that will take your data hostage, unless money is paid, or else the whole data set will be destroyed. However, more often, even if the victim has settled the payment, the attackers won’t return the hostage but keep demanding for more.

3. Worm

The nature of worms is similar to viruses as they will replicate themselves on a computer system and cause destructive consequences. But also unlike the virus, a worm is an independent program that can work just fine without attaching to a file.

4. Cryptomining Malware

It is a well-known fact that mining cryptocurrency consumes a great amount of computing power. Therefore, some miners will parasite other computers and steal the processing power for their own uses, given that this allows them to mine faster and more efficiently. Once the organisations’ computers are hijacked, there will be an obvious decrease in speed.

5. DDoS Attacks

The full name of “DDoS” is “Distributed Denial of Service”, meaning that the normal operation of a system or device will be interrupted, resulting in access denial and downtime. DDoS normally brings a larger scale of destruction, making the recovery process to be more challenging. To deal with this, experts suggested adopting advanced threat protection.

6. Phishing

Phishing primarily relies on social engineering techniques. It usually starts with dropping the victim an email, instant message or text message with a malicious link, once the recipient is tricked into clicking the link, it can then lead to auto-installation of malware and sensitive information such as login passwords and credit card numbers will fall into the wrong hands.

Source: CISCO, Citic Telecom

Want to keep up with the tech-driven future? Check out Preface Coding Event for our latest Tech Seminars and Coding Workshops to stay relevant! Come enjoy the exquisite beverage selection from Preface Coffee & Wine while updating yourself with the most up-to-date knowledge!

Cyber security online courses

To prevent sophisticated cyberattacks, businesses must extend the cyber security awareness to all employees, helping the employees to avoid and prevent cyberattacks when they are accessing email, social media and other apps while using the company’s technology resources or their personal devices.

To achieve that, companies should consider holding cyber security training programs since continuous employee awareness training is effective in mitigating cybersecurity risks as proven by the cyber security awareness training firm KnowBe4.

Below is a list of some featured courses:

This is a beginner course for cyber security. If you know how to work on computers and have Basic knowledge of the Internet, you must be able to catch up with the class.

The course will talk about the basics of cyber security, the common threats as well as the solutions to protect organisations from cyberattacks. The course was originally priced at USD $34.99 and is now discounted to USD $9.99.

The course is designed to help students develop a deeper knowledge of the most common information and system protection technology and methods nowadays.

After the course, learners are expected to get a baseline understanding of common cyber security threats, basic functional protections, real-time security techniques and methods and a series of advanced topics in cyber security.

The course is now free for registration from 21 Nov 2021.

This course covers different areas of cyber security, including but not limited to network security, cloud security, system security, network infrastructure, protocols and encryption.

It is not necessary for students to have any IT background, throughout the course, learners will be provided with the groundwork for future studies or the potential for entry-level work in smaller companies.

The course is now priced from USD $55 to USD $80.

The course is supported by the UK Government’s National Cyber Security Programme.

By the end of the course, students will be able to explain basic cyber security terminology, identify major malware types, describe basic authentication mechanisms, apply fundamental risk analysis and management techniques and more.

The course fee ranges from USD $15.83 to USD $89 per month.

This course begins with the very basics. First students will learn how to install the tools, some terminology and how devices communicate with each other. Then they will learn how to scan vulnerabilities with Nessus and gain full access to computer systems via discovering the weaknesses and vulnerabilities.

Students will also be given the opportunity to learn how to set up a lab environment and install the needed virtual machines such as Kali Linux, Nessus and Metasploit.

The tuition fee was USD $84.99 and is now reduced to USD $9.99 only.

Source: Medium, ZDNet

How to protect yourself against cyber attacks

cyber security

Though cyberattacks are unexpected, they are not completely inevitable. Below are some tips to protect yourself from a cyberattack:

1. Use a secure password

Instead of using your birthday and other commonly used combinations such as “123456”, “qwerty” and “pa$$w0rd”, you should better use a mix of uppercase and lowercase letters, and make sure the passwords are at least eight characters long.

2. Apply zero-trust strategy

“Zero-trust” refers to “never trust, always verify”, which means that devices should never be trusted by default, instead you should verify everything trying to connect before granting access.

3. Protect every device

Computer viruses and malware are everywhere. Antivirus programs such as firewalls and intrusion detection systems can protect your computer against unauthorised code or software that may threaten your operating system.

4. Backup your computer

If you haven’t started backing up your hard drive, you should do it immediately. Backing up your data is critical in helping you to rebuild as quickly as possible after suffering any data breach or loss.

5. Use two-factor authentication

Two-factor authentication adds another security layer to the login process, reducing the chances of your account getting hacked since having a password alone is not enough to pass the authentication check.

Source: kaspersky, Victoria University

Top cyber security tools

1. Kali Linux

Kali Linux is an open-source, Debian-based Linux distribution. It contains several hundred tools targeted towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

2. Nmap

Nmap stands for Network Mapper, which is a free open source command-line tool. It is an information-gathering tool used for recon reconnaissance. Basically, it scans hosts and services on a computer network, followed by sending packets and analyzing the response.

3. Keepass

KeePass is a free, open-source password manager that helps users to manage passwords in a secure way. Keepass stores all passwords in one database that is locked with a single master key. This database is encrypted using extremely secure encryption algorithms.

4. POF

POF is mainly used for monitoring the network without generating additional data traffic. It can be used for detecting host operating systems in a network, as well as creating probes, lookups, queries, and more as additional functions.

5. Nikto

Nikto is an open-source vulnerability scanner that provides additional vulnerability scanning specific to web servers. It performs checks for 6400 potentially dangerous files and scripts, 1200 outdated server versions, and nearly 300 version-specific problems on web servers.

Source: Jigsaw

Does cyber security require coding?

If you are looking for entry-level cyber security jobs, coding skills are not necessarily required. However, for mid-level and upper-level cyber security positions, being able to write and understand code will be a must.

To mitigate cyberattacks, more advanced technologies such as Artificial Intelligence (AI) and Machine Learning (ML) have been applied to cyber security practices. Therefore, if cyber security interests you, you might consider taking some coding courses to strengthen your knowledge.

Preface’s Web Developer course is well recognised by many leading companies including JP Morgan, Cathay Pacific and Adidas. It is a beginner-friendly program with an aim to give learners a concrete base in both front-end (HTML & CSS) and backend (Python in Django) development. By taking a step-by-step teaching approach and comprehensive exercises, quizzes and assignments, students are expected to master coding and programming techniques and apply them to various actual business use cases accordingly.

Preface has successfully offered top-tier coding education to over 6,000 graduates since 2015. This course goes through the entire data science process such as APIs, matrix factorisation and cross-validation methods. The tutor will then move from basic knowledge to more advanced concepts like machine learning and algorithms for predictive analysis, which is closely related to cyber security applications.

Source: Startacybercareer, CIOinsight

Cyber security Law in HK

When it comes to cyber-related offences, the Hong Kong Police Force (HKPF) is the key enforcement authority. HKPF has a division called Cyber Security and Technology Crime Bureau dedicated to handling cyber security issues, its job duties include carrying out cybercrime and technology crime investigations, computer forensic examinations and prevention of technology crime.

Hong Kong is also the first Asian jurisdiction to enact comprehensive personal data privacy legislation. From a business perspective, the key compliance framework to follow is the Personal Data (Privacy) Ordinance (PDPO), which clearly states that all organisations that collect, hold, process or use personal data must comply with the specific data protection principles, or else might lead to a fine of HK$1 million and imprisonment for five years.

Source: The Law Society of Hong Kong, Allen & Overy

Cyber security resilience

Last but not least, you need to know about cyber resilience.

Cyber resilience is the ability to prepare for, respond to and recover from cyber threats. A cyber-resilient organisation is able to adapt to both known and unknown crises, attacks, adversities and challenges.

Both cyber security and cyber resilience are vital strategies to protect a company’s assets and keep customers’ sensitive data secure. In a nutshell, the former refers to a company’s ability to protect against and avoid the increasing threat from cybercrime, whereas the latter describes a company’s ability to mitigate damage and carry on once systems or data have been compromised.

Source: World Economic Forum

Want to keep up with the tech-driven future? Check out Preface Coding Event for our latest Tech Seminars and Coding Workshops to stay relevant! Come enjoy the exquisite beverage selection from Preface Coffee & Wine while updating yourself with the most up-to-date knowledge!

Related Posts
BAYC Ryder Ripps

Bored Ape Yacht Club製作團隊Yuga Labs提商標訴訟 起訴藝術家Ryder Ripps未經許可出售BAYC相關模仿作品

Bored Ape Yacht Club製作公司Yuga Labs向藝術家Ryder Ripps提商標訴訟,指他由2022年5月開始以BAYC 商標製作 Yuga Labs 旗下 BAYC NFT 的「精良複製品」,並以使用相同的商標銷售和推廣 RR/BAYC NFT 系列或相關產品。另一邊廂,Ryder Ripps反指BAYC的猿人圖像帶有納粹意識,又有針對有色人種的種族主義。Preface一文解釋這將在美國加州地區法院上演的商標訴訟戲碼!
Read More