The Start of Cybersecurity
In the early seventies, Robert (Bob) Thomas was a researcher for BBN Technologies in Cambridge, Massachusetts.
Thomas realized that a computer program can move across a network leaving a small trail wherever it went. So, he created the first computer “worm” which he named Creeper. It could replicate itself over multiple computer systems. Thomas designed it to travel between Tenex terminals (DEC PDD-10 computers) on the early ARPANET, with the message, “I’M THE CREEPER: CATCH ME IF YOU CAN.”
Ray Tomlinson, the inventor of email was also working for BBN Technologies at the time. He, in turn, created the first antivirus, Reaper, a program that could replicate itself while moving through a network of computers and, it thus, found copies of Creeper. The Reaper solution would simply log Creeper out of the system.
After the creation of Creeper and Reaper, cybercrime in many forms became more rampant as computer hardware and software continued to evolve.
As software development and protection methods progress, hackers continue to find vulnerabilities in them, and so, cybercrime has evolved in parallel.
Today, technology is no longer limited to just simple hardware and software. Most modern organizations make use of the Internet of Things (IoT), data analytics, blockchain and mobile computing. All these provide an easier and more seamless way to conduct business every day.
As technology continues to improve workflow and business processes, cybercriminals are also improving their methods of attack. Needless to say, businesses have proven to be their main priority.
According to McAfee’s 2017 State of Cloud Adoption and Security report, 93% of organizations utilize cloud services in some form [based on a survey of more than 2,000 cloud security professionals]. Of these, 74% reported storing some or all of their sensitive data in public clouds.
However, the report also indicates that 52% of security experts say that there is a likelihood of getting a malware infection from a cloud app. In addition, 49% of survey respondents said, they had slowed their adoption of cloud usage due to a lack of cybersecurity skills.
The volume of data going through various networks all over the world continues to increase and if not safeguarded could cost organizations tens of thousands to millions of dollars.
In the early days of the cybersecurity industry, the inherent vulnerabilities in these networks were not easily exploited, but with time, hacking skills and resulting damage has boomed.
Since protecting access to an organization’s systems and data by securing its network perimeter is no longer enough, a company has no choice but to be more proactive in its cybersecurity measures. This starts with its core security practices and here is a sample of how that looks:
Cybersecurity Best Practices
1. All data in transit and at rest should be encrypted
Since cybercriminals have continued to develop various methods of compromising systems and stealing data in previous attacks on small and large businesses, it is imperative that both data in transit and at rest should be protected.
Instead of relying on reactive security for protection of sensitive company and/or customer data, use proactive measures such as identifying at-risk data and implementing effective data protection for both data at rest and in transit.
2. Always use two-factor authentication
Using a password for logging on to online accounts used to be a good security measure. However, nowadays, a password has been proven to be the weakest form of security. How many times have you heard news about passwords being stolen electronically or through social engineering? Hackers can easily guess passwords and passwords can be captured by the hardware of software keyloggers.
3. Applications should have embedded security controls by default
Instead of asking users to opt in with regard to security, security features should be built into apps in advance, and set at the highest level of protection.
4. Perform routine system back-ups.
5. Immediate updating of company systems with any new developer patches and software updates.
6. Research and consider proactive security management systems using advanced technologies such as:
- Behavioral analytics
- Continuous risk assessment reporting
- Automated IP blocking based on real-time threat data
- Incident response and remediation service contracts
7. Consider seeking a professional asset and risk assessment [including a penetration test] performed by a respected cybersecurity company.
The responsibility for cybersecurity of today’s organizations is typically an IT team, and hopefully a cybersecurity team, whether in-house or third-party. Their scope in securing the company networks needs to be more proactive as traditional network-perimeter security becomes more vulnerable.
Netswitch provides advanced cybersecurity solutions to many types of organizations in keeping your company data safe from cyberattacks. Let us assist you in helping you create a cybersecurity strategy that will fit your requirements. Please contact us.
The post Cybersecurity Evolution and its Importance in the Digital Age appeared first on Netswitch Technology Management.
This is a Security Bloggers Network syndicated blog post authored by Press Release. Read the original post at: News and Views – Netswitch Technology Management