Cybersecurity is a broadly used term, whose definitions are highly variable, often subjective, and at times, uninformative. The absence of a concise, broadly acceptable definition that captures the multidimensionality of cybersecurity impedes technological and scientific advancement by reinforcing the predominantly technical view of cybersecurity while separating disciplines that should be acting in concert to resolve complex cybersecurity challenges. In conjunction with an in-depth literature review, we led multiple discussions on cybersecurity with a diverse group of practitioners, academics, and graduate students to examine multiple perspectives of what should be included in a definition of cybersecurity.

In this article we propose a resulting new definition: "Cybersecurity is the organization and collection of resources, processes, and structures used to protect cyberspace and cyberspace-enabled systems from occurrences that misalign de jure from de facto property rights." Articulating a concise, inclusive, meaningful, and unifying definition will enable an enhanced and enriched focus on interdisciplinary cybersecurity dialectics and thereby will influence the approaches of academia, industry, and government and non-governmental organizations to cybersecurity challenge

The cyber security implications of COVID-19

The COVID-19 pandemic is an immense humanitarian crisis that has also severely affected the global economy. The rapid and unexpectedly broad disruption to businesses around the world has left companies struggling to maintain security and business continuity.

As organizations have shifted to remote working to protect their workers while continuing to server their customer, they have moved the majority of their activities to the digital world – increasing the risk of cyberattacks. The challenge, how to secure new remote working practices while ensuring critical business function are operating without interruption, and how to keep the organization protected from attackers exploiting the uncertainty of the situation. COVID-19 has changed our way of working and intensified insider risks and we need to make sure that we are following practices for managing insider threats;

• Document changes to you controls
• Recalibrate your models and tooling
• Watch the holes in you filter
• Be prepared to run forensics remotely
• Keep the human touch
• Pay attention to the behavior the matters
• Put your security operations on guard

Top five Cyber Risks

There is a common misconception that small businesses are rarely a target of cyberattacks because of their smaller size and lack of valuable data. However, any information stored on your systems might be interesting to criminals. Here are the current top five cyber threats that you should be aware of.

1. Ransomware

This is a form of malware that attempts to encrypt your data and then extort a ransom to release a unlock code. Most ransomware is delivered via malicious email. Follow these key steps to protect you company.

• Staff awareness: staff should be wary of unsolicited emails, particularly those that ask for a prompt response
• Malware protection: install and maintain good anti-virus and malware protection up to date
• Software updates: keep your applications up to date
• Data backups: a series of well managed data backups will allow you to recover from an unencrypted version of a file. Make sure you regularly test your backups.

2. Phishing

Phishing is an attempt to gain sensitive information while posing as a trustworthy contact, for example a bank or online service. Spear phishing is a highly targeted attempt to gain information from an individual. Phishing emails may look completely convincing, often with faultless wording and genuine logos. There is a form of spear phishing, where a fake email from a CEO applies pressure on a CFO into making an urgent payment, this has become known as Whaling. It is worth considering ways to add additional safeguards to protect the identity of CEOs and CFOs to prevent impersonation. Here are a few steps you can use to protect yourself.

• Keep in mind that companies simply do not ask for sensitive information
• Be suspicious of unexpected emails
• Make use of anti-malware software
• Make sure you have spam filters turned on. Check the regularly in case they have accidentally trapped an innocent email.

3. Data leakage

While cyber security in the office may seem challenging, it is essential to understand that security extends well beyond the office these days. The use of smart phones and tablets has become widespread. The ubiquitous and cheap nature of portable storage devices makes them a useful tool for the backup and transportation of data. Those features mean they are also a target for data thieves. The following pointers provide useful first steps to prevent data leaking from your organization.

• Ensure mobile devices have passcode locks
• Turn on the tracking by GPS and the option to remotely wipe the device if it is lost
• The use of encryption software is highly recommended when using portable storage devices
• Keep an eye on your mobile devices and paperwork at all times. A large proportion of crime is opportunistic, taking your eye off your briefcase or smart device could result in a serious loss of data.

4. Hacking

Gaining access to IT systems from outside an organization still offers rich pickings for criminals. Traditionally they have attempted to gain access to bank account information or credit card databases. However, intellectual property is another source of value. The use of social engineering, tricking staff into revealing user names and passwords, remains a threat.

5. Insider threat

If your organization employs staff (full time or as contractors), there is a possibility they could leak data by mistake or maliciously. The potential damage from a leak of documents cannot be underestimated. Use these tips to mitigate the size of any data leak.

• Educate your team to be alert to issues and minimize careless mistakes
• Limit how much data staff has access to. The principle of ‘least privilege access should apply to all IT systems. Only provide staff with the minimum access they need to do their roles
• Control the use of portable storage devices, such as USB memory keys, portable hard drives and media players
• Consider using applications in certain situations to monitor staff behavior − who copies what.

In all these areas it is key to remember that alongside technology, well-developed processes, procedures and staff training go a long way to protecting your valuable data. For example, if someone leaves your employment, make sure you remove their access. The reality today is that you should protect your digital assets with the same vigilance as you do when locking your office door at the end of the day.

Kosbit can help, detect, and prevent cyber attacks

For Kosbit’s team of network security engineers, security is priority one for any network system, especially since dependency on network infrastructures has grown over the past few decades. Kosbit’s security system provides an integrated layer within your infrastructure. Whether you need to protect you data center, applications, or networks, you have to have all the possibilities covered. Our integrated security layer is the answer you need to provide to the best protection when threats attack. Kosbit provide the best IT outsourcing services. Kosbit is Cyber Essentials Certified organization. Our managed cyber security services will help protect you ICT systems, minimize data theft, and safeguard your critical business data end-users from internal and external threats.

Conclusion Technology is destructive only in the hands of people who do not realize that they are one and the same process as the universe. Cybercrime is indeed getting the recognition it deserves. However, it is not going to restricted that easily. In fact, its is highly likely that cybercrime and its hackers will continue developing and upgrading to stay ahead of the law. So, to stay safe we need cyber security.