We’ve all probably heard people say, “My social media account has been hacked!” or “Please do not respond to any messages coming from me, my account has been taken over by someone else”. In these times where almost everyone is actively using the internet, all sorts of activities have been devised to corrupt and take advantage of others’ information. But still many of us refuse to accept that we may be potential targets of cyber attacks. For reasons such as, “I’m not always online.” or “My life is too boring, so why am I vulnerable?”, we think that we are exempted from this threat.
While it is difficult to argue with this reasoning, we should also consider that once we are digitally making connections through the internet, we are actually creating a network which is linked to us. You may not be making online banking transactions, but your mother might be. Your personal documents may not be as interesting as you think, but your boss’ surely are.
The point is, cyber security is a responsibility of each individual. Because believe it or not, you have something of value. We should always keep in mind that hackers are never choosy. Some would attack individuals who are easily swayed, while some work on hacking as a challenge. But one thing is for sure, they are looking for vulnerability.
As a private individual, we can lose so much. Aside from bank information, malicious files may be included into your system, but they can remove personal files as well.
Most companies have cyber insurance as part of their contingency plan for online security attacks. But does the insurance exempt them from attacks? Most definitely not. There is only a limit to the coverage of these insurances. And at most times, the coverage is based on the damages incurred after the attack. Sadly, that those who depend their online security on insurances, are most likely to realise the impacts of the attack when it has already occurred. Perhaps the reason behind is that, it is difficult to predict the success rate of a cyber attack, much more, the extent of potential risks and damages. But we should be aware that hackers are always on the move, innovating when and where they fail, to make the succeeding attacks favorable to them.
Another reason might be the absence of cyber attack incidents. Again, this does not eliminate the possibility of an attack. Just because we have not faced or encountered a hack, it does not assure us that it will not happen. Even solid firewalls can sometimes prevent us from seeing or anticipating a cyber security threat. Compliance with recommended security infrastructure is helpful, but still does not exempt us from vulnerability.
The next question is, what happens if we do not take cyber security seriously? First thing to anticipate is downtime in your IT infrastructure. During this period, your activities are expected to be minimised, if not completely terminated temporarily. There will be struggle in terms of correspondence and incoming and outgoing communication will be limited to only what is urgent. While this is a critical scenario especially for large industries, we should remember that getting the system back up again is more crucial, since it is difficult to detect when it is safest to turn it on again. By this time, all the IT personnel in the organisation is busy trying to regain control over the system. Deciding when to activate the IT infrastructure is a make or break for the company.
We may also question the stability of our online security once it is back. There is no way to verify the presence or absence of the attacker unless the system is activated. Of course, the activation comes with a significant risk of reclaiming our structure or losing even more. Also, there is the dilemma of questioning the chances of being exposed to another online threat. Let us not forget the extent of damage which the system has undergone. These concerns which are just as hard to determine.
Although there is a possibility that the online security has activated during the attack and that it may have secured a relevant portion of your information, the determination of what was compromised during the attack is also an issue. It is unlikely that the perpetrators will leave a trail behind for you to follow. Instead, they may even trick you through the use of malwares to make it harder to regain control of your system. This is what larger companies need to be wary of, because they may still be holding onto older computer systems that are dormant and not updated. They may have been replaced by latest acquisitions and have been taken for granted. This exposes them to a cyber threat.
If there is any good in this situation, it is that the victims become aware of the actual threat to online security. Being educated and trained in the matter is mostly necessary to prevent the occurrence of another cyber attack. For industrial institutions, empowerment of the workforce with sufficient cyber security knowledge is key to further strengthen the company. Sometimes, the biggest risk lies on the individuals who are unwittingly providing information. Though advanced system security shields the company’s fundamental infrastructure, it cannot protect the company from unsuspecting employees. Comprehensive corrective actions together with the proper information, can help them avoid losing millions and remain in their industry.
For most companies, reputation and integrity is of utmost priority. Cyber attacks can destroy this and may even cause the dissolution of the business. Customer satisfaction is easily damaged just as quickly as it is earned, and gaining the trust of clients is more difficult after the first time.
To sum everything, the protection of computers and communication devices will result to protection of the organization. To some people, online security means protection of one’s self, but it is actually about defending the whole network associated with one another. Furthermore, the management of risks must be highly considered rather than the mitigation of them. Proactive measures need to be practiced to ensure an effective system security is being implemented. As attackers continue to elevate their means, preparation and thorough planning of all possible scenarios can make a big difference in the effects of an attack.