RON FRECHETTE, The Cyber Guy
Last month we discussed the importance of implementing good cybersecurity health practices in 2018. We provided a cyber-health checklist which I'm hopeful most of our readers are working towards completing. Based on what cybersecurity experts are predicting we will see from cyber criminals in 2018, I strongly encourage revisiting last month's lesson. We will be writing more about the latest security threats in the months ahead to keep you ahead of the game.
Our objective this month is to provide a visual perspective of what our online presence looks like in cyberspace. In the IT security industry, we refer to a person or company's online presence as a digital footprint.
There are billions of digital footprints in cyberspace. Each time you hit the send button on a digital device, your IP address launches packets of data into cyberspace. These data packets travel at lightning speed to other digital footprints that you have selected to send. This could be an email, paying a bill online, sending a client an agreement, or conducting some on-line banking.
The digital footprints we interact with depend on our personal and professional affiliations. They vary widely in size depending on a person or company's internet presence. For instance, the IRS and Amazon have extremely large digital footprints, whereas a local business would be much smaller.
Let's analyze the components of a digital footprint.
The circle represents our security perimeter. This is where we put security controls in place to reduce the risk of our sensitive information from being compromised. The lines around the circle represent data attempting to enter and exit our environment. The lock inside the circle represents the area where our sensitive information resides. This could be credit card data, PII (Personal Identifiable Information like DOB, SSN, wills, banking info, etc.), PHI (protected health information) and/or Client Data.
Who is trying to steal my data and how do they do it?
There are millions of cybercriminals across the world who come to work every day with the sole purpose of stealing information online that they can sell on the Dark Web for monetary gain. Over the years they have littered cyberspace with countless types of worms, bugs, viruses, ransomware, brute force hackers, trojans... you name it. There are over 500k new malware variants being launched into cyberspace daily. Unfortunately, as more and more people discover the internet, the problem will only continue to increase. The digital age is forcing us begin adopting a "defense in depth" mindset as we become more dependent on technology to live our lives.
There are 4 threat vectors around the security perimeter of every digital footprint that cybercriminals try to exploit.
1.People - Spouses, children, and/or business colleagues having or not having the awareness that these vulnerabilities exist, how they behave when they are confronted by a phishing email and how they respond. Are they a defense or liability? Knowledge is power.
2.Processes - Having formal policies and procedures in place with detailed guidelines and having been properly educated on the threats of cyber-attacks.
3.Facilities - This has to do with physical controls. Do you have locks in areas of your home or business where sensitive information can be accessed? If you have servers in house, are they under lock and key with 24-hour camera surveillance?
4.Technologies - Ensuring that the networks and applications you utilize have been properly vetted and can guarantee an acceptable level of security.
This applies to your digital footprint and the digital footprints of others that you interact with on a routine basis. Never feel shy about evangelizing what you learn about good cybersecurity hygiene with friends, family and business colleagues. It will enhance the security of everyone you interact with in cyberspace.
Cybersecurity experts are predicting 2018 will be more of the same that we saw in 2017 only with much more sophistication and perseverance. As new technology advances such as machine learning and artificial intelligence, so will the tactics of the bad guys.
Over the next few months, we will begin to break down each of these threat vectors and share ways you can begin to identify the security vulnerabilities that exist within digital footprints. We will arm you with the tools and knowledge to identify where those gaps are and provide guidance to install the proper security controls.
So, stay tuned and we look forward to continuing on in our journey to help our readers remain a step ahead of the cyber thugs and stay safe in cyberspace.
Questions? Send me a tweet @GoldskyRon.
Ron Frechette, Co-Founder & Managing Partner of GoldSky Security is a cybersecurity and healthcare entrepreneur who over the last several years dedicated his career to helping enterprise companies reduce the risks of cyber-attacks. Ron left the enterprise security world in 2015 and co-founded GoldSky Security, LLC. Ron's vision is to build cybersecurity firms across the US that exist to help small-midsize businesses implement affordable cybersecurity solutions. Ron can be reached at firstname.lastname@example.org