Cybersecurity is a constant struggle, in which a business strives to defend itself against attacks from organised cybercrime organisations, lone wolves who may just be randomly checking if a company’s systems happen to be vulnerable and, last but not least, internal threats such as overly curious or disgruntled employees.
The field of cybersecurity is therefore a kind of perpetual cat-and-mouse battle, bearing in mind that the task of those responsible for IT security is, for the most part, always one step behind the criminals. Why is this? The answer is found in zero-day vulnerabilities that are virtually impossible to avoid.
It is thus up to everyone in the company who is responsible for cybersecurity to put in place procedures and security mechanisms that reduce security risks to a reasonable level.
According to data published by the Slovenian Computer Emergency Response Team (SI-CERT) in its 2020 Annual Report on Cybersecurity, the number of incidents handled in Slovenia has been increasing almost every year, with the only fall recorded in 2015.
Number of cases handled by SI-CERT (with the percentage of phishing attacks shown with the brown line). SOURCE: Cert.si
Slovenia is no exception to global trends in this regard, its small size does not make it uninteresting, and language barriers have long since been overcome. Machine translation systems have already completely negated foreign criminals’ lack of knowledge of any local language. The damage done is also significant.
Cybersecurity the old-fashioned way
The practice of the now almost distant past was that a company would choose a firewall, configure it more or less appropriately, focus on closing or opening TCP/IP or UDP ports, and allow employees to connect to the company via a VPN service.
In the past, this was often quite enough to repel the vast majority of accidental cyberattacks on a company.
Another thing is true about the old days: most companies lacked – and many still do! – an overview of what was actually happening on their networks. Could they even tell that an intrusion had taken place?
Modern protection against cyberattacks
Of course, things have changed a lot since the days of floppy disks and dial-up modems. What’s more, during the COVID-19 crisis companies realised that they needed to enable their employees to adopt a hybrid way of working – from home as well as from the office.
At the same time, cyber criminals have realised that it is much easier to hack a user’s identity with some social engineering trick than to try and hack the fairly secure firewalls that are now available.
Moreover, today’s protection against cyberattacks is increasingly moving to the cloud, where security companies can use the signals they collect from all their users to identify new, unknown vulnerabilities in hardware and software much more quickly and reliably, deflecting attacks almost instantly and protecting users. And what’s perhaps more important for businesses, is that such solutions give companies a very detailed insight into what is happening within their organisation.