Understand the concept of cybersecurity to (better) protect your business

Among all the sensitive subjects linked to the development of digital technology in the enterprise, there is one that worries more than any other: cybersecurity.

The recent Covid19 crisis has heightened these already present fears. The ensuing confinement and development of telecommuting have only served to highlight certain shortcomings in terms of corporate cybersecurity.

It's already a complex task to maintain security conditions within the confines of the corporate IT environment. As soon as you move to a more open environment, for example, by enabling employees to work remotely, the usual rules and tools quickly become obsolete.

A case in point is the "ZoomBombing" phenomenon that seems to have struck many videoconferences this spring. Fortunately, this was a well-publicized phenomenon, but relatively harmless in terms of its consequences.

Now that telecommuting, involving the use of new tools, has suddenly taken off, we're going to have to adapt our rules and behavior. Rules and tools, because cybersecurity is a technical matter. But behavior, because the human factor is paramount.

See all software Computer Security

Cybersecurity: definition and figures

What is cybersecurity?

Cybersecurity is a set of security measures, tools, laws and preventive measures designed to protect IT systems, computers, mobile devices and applications against malicious attacks from cyberspace.

According to ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), these attacks aim to "compromise the availability, integrity or confidentiality of data".

Cybersecurity authorities are therefore urging both large organizations and SMEs to implement a number of best practices to limit the risks associated with cybercrime.

The challenges of cybersecurity

This "desired state" is rarely achieved, since information systems and networks are constantly evolving. What is considered secure today may not be so next week.

Hence the need for constant adaptation of tools and behavior.

The government cyber-malware platform publishes the following figures for 2019:

• Over 90,000 victims were assisted on the platform in 2019, compared with 28,855 in 2018, an increase of over 210%. Of these victims, 90% are private individuals, who are often more vulnerable.
• Among professionals (businesses, local authorities and associations), assistance requests mainly concerned phishing (23%) and account hacking (16%).

According to the Confédération des Petites et Moyennes Entreprises (CPME), in 2019, 44% of companies with fewer than 50 employees had suffered a computer attack. Only 17% of these companies are insured against the risk of cyberattack.

Cybersecurity in France: a threat taken very seriously

The figures and definitions given above are proof: cybersecurity is now a recognized threat. Organizations, government departments and associations have been set up to counter it.

The aforementioned ANSSI supports companies, according to their profile, through consultancy, industrial policy and regulatory actions, in order to make security products and trusted services available. It is also involved in sovereignty issues.

Cybermalveillance.gouv.fr's mission is to help companies, individuals and local authorities who are victims of cybermalveillance, to inform them about digital threats and provide them with the means to defend themselves.

The Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques (CERT), part of the Agence nationale de la sécurité des systèmes d'information, is accessible 24/7. It keeps track of newly detected threats.

Its main missions are to

• detecting system vulnerabilities through technology watch; resolving incidents, if necessary with the worldwide CERT network;
• assisting in the implementation of measures to protect against future incidents;
• creating a network of trust.

Corporate cybersecurity: radically different types of threat

If people are not always fully aware of cybersecurity threats, it's because they can take very different forms.

As the statistics show, attacks are not necessarily technically complex. They often consist of a simple "scam" based on intimidation or fraud. In these cases, IT is merely the communication vector, the point of entry.

The fraudster frequently has a simple e-mail address, which he uses to contact his target. He will try to extort data from the target:

• either by threat
• or by manipulation.

This is the principle of phishing, spoofing or president fraud.

In the imaginary world, fuelled by the cinema in particular, it is the other aspect of cyber-malveillance that is most present. This consists of: attacks, intrusions, requiring a high level of technical skill, and putting the fraudster in direct contact with the company's data and network.

Those requiring advanced coding skills are much less common.

Ransomware and blocking: the 2 mainstays of hackers

Attacking computer systems with ransomware

The most frequent "technological" cyberattacks, and those with the greatest impact on businesses, are ransomware. They involve introducing malicious code into a machine or network, to block access or encrypt data.

Unlocking the code, i.e. obtaining the key to regain access to information, is then paid for at full price. In 2019 :

• the average cost charged by hackers has risen from $6,700 to $12,700,
• for the largest organizations, the average cost of a ransom is estimated at $286,000.

Denial of service: pushing computer systems to saturation point

Another fairly frequent form of malicious intent requiring technical expertise is the Distributed Denial of Service ( DDOS) attack.

The attacker makes a server inaccessible by sending multiple requests until it is saturated. The attacker can also exploit a security vulnerability to cause a service to shut down or operate in a severely degraded state.

This type of attack can lead to :

• loss of productivity
• possible loss of revenue for merchant sites
• a negative media image for the organization, which finds itself paralyzed.

Here again, the motivation may be to demand ransom in order to stop the attacks.

Cyber protection: protect yourself, but how?

As you can see, cybersecurity is far from being confined to a technical issue. It is therefore illusory to rely solely on one or more software tools when it comes to security. This would render your organization impervious to any threat.

All serious experts agree: you need to act simultaneously, and constantly, on several fronts. The objective is therefore to implement simple security solutions within the company's reach.

Employee training

First and foremost, vulnerabilities are human. All CIOs know that even today, a simple forgotten post-it note mentioning a password can thwart months of IT work.

So, the basis of enhanced cybersecurity remains information and training for employees. All the more so in the current context mentioned in the introduction, where telecommuting is on the increase, encouraging the BYOD (Bring Your Own Device) phenomenon. Smartphones in particular are new vectors of intrusion, making organizations more vulnerable.

Fortunately, new biometric security technologies are highly effective, even if they can sometimes be circumvented (facial recognition has its flaws).

Between people and technology, good practice can work wonders. For example, well-organized backups are a simple solution to complex attacks. Ransomware has little impact if data is backed up and up to date.

Cybersecurity tools

Beyond the human element, the use of powerful, up-to-date software tools is essential. The best-known of these is, of course, antivirus software, which must be installed on all terminals used by employees, including smartphones.

Backup tools and password managers should also be used on a large scale.

Firewalls are indispensable, and here we enter a category of tools that requires the intervention of experts, especially if they are used on an organization-wide scale.

See all software Computer Security

The Data Protection Officer: a key cybersecurity function

In conclusion, the most effective approach to cybersecurity is to use all the practices, specialized organizations and tools within a comprehensive and complex system.

In this respect, the appointment of a Data Protection Officer (DPO) is a possibility for large companies, in order to best protect sensitive data and limit the risks of intrusion.