Set up a Process
We’ll be happy to help you set up your own vulnerability management process. It will be tailored to your systems, structures and requirements.
IT Security, Cyber Security or Internet Security: all these terms seem similar, however, there are subtle differences. Generally, IT Security is defined as the protection of IT systems against damage and risks. This counts for single files to computers, networks and cloud services to whole data centers. Cyber Security extends IT Security to the overall cyber space. As most systems are connected to the Internet nowadays, IT Security and Cyber Security are often used interchangeably. IT Security and Cyber Security cover all technical and organizational measures to defend systems from cyber attacks and other threats. This includes access controls, cryptography, rights management, firewalls, proxies, virus scanners, vulnerability management and much more. The term Internet Security is specifically related to the protection against dangers from the Internet.
IT Security and Cyber Security for air traffic control – @ teerapon – #270249456 – stock.adobe.com
Often, IT Security and Information Security are used interchangeably. However, strictly speaking, IT Security is only a partial aspect of Information Security. While IT Security is focused on the protection of technical systems, Information Security comprises the preservation of information in general. This information can also exist on non-technical systems such as paper. The protection goals of Information Security are to ensure the confidentiality, integrity and availability of information. For example, suitable measures can be found in the internationally valid ISO/IEC-27000 series of standards. In Germany, the IT-Grundschutz of the Federal Office for Information Security (BSI) serves as a guideline for Information Security. An important component is the establishment of an Information Security Management System (ISMS). For this reason Greenbone is both certified for its ISMS (ISO 27001) and Quality Management (ISO9000) with the certs.
More about: https://www.greenbone.net/en/iso-certification/
Information Security for protecting sensitive patient data – @ nimon_t – #87948311 – stock.adobe.com
Data Security has the aim to secure the confidentiality, integrity and availability of data. In contrast to data protection, it is not restricted to personal data but includes all data. Confidentiality means only authorized individuals are able to access the data. Integrity means the data was not manipulated or damaged. The availability refers to the fact that the data can be used when it is needed. To establish Data Security, different technical and organizational measures are required, e.g., access controls, cryptography or redundant storage systems.
An Information Security Management System (ISMS) is not a technical system but defines rules and methods for ensuring, checking and continuously improving Information Security. Amongst other things, this includes the determination and evaluation of risks, the specification of security goals as well as a clear definition and documentation of responsibilities, communication channels and processes. The requirements for an ISMS are regulated in the ISO27001 standard. An ISMS is an important component for a comprehensive IT security concept.
Systems for Information Security can serve the central control of rail transport – @ chungking – #70423572 – stock.adobe.com
Cyber Resilience is understood as the ability of a company or an organization to maintain its business processes despite adverse cyber circumstances. These can be cyber attacks but also unintentional obstacles such as a failed software update or human error. Cyber Resilience is a comprehensive concept exceeding IT Security. It combines the areas Information Security, business continuity and organizational resilience. To achieve a state of Cyber Resilience, it is important to identify vulnerabilities at an early stage, to prioritize them economically and to remove them.
IT is a central element of each company and forms the base for almost all business processes. Without it, nearly nothing works anymore. In the worst case, IT disruptions can stop the whole business leading to huge economical and reputational damages. Hence, it is essential for companies to secure their IT systems and protect them against cyber risks and cyber attacks. More linkage leads to a larger attack surface as well. Each linked device is a potential gateway for cyber criminals increasing the risk for being attacked.
IT Security for ensuring digital linkage – @ Sashkin – #195865436 – stock.adobe.com
Information is one oft the most valuable company goods. Nowadays, it is mostly present as digital data within IT systems where it is stored, transported and processed. However, it can also be put down on paper or passed on verbally. If information is lost, stolen, manipulated or no longer usable, existence-threatening effects can be the consequence for companies. For this reason, it is important to take care of an adequate Information Security to ensure information confidentiality, integrity and availability.
If the availability, confidentiality and integrity of information is affected, serious consequences may be the result. For example, due to an attack sensitive data can fall into the wrong hands – whether personal data or business secrets. Hackers are able to carry out industrial espionage, steal the identities of individuals, abuse credit card information and much more. The manipulation of data can lead to incorrect transactions, production errors or wrong analysis results. If data is not available, business processes that rely on data processing are affected as well. In such cases, orders cannot be placed or production machines stop.
Cyber criminals are a constant threat to IT Security – @ Gorodenkoff – #164586542 – stock.adobe.com
Cyber criminals develop new attack methods constantly and become smarter. Nowadays, they are usually organized professionally and work with the latest technology. Thus, IT Security is a permanent race against growing threats.
Common attack methods are:
This refers to targeted cyber attacks that are adjusted to chosen victims or victim groups and work with advanced methods. Attackers gain permanent access to a network and then expand this access to other systems. To do so, cyber criminals often implant malware.
The term “malware” includes all types of computer programs that run undesirable or harmful operations on a system, e.g., viruses, worms and Trojan.
Ransomware is malware that encrypts a system and only enables access to the data again if the victim pays a ransom. This type of malware has become particularly popular in the recent years. Known examples are the cypto Trojans WannaCry and Petya. Common distribution channels for ransomware are spam mails, phishing and drive-by exploits. The latter take advantage of vulnerabilities in browsers, browser plug-ins or operating systems.
Spam describes undesirable e-mails and is a popular method to distribute malware. Phishing e-mails are a special type of spam. They should convince a user to carry out a certain action – for example, revealing login data or installing malware.
Cyber criminals integrate foreign computer systems in botnets – an amalgamation of compromised PCs they can control remotely like robots and misuse for their purposes. For that, the computers are infected with malware. A popular field of applications for botnets are Distributed Denial of Service attacks (DDoS).
Visualization of a computer network – @ your123 – #270047769 – stock.adobe.com
Distributed Denial of Service attacks intend to paralyze a service or server. Mostly this happens by hackers sending vast amounts of requests to the server via a botnet, overloading the server and making it inoperative.
Cyber criminals often exploit vulnerabilities in software or hardware for their attacks. Thus, it is significant for IT Security, to recognize and eliminate such vulnerabilities. For example, an important measure is installing up-to-date updates and patches to close security holes.
To minimize IT risks and to provide IT Security, companies have to introduce both technical and organizational measures. First of all, a process and vulnerability analysis is important. It serves to identify which processes are particularly essential for the company, which vulnerabilities exist, how likely the vulnerabilities are exploited and which damage this may cause. It will never be possible to eradicate all IT risks. Instead, a good risk management is required. Companies have to evaluate risks and reduce them according to their priority.
IT Security at the German Bundeswehr – @ Gorodenkoff – #161860908 – stock.adobe.com
IT Security and Information Security are not only a matter of technology. In fact, humans are the biggest vulnerability. Cyber criminals take advantage of this, for example by gaining network or system access using social engineering or phishing. For this reason it is important to train employees and to sensitize them for IT risks and IT Security. Online trainings with interactive exercises are advisable. Employees are able to carry out those trainings independently at any desired time and receive direct feedback due to the interactive components. In this way, a fast learning effect is achieved.
Data plays a key role for a successful digital transformation. Based on data, companies are able to gain knowledge, derive action recommendations and develop new business models. The ability to collect and evaluate data and to use it correctly is significant for success. Because of this, it is essential for companies to protect the confidentiality, integrity and availability of their data.
IT Security in control centers – @ Gorodenkoff – #184811629 – stock.adobe.com
Considering the growing threat situation, companies have to strive for sustainable Cyber Resilience. This means preventing attacks if possible, reacting fast in case of a security incident and maintaining business operations without larger damage. To gain Cyber Resilience, companies have to take suitable technical and organizational actions, e.g., hardening the company IT and reducing the attack surface.
Cyber Resilience includes Cyber Security, but goes even further. While Cyber Security mostly concentrates on technical measures, Cyber Resilience is a comprehensive, more strategically oriented concept. In the past, Cyber Security was usually oriented reactively. Nowadays, this is not sufficient anymore. Companies have to face IT risks preventively. A paradigm shift is necessary – from Cyber Security to Cyber Resilience.
The steps leading to Cyber Resilience start with a risk management. Companies have to evaluate and prioritize IT risks they want to protect themselves against by all means or they may accept. IT risks can never be eliminated completely because protection measures have to be considered against the background of economic efficiency and must not disrupt running business operations. Building a large barrier around IT would not be useful and affect the flexibility. IT risks have to be managed instead.
The IT risk management base is an analysis of the business processes and their vulnerabilities. Which are the most important assets of a company, what damage could an attack cause to these assets and how likely is such an attack? A risk evaluation with the levels low, medium and high results from the relation between possible damage and probability of occurrence. Companies should now prioritize and reduce the risks according to the rating.
Compliance management comes with a good risk management. Compliance is understood as the observance of rules. These can be legal requirements, ethical principles or corporate regulations. Compliance violation is a risk companies have to take into account when carrying out the risk management. The introduction of a Compliance Management Systems (CMS) is recommended. It defines processes, measures and structures to ensure compliance observance.
We’ll be happy to help you set up your own vulnerability management process. It will be tailored to your systems, structures and requirements.
You want to test the Greenbone solution?
Or do you wish to talk personally? We are there for you. Get in contact with us or leave your contact data, so that we are able to reach you as soon as possible.
Be a part of our community and participate in exciting debates.
Also visit our blog and do not miss any news.