Cybersecurity Vs Cyber Crime
In today’s world organisations
relay on cyber security techniques to protect their data, assets and people in a
nutshell providing confidentiality, integrity and availability. It does not stop there as technology evolves more
and more devices are being connected to the internet so too does new threats
evolve and become more sophisticated.
Organisations need to align security with
their business objectives if they want to stay in business as cybercrimes incidents
are on the increase daily. NSA whistle blower and CIA contractor Edward Snowden
revealed in an article in SC Magazine that 660 000 internal security
breaches occurred in 2013 in the USA. Cyber security must become a way of life
in all organisations and every employee must play his or her part in becoming
cyber smart.
Organisations will have to be a
step ahead of individuals who are trying to steal, destroy or modify their data
by having trained individuals to perform the following:
- Awareness Training
- Risk Assessments
- Vulnerability Assessments
- Penetration Testing
Access Control plays an important
part in the safe keeping/protection of the organisations assets, data and
people as it provides restrictions to who can have access by performing
identification (username), authentication (passwords), authorisation (what can
a user access) and accountability (monitoring user) .
- Place (Physical Access Control - entry to Data centre) – Access can be controlled via swipe cards. In restricted areas a two-factor authentication system can be used eg. Smartcard with pin.
- Resource (Electronic Access Control - sensitive data on network) – Role based access control (RBAC) is a control to restricting system access to authorized users.
No comments:
Post a Comment