A world without cybersecurity
WITH the world becoming more dependent on technology, many are at risk of being exposed to cyberattacks.
Without us noticing, cybercriminals easily access our information, data and private accounts via devices that we use daily, such as smartphones, desktops and laptops.
There is no doubt that cybersecurity is our main shield against these threats.
But have we ever wondered what the world would look like without it?
CRITICAL ROLE
Cybercriminals often attack in multiple ways, including identity theft, phishing schemes, data breaches, and ransomware.
According to Kaspersky Global Research & Analysis Team for the Asia-Pacific director, Vitaly Kamluk, cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks.
“Cybersecurity has become a priority for businesses and consumers. As the global threat continues to evolve rapidly, there is a rising number of data breaches every year.
“In general, medical services, retailers and public entities often experience the most breaches. More of these sectors are becoming increasingly appealing to malicious cybercriminals as they collect financial and medical data,” he said at the recent Kaspersky APAC Cyber Security Weekend in Phuket, Thailand.
He said due to the growing numbers, businesses would continue to invest in cybersecurity solutions and the government would keep guiding them and the public on effective cybersecurity practices.
“With cybersecurity being complicated in nature, the measures would take a long time and more efforts are needed to implement them.
“But with cybersecurity in place, all forms of cyberattack are reducible, thus defending us from malware and phishing schemes and protecting our privacy processing incoming and outgoing data on our devices.
“One could also browse the web safely, enjoy safer online banking services and the list goes on,” Kamluk added.
WITHOUT CYBERSECURITY
Cybersecurity may not offer complete protection against cyberattacks, but Kamluk explained that a world without it offered criminals easy access to our data.
“With no encryption, privacy, secrecy, access control or integrity validation, the world is bound to end.”
“No encryption or secrecy means your banking cards and account credentials from online services are exposed to malicious users. Thieves will know your income, savings amount, the property you own, and your travel plans. Cyberbullies, marketing agencies, and insurance companies will know about your health issues,” he explained.
He added that without access control, electronic voting, election results and surveys can be rigged.
Anyone can claim to be you online and make deals, purchases or even money transfers. Furthermore, media product theft and denial of service could cause online businesses to go bankrupt.
And without integrity validation, anyone can install a back door in any digital system; anything can be faked and it would be hard to uncover fake news or misinformation.
“Users can reduce the risk by leveraging the security we have today and understand how it monetises, how it helps our business, etc.
“Everything that goes out to the Internet is no longer yours, so be careful with what you share. Today, cybersecurity is often an invisible part of our life which we take for granted, but we owe it for almost everything we have achieved as a civilisation,” said Kamluk.
PROTECTING DATA
Let’s not forget how the Covid-19 pandemic has not only accelerated the pace of digitalisation but also increased the number of ransomware attacks on organisations.
Kaspersky Asia-Pacific director and Global Sales and Network vice-president, Chris Connell, said there was a wider attack surface that cybercriminals could exploit on the enterprise side.
“Companies and organisations should look into building internal or external incident detection and response capabilities.
“We encourage incorporating real-time threat intelligence reports and data feeds to empower them with the capability to foresee and predict attacks,” he said.
“We see that while a lot of Malaysians are aware of the threats, they are not acting on them. So now we have to go beyond awareness and start securing our mobile devices,” said Connell.
To understand how security solutions aid us with data protection, Kamluk listed the functionality of each type of security.
They are Network security (for securing a computer network from intruders), Application security (keeping software and devices free of threats), Information security (for integrity and privacy of data), Operational security (processes and decisions for handling and protecting data assets), Disaster recovery and business continuity (company responds to a cybersecurity incident or any other event that causes the loss of operations or data) and End-user education (which addresses the most unpredictable cybersecurity factor — people).
WHAT COMPANIES SHOULD DO
Kaspersky suggested that companies and organisations follow a few steps recommended by their elite security researcher.
Firstly, companies should provide staff with basic cybersecurity hygiene training and start using protection solutions like Kaspersky Managed Detection and Response that continuously hunt, detect and respond to threats targeting businesses.
Besides adopting measures like password protection, encrypting work devices and ensuring that data is backed up, staff must keep work devices physically safe and use strong passwords as well as encryption software to boost security.
NST