Cybersecurity Myths and Realities

Many common myths surround the field of cybersecurity, often differing significantly from reality. Let's explore and debunk some of these myths.

Myth 1: “Digital and physical security are separate systems”

Reality: With advancements in automation and artificial intelligence, many physical devices such as biometric systems, CCTV cameras, and smartwatches are digitally connected and controlled. Hackers can target these devices, causing significant damage to physical resources.

Myth 2: “Cybersecurity is just an IT issue”

Reality: Once data is digitized, it needs protection regardless of whether it's stored in a data center or on an employee's mobile phone.

Myth 3: “Protecting yourself is good enough”

Reality: Organizations must monitor everything and everyone, including third parties such as subcontractors, subsidiaries, vendors, and accounting firms, as they can pose a threat.

Myth 4: “Going back to paper minimizes risk”

Reality: Paper copies can be unlawfully copied or removed without detection, posing significant security risks.

Myth 5: “Using antivirus software is enough”

Reality: Hackers have developed methods to bypass antivirus software, often hiding their attacks for months. With ransomware, the time between infection and damage can be almost instantaneous.

Myth 6: “We have a firewall. We’re in good shape”

Reality: Firewalls control traffic by creating Access Control Lists (ACLs). However, the biggest cyber threats often come from the behavior of authorized users within the firewall. Understanding what needs to be secured is crucial.

As we've learned, cybersecurity involves more than just installing antivirus software or having a strong firewall. It requires securing all aspects of an organization.

Security Layers in an IT Organization

Information Security

Protects valuable information in all forms, whether electronic, printed, handwritten, or verbal. This includes safeguarding intellectual property, trade secrets, email communications, and sensitive employee information.

Network Security

Ensures the availability, confidentiality, and integrity of data within the network. Mechanisms like firewalls prevent malicious traffic from entering the network.

Host Security

Protects the operating system from threats like viruses, worms, malware, and remote intrusions through preventive control techniques.

Application Security

Involves developing web applications with secure design and coding guidelines to prevent security flaws and vulnerabilities.

Human (People) Security

Focuses on creating awareness among employees about sharing sensitive information, downloading attachments from unauthorized sources, and handling organizational resources per policies.

Information security covers every aspect of an organization's security, including people, while cybersecurity focuses on protecting digital assets from internet-based threats. Therefore, host, network, and application security fall under the purview of cybersecurity.

Cybersecurity vs. Information Security

Cybersecurity can be viewed as a subset of information security, specifically dealing with the protection of digital assets from online threats.

Risks and Controls for Each Layer

Layer	Who/What Makes This Layer	Risks	Controls
People	Users (Employees, customers, contractors), developers, administrators, helpdesk	Social engineering, spear phishing, unnecessary access	Awareness, Education, Training, Identity Governance
Application Software	Web applications (internal & public), software components (frameworks, libraries), DBs	OWASP Top 10, SANS Top 25 Dangerous Software Errors	Threat modeling, Secure coding, Secure Testing (VA)
Network	Desktops, Laptops, System software (Operating System), Mobiles	Theft, Malware (Virus, Ransomware, Worm, Trojan Horse), Intrusion, Data Leak, Denial of Service, Sabotage, Man in the Middle Attack, Spoofing	Infrastructure Security: Anti-Virus, Intrusion Detection System, Firewall, SIEM, Endpoint Security, Data Leak Protection (DLP), Encryption, Digital Signature, Digital Certificates

Most cyberattacks target web applications rather than networks, as penetrating a network firewall is challenging. Thus, understanding how to build secure web applications and fix vulnerabilities is crucial.