• Greenbone Cloud Service TRIAL
  • Greenbone Enterprise TRIAL
  • Buy Here
  • Contact
  • Blog
  • Deutsch Deutsch German de
  • English English English en
Greenbone
  • Products
    • Hardware Appliances
      • Greenbone Enterprise 6500
      • Greenbone Enterprise 5400
      • Greenbone Enterprise 650
      • Greenbone Enterprise 600
      • Greenbone Enterprise 450
      • Greenbone Enterprise 400
      • Greenbone Enterprise 150
      • Greenbone Enterprise 35
    • Virtual Appliances
      • Greenbone Enterprise EXA
      • Greenbone Enterprise PETA
      • Greenbone Enterprise TERA
      • Greenbone Enterprise DECA
      • Greenbone Enterprise CENO
      • Greenbone Enterprise 25V
    • Greenbone Cloud Service
    • Technology
      • Feed Comparison
      • Product Comparison
      • Roadmap & Lifecycle
  • Cyber Resilience
    • Vulnerability Management
    • The Vulnerability Timeline
    • Cyber Defense Security
  • Customer Services
    • Technical Support
    • Self-Learning Courses
    • Documents
  • About Greenbone
    • Contact
    • Careers
    • Media Contact
  • Search
  • Menu Menu

Cyber Defense Security

In order to run and maintain a company safely these days, a comprehensive cyber defense strategy is a must have these days. Its goal is to stave off industrial espionage, data-leaks and reputational loss, protecting customers, employees and the company itself. In light of the ever changing and evolving attack strategies, it seems impossible to be prepared on every angle and for all potential attacks. In order to make your IT-systems resilient to attacks from hackers, a conjunction of preventive and reactive measures is in order, complete with constant surveillance and mitigation of vulnerabilities.

What is Cyber Security?

While attackers often require little more than a couple of weaknesses, defenders need to find and seal off all vulnerabilities in their system in order to stay safe. Cyber security can be understood as the essential and continuous process of preventing the emergence of weaknesses, coverage of existing vulnerabilities and mitigation of threats posed by successful attacks. This sets the foundation for safety and entrepreneurial growth in the information age.

Cyber defense starts at the level of training employees to avoid spam- and phishing-mails, which are often used by attackers to build in backdoors to your IT-systems, and ideally spans the entire company structure to ensure security at every level. To achieve company-wide cyber defense security, it is vital to align workflows and operation cycles with cyber security practices. More on IT-security here.

Means of Cyber Security

There are lots of starting points for cyber defense security. Arguably the most important one is recognizing humans as an inherent weakness in every system. After all, phishing is one of the most prominent vectors for attack used by cyber criminals. Educating and sensitizing employees and leadership alike and putting down clear guidelines goes a long way. Additional common setscrews for cyber defense security include:

  • Data encryption (VPN)
  • Implementing multi-factor authentication
  • Dynamic detection and sealing of vulnerabilities
  • Pursuit and deception of registered attackers (honeypots)
  • Alignment of business structures and cyber-security architecture

and, of course, vulnerability & compliance management. This means operating as a moving target to dodge attacks preemptively, continuously running penetration- and vulnerability-tests and using the knowledge gained to update and harden your systems; the so called vulnerability management cycle.

Seems logical? Greenbone has conducted a study revealing that barely a third of all businesses in the sector of critical infrastructure abide by best practices in cyber-resilience. You can find the core takeaways of our study in this executive summary.

What types of cyber-threats are out there?

In defense cyber security threats are lingering around every corner. Here is a short summary of the most important threats you need to keep your eyes peeled for:

Spam/Phishing

Employees without decent IT-expertise – experientially the majority – are prone to fall for fake e-mails from the elusive system administrators, giving away login-data or unknowingly installing malware from harmless looking links.

Malware (Spyware, Ransomware, Viruses)

Inexperienced users permanently run the risk of infecting their systems infected with malware when browsing the web. Seemingly innocuous links or websites are often the source of lingering threats. There are also known cases of infectious software being loaded off of peer-to-peer-services or free software-download-bundles.

Botnets

Infected devices can sometimes be puppeteered by nefarious actors to run code in the background without the owner ever noticing. Banding together, infected machines turn into so called bot nets with immense cumulative which can, for example, be used for DdoS-attacks. To identify the source of such an attack is almost impossible due to the distributed nature of the attack across many attacking systems.

(Distributed) Denial of Service (DoS/DdoS)

In a so called Denial of Service attack a system is flooded with queries until it slows down and eventually crashes. Attackers often use DoS attacks in order to launch the real attack during the system downtime in order to go unnoticed. DdoS attacks indicate a distributed origin of the attack, for example by having a bot-net flood the attacked system.

Arbitrary Code Execution (SQL/JNDI)

Security flaws in data base structures like SQL lend themselves to hackers by unintentionally allowing the execution of code injected into the database from, for example, a search-query. A recent and well known example of this is “logj4”.

Man in the Middle (MITM)

Man in the middle is the interception of confidential data by infiltrating a private electronic communication of two or more parties. In many cases, the attacker will disguise as one or even all of the other parties involved. This way they gain access to confidential information and can sometimes even manipulate data without being noticed.

Defense Cyber Security with Greenbone

  • Greenbone Cloud Service TRIAL

    Launch your first vulnerability test – right now, for free, no installation required!

  • Greenbone Selflearning Courses

    No one is born an expert in cyber defense – study up with us!

    Selflearning Kurs

  • Greenbone Enterprise TRIAL

    Vulnerability Management of the highest caliber – try now!

Who should be concerned about Cyber Attacks?

Only large companies fall victim to cyber attacks? A common misconception. We put together a list of the most juicy targets for cyber criminals:

Civilians

No one is safe from cyber attacks. As we have learned, a botnet grows stronger the more infected assets lend their computational strength to it, putting a target on the machines of careless civilians. The tricky thing: Usually the malware is very small in size and buries itself deep down in the system’s source code, never to be noticed by the owner.

SMB

Depending on the source, 40-70% of all cyber attacks target small and medium-sized businesses (SMB), which often – because of their relatively small size – do not see themselves as a potential target. From an attackers point of view though, SMBs are easy targets rich with sensible client data. About 50% of all SMBs become targets of cyber attacks at some point, with 60% of successful attacks leading to the downfall of the victim.

Big Player

It goes without saying that no one is too big to become a target: Government, military and critical infrastructure regularly get attacked for political and ideological reasons, while finance firms promise profits to cyber criminals. Health organizations are interesting because of the hoards of sensible data they hold and large corporations combine it all: Money, data, and due to their social prominence, special allure for hacktivists.

Why is defense Cyber Security important?

The importance of defense cyber security can not be understated, as every user could be a potential target. Cyber security comprises measures of IT-security, information security and data security in the entire cyber-space. It protects government- and industry data, personal data, health data and intellectual property.

Since the start of the digitization, a large range of processes has become reliant on data processing and can therefore be incapacitated by hackers. Additionally, the increasing interconnectedness of our systems increases the potency of “infectious” viruses. And on top of it all many service providers are transitioning to cloud computing – and negligently implemented cloud-solutions increase the risk substantially. Yearly global damages due to cyber attacks are in the quadrillions.

What damages are caused by Cyber Attacks?

The fallout of cyber attacks can be devastating. Not only for the individual, but for entire societies. Attacks on critical infrastructure can cause outages in the supply of water and power, breakdowns of supply chains and financial transactions and – in case of attacks on e.g. hospitals – even deaths.

In 2021, cyber crime has caused damages north of 6% of the global GDP and rising – currently at a staggering growth rate of 15% per year. Personal data is misused for identity theft and to open bank accounts, botnets impair the computing power of personal machines and potentially implicate unwitting users in criminal attacks.

What does the future of Cyber Security look like?

New threats, new cyber security measures – this interplay has already accelerated enormously in recent years. Where do we go from here? What does the future hold for cyber security?

More automation

With daily new threats on the horizon, speedy data analysis is essential – to an extent that can no longer be covered by humans alone. The inevitable solution: Automation – enabling faster and more efficient sequencing of vast amounts of threat data and snappy, more precise reactions to attacks. In fact, assuming that automation will be the norm is not a daring prognosis at all.

Bigger focus on cloud computing

Cloud computing is the future – with more and more enterprises adapting their IT-structure to run off the cloud. Despite all of its advantages, cloud solutions also introduce new attack vectors in the cyber security landscape, opening new doors to hackers. But the means of cyber security providers are also expanding to cover these new attack surfaces as swiftly as possible.

Better cyber security for remote work

It is becoming clear that the corona pandemic has mage a lasting impact on the way we work. While in 2020 most businesses still stood in opposition to home office and remote work both models have established themselves as the norm these days – with some sectors relying entirely on these solutions. Convenient for employers and employees, reducing the need for dedicated workplaces and dropping commute substantially, but less advantageous in terms of cyber security. While cyber security incidents can be detected and dealt with swiftly on prem, handling incidents in home offices or even abroad proves slower and more difficult. Cyber security providers are likely to devise dedicated strategies for this in the future.

Table of contents

  • Cyber Defense Security
  • What is Defense Cyber Security?
  • Means of Defense Cyber Security
  • What types of cyber-threats are out there?
  • Defense Cyber Security with Greenbone
  • Who should be concerned about Cyber Attacks?
  • Why is Defense Cyber Security important?
  • What damages are caused by Cyber Attacks?
  • What does the future of Cyber Security look like?

You want to test the Greenbone solution?

Test Now

Products & Solutions

  • Hardware Appliances
  • Virtual Appliances
  • Greenbone Cloud Service
  • Open Source Vulnerability Management
  • Buy Here
ISO9001EN

Service & Support

  • Customer Services
  • FAQ
  • Documents
  • Warranty
  • Test Here
ISO27001EN

About us

  • About Greenbone
  • Blog
  • License information
  • Privacy Statement
  • Terms & Conditions

Contact with us

  • Contact
  • Product Request
  • Careers
  • Partners
  • Security Response Team
  • Imprint

Community

  • Community Portal
  • Community Forum
© Copyright - Greenbone AG 2020-2023
  • LinkedIn
  • Mail
Scroll to top

This site is only using technically necessary cookies. By continuing to browse the site, you are agreeing to use this cookies.

Accept CookiesPrivacy policy

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Datenschutzerklärung
Einstellungen akzeptierenVerberge nur die Benachrichtigung
  • Deutsch
  • English